1208 hack event(s)
Description of the event: SVT tokens were attacked by flash loans, and the economic model loopholes of SVT transaction contracts were exploited. The attackers made approximately $400,000 in profit from repeated buying and selling operations. According to MistTrack analysis, the attacker’s initial funds came from SwftSwap, and 1070 BNB has been transferred to Tornado Cash.
Amount of loss: $ 400,000 Attack method: Flash Loan Attack
Description of the event: PEPE said on Twitter that 16 trillion pieces of PEPE were sold yesterday because three former members deleted the multi-signature permissions after stealing tokens. However, Jeremy Cahen, founder of the NFT market Not Larva Labs, issued a post saying that the "truth" announced by PEPE was a complete lie, and said that he and the community were used by the PEPE team. On August 26, PEPE tweeted that PEPE's Telegram group is currently locked, the group owner's old Telegram account was hacked, and the group has been taken over by hackers.
Amount of loss: - Attack method: Unknown
Description of the event: NFT collector SOL Big Brain lost about $1.5 million. Attackers compromised the Telegram account of a portfolio company founder and used it to send messages to SOL Big Brain, which double-checked that the sender was indeed the company founder and followed instructions. However, the attackers have set up a contract that uses wallets that allow phishing to drain SOL Big Brain. He lost $740,000 in stablecoins, $550,000 in ETH, and $200,000 in GEAR tokens.
Amount of loss: $ 1,500,000 Attack method: Phishing Attack
Description of the event: Base on-chain exit scam Magnate Finance has seen its TVL drop by ~$6.4M as the deployer modifies the price oracle provider and removes all assets. On-chain sleuth ZachXBT says the Magnate Finance deployer address is linked to exit scams Solfire, Kokomo Finance. Magnate Finance's website and social platforms are currently down and its Telegram group has been deleted. According to MistTrack monitoring, funds have cross-chained from Base to ETH, Arbitrum, and Optimism.
Amount of loss: $ 6,400,000 Attack method: Rug Pull
Description of the event: Bankruptcy claims agency Kroll experienced a cybersecurity incident that resulted in the disclosure of non-sensitive customer data of certain claimants in pending bankruptcy cases, FTX said on X Platforms. FTX's own system is not affected by this incident. BlockFi claimant data was also compromised in the incident. On August 26, FTX issued a document stating that in response to the Kroll cybersecurity incident, FTX has taken precautionary measures to temporarily freeze the affected user accounts in the customer claims portal.
Amount of loss: - Attack method: Information Leakage
Description of the event: Balancer says it has received reports of a critical vulnerability affecting multiple V2 pools. Emergency mitigation procedures have been implemented to secure the majority of TVL, but some funds remain at risk. Users are advised to immediately withdraw affected LPs. According to news on August 28, Balancer’s losses have exceeded $2.1 million, and multiple fund pools on Ethereum, Fantom, and Optimism have been affected.
Amount of loss: $ 2,100,000 Attack method: Flash Loan Attack
Description of the event: A fake "LayerZero" token on the BSC chain has had a lot of liquidity removed. The deployer removed 4,827.99 WBNB worth about $1 million. The contract address of the fake token is 0x2266362f414Bf2476C5465dc2eA953Fe2A99AE1c.
Amount of loss: $ 1,000,000 Attack method: Rug Pull
Description of the event: Derivatives marketplace Thales issued an announcement that a core contributor’s PC/Metamask had been hacked and that some hot wallets acting as casual deployers ($25k) or admin bots ($10k) had been compromised. Do not interact with any Thalesmarket contracts on the BNB Chain and revoke any contracts that are pending approval. All funds are safe on Optimism, Arbitrum, Polygon and Base. Thales said that due to the attack, support for the BSC will be officially dropped.
