1843 hack event(s)
Description of the event: The AdsPower security team discovered a breach in which hackers distributed malicious code, resulting in the compromise of some third-party browser extensions.
Amount of loss: $ 4,700,000 Attack method: Supply Chain Attack
Description of the event: According to monitoring by the SlowMist security team, due to a lack of input validation in @odosprotocol, the vulnerability has been exploited across multiple chains, resulting in approximately $100,000 in losses. ODOS stated in a post that the attack exploited a vulnerability in its audited executor contract, allowing the theft of revenue stored within the contract but not affecting any user funds.
Amount of loss: $ 100,000 Attack method: Contract Vulnerability
Description of the event: The Singapore-based Phemex cryptocurrency exchange's hot wallets were hacked, resulting in a loss of approximately $70 million.
Amount of loss: $ 70,000,000 Attack method: Unknown
Description of the event: According to The Block, Nasdaq's official X account was hacked, and the attackers used it to promote fraudulent meme coins.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to monitoring by the SlowMist security team, AST was allegedly attacked on BSC.
Amount of loss: $ 64,700 Attack method: Contract Vulnerability
Description of the event: MetaMask posted on X: “This morning, our co-founder Dan Finlay's Farcaster account was compromised and used to promote a memecoin. We are in touch with the Farcaster team to help investigate the incident."
Amount of loss: - Attack method: Account Compromise
Description of the event: A Twitter account named @TrumpDailyPosts, with over 1.3 million followers, not only automatically crossposts Donald Trump's Truth Social posts to Twitter but also shares Trump-related news and other tweets. This X account promoted at least four meme coins, with the posts being deleted within minutes after sharing, resulting in approximately $1.25 million in losses.
Amount of loss: $ 1,250,000 Attack method: Unknown
Description of the event: Stability AI's official X account posted information related to the STAI token contract, which appears to have been compromised. Be cautious to avoid falling victim to a scam.
Amount of loss: - Attack method: Account Compromise
Description of the event: The ZKsync team tweeted that the @ZKsyncIgnite account has been compromised. Do not interact with the account or click any links. Wait for the @zksync account to confirm when the account has been reclaimed.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to Scam Sniffer's monitoring, the X account of the decentralized autonomous wireless network project DAWN was compromised and used to post phishing tweets.
Amount of loss: - Attack method: Account Compromise
Description of the event: The CAT Protocol within the Bitcoin ecosystem posted on Platform X, stating that they recently detected and mitigated an attempted attack on the CAT Protocol, confirming that no user funds were lost. On January 18, CAT Protocol updated on Platform X that the recent security incident had been amicably resolved and classified it as a white-hat action.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The attacker exploited a vulnerability in The Idols project's smart contract to steal 97 stETH (approximately $324,000) from the project.
Amount of loss: $ 324,000 Attack method: Contract Vulnerability
Description of the event: Moonray's Discord was Compromised, and the attackers posted fraudulent airdrop messages. Users are advised to stay cautious and aware of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: On January 13, 2025, the SlowMist MistEye security monitoring system detected an attack on UniLend, resulting in a loss of ~$197K.
Amount of loss: $ 197,600 Attack method: Contract Vulnerability
Description of the event: According to Foresight News, the Foresight Ventures X account was hacked and is currently in the process of being recovered. Please do not click or trust any links or token information posted by this account.
Amount of loss: - Attack method: Account Compromise
Description of the event: The X account of Ryan Zarick, co-founder and CTO of LayerZero Labs, was briefly compromised and used to post a fraudulent airdrop claim along with a phishing link.
Amount of loss: - Attack method: Account Compromise
Description of the event: Litecoin posted on X, stating that their X account was briefly compromised and some unauthorized content was published. These posts were deleted within seconds. They are still investigating the incident but have immediately found a delegated account that was compromised and removed it.
Amount of loss: - Attack method: Account Compromise
Description of the event: BUIDL was suspected to have been attacked on BSC, resulting in an approximate loss of $8K.
Amount of loss: $ 8,000 Attack method: Contract Vulnerability
Description of the event: The SuperVerse X account was compromised and used to post a fraudulent airdrop claim containing a phishing link.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the blockchain AI project Aizel Network was hacked at noon on January 11 and is currently in the process of being recovered. The official reminder to users is to be cautious of the content posted by this account, do not trust any token information, and avoid clicking on any suspicious links or participating in any suspicious activities.
Amount of loss: - Attack method: Account Compromise