1486 hack event(s)
Description of the event: According to official news, the zkSync team announced the cause of the downtime on Twitter. Block generation stopped due to a block queue database failure. Despite this, the server API was not affected. Transactions continue to be added to the mempool, and queries are served normally. Although all components had comprehensive monitoring, logging, and alerting, no alerts were triggered because the API was functioning properly.
Amount of loss: - Attack method: Downtime
Description of the event: The address of Patricio Worthalter, founder of POAP, was attacked by phishing. The attacker transferred 85,898 RPL (approximately $3.83 million) from Worthalter’s address to DEX, and sold all RPL at a price of 1,802 ETH (approximately $3.25 million). price drop.
Amount of loss: $ 3,830,000 Attack method: Phishing Attack
Description of the event: Safemoon, a DeFi protocol based on the BNB chain, was attacked, and its liquidity pool lost nearly $8.9 million. Safemoon CEO John Karony said on Twitter: "This security incident affected the SFM:BNB LP pool and other LP pools on DEX were not affected. We have located the suspected vulnerability and fixed it. " According to analysis, the recent update may have introduced a "public destruction vulnerability", which facilitated hacker attacks. The hacker was able to use code functionality to artificially inflate the price of SFM tokens, then sell enough tokens back to the liquidity pool in the same transaction, effectively draining WBNB from the contract. On April 20, the SafeMoon attacker returned 80% of the stolen funds, that is, transferred 21,804 BNB (approximately $7.2 million) to the SafeMoon vault wallet, leaving the remaining 20% as a bounty.
Amount of loss: $ 8,900,000 Attack method: Contract Vulnerability
Description of the event: Kokomo Finance conducted an exit scam and stole ~$4 million in user funds.
Amount of loss: $ 4,000,000 Attack method: Rug Pull
Description of the event: EC token deployer addresses withdrew approximately $43,800 from the liquidity pool.
Amount of loss: $ 43,800 Attack method: Rug Pull
Description of the event: Defunct Swerve Finance still subject of $1.3 million live governance hack
Amount of loss: $ 1,300,000 Attack method: Governance Attack
Description of the event: The FASTSWAP (FAST) project on BNB Chain was attacked by a flash loan and lost 26.77 BNB
Amount of loss: 26.77 BNB Attack method: Flash Loan Attack
Description of the event: Circle tweeted that the Circle Chief Strategy Officer's Twitter account (@ddisparte) has been taken over by a scammer. Any link to an offer is a scam. We are investigating this situation and taking appropriate action. Earlier, Circle’s Chief Strategy Officer tweeted that a loyalty rewards distribution program would be launched for USDC holders. However, the tweet has now been deleted.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: According to news, the NFT series "Archive of PEACEMINUSONE" released by Korean singer Quan Zhilong has the previously disclosed CVE-2022-38217 general vulnerability, and the possibility of being used by hackers cannot be ruled out.
Amount of loss: - Attack method: CVE-2022-38217 general vulnerability
Description of the event: Indexed Finance's ORCL5 Token contract was attacked by a flash loan and lost $9,925. Root cause preliminary analysis is that "calcSingleOutGivenPoolIn()" calculates wrong value of tokenAmountOut.
Amount of loss: $ 9,925 Attack method: Flash Loan Attack
Description of the event: According to news, the Harvest_Keeper project maliciously transferred user funds, involving an amount of about 933,000 US dollars. Through the data on the chain, it was found that the attacker used the owner authority to transfer the USDT pledged by the user in the HarvestKeeper contract by calling the getAmount function, and then the attacker used the user's token authorization to the EOA account to transfer the user's funds through the EOA multiple times.
Amount of loss: $ 933,000 Attack method: Insider Manipulation
Description of the event: ParaSpace is suspected to have been attacked and it appears that 2,900 WETH were transferred out, with many claiming inconsistent data on the number of loans, health factors and cAPE amounts. However, a security firm tweeted that it had stopped the attack on ParaSpace, saving 2900 ETH assets. ParaSpace tweeted that all user funds and assets on ParaSpace are currently safe, no NFTs were lost, and the financial loss of the protocol was minimal, between 50-150 ETH, due to hackers The slippage caused by the token exchange during the attack.
