1843 hack event(s)
Description of the event: tong, the founder of Holoworld AI, posted on X stating that the Holoworld AI X account has been hacked. Please do not click on any links.
Amount of loss: - Attack method: Account Compromise
Description of the event: Multiple attack transactions targeting the Alien Base BunniHub contract resulted in a loss of approximately $38,000.
Amount of loss: $ 38,000 Attack method: Contract Vulnerability
Description of the event: FortuneWheel was suspected to have been attacked on BSC, resulting in an approximate loss of $21.6K.
Amount of loss: $ 21,600 Attack method: Price Manipulation
Description of the event: Virtuals Protocol announced on X that their official Discord server has been compromised. They advised users not to click on any posts or private messages from administrators until further notice.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Arbitrum-based liquidity management project Orange Finance suffered a $830,000 asset theft due to a misconfigured multi-sig. The attacker gained ownership of each vault, modified their implementations, and withdrew both the deposited assets and excessively approved funds. About 94% (roughly $780,000) of the total loss came from deposited assets, while the remaining 6% (around $47,000) resulted from excessive approvals.
Amount of loss: $ 830,000 Attack method: Private Key Leakage
Description of the event: According to Moby Post-Mortem Report, on January 8, an attacker took control of the Private Key used to authorize upgrades to Moby’s core contracts, compromising the protocol. This led to the exposure of 3.77 wBTC, 207.76 wETH, and 1,500,351.5 USDC in the sOLP and mOLP liquidity pools. Of the stolen funds, 1,470,091.74 USDC was recovered with the assistance of Seal911 team.
Amount of loss: $ 2,500,000 Attack method: Private Key Leakage
Description of the event: HORS was suspected to have been attacked on BSC, resulting in an approximate loss of $10.3K.
Amount of loss: $ 10,300 Attack method: Contract Vulnerability
Description of the event: IPC was suspected to have been attacked on BSC, resulting in an approximate loss of $590K.
Amount of loss: $ 590,000 Attack method: Contract Vulnerability
Description of the event: Mosca was reportedly attacked on BSC, resulting in an approximate loss of $19,500.
Amount of loss: $ 19,500 Attack method: Contract Vulnerability
Description of the event: The official X account of Solv Protocol has been compromised. Users are advised not to click on any suspicious links.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the Babylon was compromised, and the hacker used it to post tweets containing phishing links.
Amount of loss: - Attack method: Account Compromise
Description of the event: Sorra was suspected to have been attacked on ETH, resulting in an approximate loss of $43K.
Amount of loss: $ 43,000 Attack method: Contract Vulnerability
Description of the event: lmk.fun (formerly Scopescan) issued an alert on the X platform, warning that the X account of the Web3 knowledge graph protocol 0xScope (@ScopeProtocol) has been hacked. Users are advised not to click on any links or trust any content posted by the account. An investigation and recovery are currently in progress.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the RWA lending protocol Centrifuge was compromised, and fake information was posted.
Amount of loss: - Attack method: Account Compromise
Description of the event: LAURA was suspected to have been attacked on ETH, resulting in an approximate loss of $48.2K.
Amount of loss: $ 48,200 Attack method: Contract Vulnerability
Description of the event: The peer-to-peer cryptocurrency trading platform NoOnes suffered a major security breach earlier this month. CEO Ray Youssef explained that the breach occurred on January 1st due to an exploit involving their Solana bridge.
Amount of loss: $ 7,200,000 Attack method: Unknown
Description of the event: According to monitoring by Scam Sniffer, the X account of Superchain Eco (@SuperchainEco) was compromised and used to post phishing links.
Amount of loss: - Attack method: Account Compromise
Description of the event: The FEG project suffered an attack resulting in a loss of approximately $1 million. Analysis suggests that the root cause of the incident appears to be a composability issue arising from the integration with the underlying Wormhole cross-chain bridge, which facilitates cross-chain message and token transfers.
Amount of loss: $ 1,000,000 Attack method: Security Vulnerability
Description of the event: Standing on Bizness (BIZNESS) appears to have been subjected to a reentrancy attack on Base, resulting in an estimated loss of $15,700.
Amount of loss: $ 15,700 Attack method: Reentrancy Attack
Description of the event: Animoca Brands tweeted that @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please do not engage with the account and stay vigilant.
Amount of loss: - Attack method: Account Compromise