DeFAI smart wallet platform Holdstation has confirmed a security breach that resulted in the loss of 462,000 USDT. The announcement was made through the company’s verified X account, where the team stated that it is actively investigating the incident and preparing a compensation plan for affected users. The breach was first disclosed on February 24, when Holdstation informed users that it had experienced a security incident. At that time, the full extent of the damage was still being assessed. The team advised users to remain calm, follow only official communication channels, and transfer their funds to secure wallets as a precaution.
By February 25, the company confirmed the total loss at 462,000 USDT. In its latest update, Holdstation emphasized that it is taking the matter seriously and working to strengthen all security layers. The team assured users that transparent updates will continue and that a detailed compensation plan will be shared soon.
This incident marks the second security breach involving Holdstation in less than a month. In late January 2026, the platform suffered another compromise that led to approximately 100,000 dollars in losses. During that attack, assets including WLD, USD1, BNB, and BERA were drained across multiple networks such as World Chain, BSC, Berachain, and zkSync. The stolen funds were later consolidated into Ethereum and bridged to Bitcoin. At the time, the team attempted to recover the funds by posting an on-chain message offering a bounty to the attacker, though further details about the outcome were not disclosed.
The repeated breach has raised concerns within the crypto community. DeFi security monitoring account DefimonAlerts highlighted that this was the second exploit within a short period and noted that the latest loss was significantly larger than the previous one.
As of now, Holdstation has not disclosed the technical details behind the exploit. It remains unclear whether the breach involved private key compromise, smart contract vulnerabilities, approval exploits, or infrastructure-related issues. The investigation is ongoing.
In the meantime, the team has advised users to safeguard their assets by transferring funds to secure personal wallets such as MetaMask or hardware wallets, revoking any active token approvals, and avoiding unsolicited messages or suspicious links related to compensation claims.
The 462,000 USDT loss highlights the ongoing security challenges within the DeFi ecosystem in 2026. With two incidents occurring within a short timeframe, attention is now focused on how Holdstation will address security improvements and implement its promised compensation plan.This incident follows a broader trend of major security events in the sector, much like the recent Blend Protocol exploit where $10.8M was stolen from Stellar’s YieldBlox pool via oracle manipulation.