Amount of loss: 150 ETH Attack method: Contract Vulnerability
Description of the event: According to the official Twitter, the General Bytes encrypted currency ATM service was attacked on March 17 and 18. The attacker used the upload interface in the system to upload and run a malicious Java program, and then the attacker obtained the permissions of the database in the server and Hot wallet withdrawal API Key. According to SlowMist MistTrack, the loss was about $1.8 million.
Amount of loss: $ 1,800,000 Attack method: Malicious software
Description of the event: According to the BBC, a scam called iEarn Bot has affected thousands of victims in several countries. In the scam, victims were persuaded to sign up for an "AI intelligent quantitative trading robot" called iEarn Bot, which appeared to successfully trade cryptocurrencies on their behalf. However, after some time, the victims realize that they are unable to withdraw their due earnings nor withdraw the funds they invested. iEarn Bot claims to be an American company, despite its website being riddled with misinformation. The man identified as the company's founder told the BBC he had nothing to do with the scheme, with companies and institutions listed as "strategic partners" saying they had no such partnerships. The BBC uncovered a cryptocurrency wallet that received payments from around 13,000 other people totaling close to $1.3 million.
Amount of loss: $ 1,300,000 Attack method: Scam
Description of the event: Poolz Finance's LockedDeal contract was hacked and lost about $500,000. The attacker called the vulnerable function CreateMassPools in the LockedDeal contract, and triggered an integer overflow vulnerability in the parameter _StartAmount. In addition to obtaining a large number of poolz tokens, the attacker also obtained other tokens.
Amount of loss: $ 500,000 Attack method: Contract Vulnerability
Description of the event: Yearn Finance tweeted: “While there is no direct exposure to Euler, some vaults are indirectly exposed to the hack. Vaults using the Idle and Angle strategies have a combined exposure of $1.38 million on yvUSDT and yvUSDC. The developers are currently actively working on the affected protocol, any remaining bad debt will be borne by the Yearn Treasury, and all vaults will remain open and fully operational for users as usual." On May 3, Yearn Finance tweeted that all funds impacted by the march Euler hack have now been recovered. The affected vaults were yvUSDC & yvUSDT, with these strategies having indirect exposure: Idle Finance v4 [Best yield] and Angle Standard LP.
Amount of loss: $ 1,380,000 Attack method: Affected by Euler Finance Attack
Description of the event: The DeFi protocol Idle Finance tweeted that after investigation, the estimated exposure of the Euler Finance vulnerability to the protocol Yield Tranches was $5.6628 million, and the estimated exposure of Best Yield vaults was about $5.3271 million, for a total of about $10.99 million.
Amount of loss: $ 10,990,000 Attack method: Affected by Euler Finance Attack
Description of the event: Yield Protocol, a fixed-rate lending agreement, posted an update on Twitter saying: "All collateral deposited by borrowers on Yield Protocol appears to be safe. Collateral is not deposited into Euler, but is kept in Yield Protocol. Euler hack Affected our mainnet liquidity pool. The Yield liquidity pool holds two assets: Euler eTokens and Yield fyTokens. We do not yet have exact figures for the value of eTokens held prior to the attack, but believe the total value is less than $1.5 million. " On April 25, Yield Protocol tweeted that "we have successfully claimed the recovered funds from Euler. The funds are being held in the timelock. We are now taking the steps to restart Yield Protocol and to enable withdraws. We expect this complicated process to take several weeks to complete."
Amount of loss: $ 1,500,000 Attack method: Affected by Euler Finance Attack
Description of the event: Harvest said that USDC, USDT, and WETH Vault were affected because of the use of Idle. Currently Harvest has not explained how to deal with it, and reminds users not to interact with these vaults until the problem is resolved.
Amount of loss: - Attack method: Affected by Euler Finance Attack
Description of the event: Sherlock is a DeFi security provider that provides smart contract auditing and insurance services. When Euler first launched, it entered into a $10 million partnership with Sherlock, who was responsible for auditing Euler's smart contracts and providing insurance for Euler. After Euler was attacked, Sherlock has passed a vote to pay Euler $4.5 million.
Amount of loss: $ 4,500,000 Attack method: Affected by Euler Finance Attack