Amount of loss: $ 35,000 Attack method: Information Leakage
Description of the event: Harbor Protocol, the Cosmos ecological cross-chain stablecoin protocol, tweeted that Harbor Protocol was exploited, causing stablecoin minting and part of the funds in stOSMO, LUNA and WMATIC vaults to be depleted. From the information gathered so far, the attackers used the following address to perform all operations: comdex1sma0ntw7fq3fpux8suxkm9h8y642fuqt0ujwt5. Harbor Protocol lost 42,261 LUNA, 1,533 CMDX, 1,571 stOSMO, and 18,600,000,000,000,000 WMATIC-WEI in the attack.
Amount of loss: $ 20,000 Attack method: Contract Vulnerability
Description of the event: The DeFi lending protocol Exactly Protocol was attacked and lost more than 7,160 ETH (approximately $12.04 million). The two contract attackers attack by calling the function kick() multiple times and use the developer contract on Ethereum to transfer deposits to Optimism and eventually transfer the stolen funds back to Ethereum. The root cause of the Exactly Protocol attack is #insufficient_check, the attacker bypasses the permission check in the leverage function of the DebtManager contract by directly passing an unverified fake market address and changing _msgSender to the victim address. Then, in an untrusted external call, the attacker re-enters the crossDeleverage function in the DebtManager contract and steals the collateral from the _msgSender class. Exactly Protocol tweeted that the suspension of the agreement has been lifted, users can perform all operations, and no liquidation has occurred. The hack only affected users using the peripheral contract (DebtManager), the protocol is still functioning normally.
Amount of loss: $ 7,300,000 Attack method: Unchecked Input Data
Description of the event: On-chain analyst ZachXBT tweeted that there was an issue with Made by Apes’ SaaSy Labs APl, an on-chain licensing application platform launched by BAYC, allowing access to personal details for MBA applications. This issue was reported to Yuga Labs before disclosure and has since been fixed. Yuga Labs responded that it is currently uncertain whether there is a case of data misuse, is contacting anyone who may have exposed information, and will provide fraud and identity protection to any users who may need it.
Amount of loss: - Attack method: Information Leakage
Description of the event: The lending protocol SwirlLend team stole about $2.9 million in cryptocurrency from Base and $1.7 million worth of cryptocurrency from Linea, all of which were cross-chained to Ethereum. As of now, the deployer has transferred 254.2 ETH to Tornado Cash. SwirlLend's official Twitter and Telegram accounts have been logged out, and its official website is also inaccessible.
Amount of loss: $ 460,000 Attack method: Rug Pull
Description of the event: The Base ecological project RocketSwap was attacked. The attacker cross-chained the stolen assets to Ethereum, resulting in a loss of 471 ETH (approximately $868,000). RocketSwap said: "The team needs to use offline signatures and put the private key on the server when deploying Launchpad. It is currently detected that the server has been brute-forced, and because the farm contract uses a proxy contract, there are multiple high-risk permissions that lead to the transfer of farm assets."
Amount of loss: 471 ETH Attack method: Private Key Leakage
Description of the event: The official Sei Network Discord server has been compromised, please do not click on any links until the team confirms that they have regained control of the server.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The official Twitter account of Ethereum expansion solution Metis was stolen. According to officials, team members fell victim to a Sim Swap attack, resulting in malicious actors being able to take over the account for approximately 30 hours.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The Zunami Protocol on Ethereum suffered a price manipulation attack and lost 1,179 ETH (approximately $2.2 million). The reason for the incident is that the calculation of LP price in the vulnerable contract depends on the CRV balance of the contract itself and the conversion ratio of CRV in the wETH/CRV pool. The attacker manipulated the LP price by transferring CRV to the contract and manipulating the conversion ratio of the wETH/CRV pool. According to MistTrack analysis, ETH has been transferred to Tornado Cash at present.
Amount of loss: $ 2,200,000 Attack method: Price Manipulation
Description of the event: Hexagate tweeted that about $200,000 has been exploited from a single MEV Bot in the past few days, including BNBChain, Ethereum, Polygon, and Arbitrum.
Amount of loss: $ 200,000 Attack method: Unknown
Description of the event: An admin on the Fetch discord server showing the username "Atari_buzz1kLL" has had their @discord account compromised. Please do not interact with any posts on our Discord until the issue has been resolved. There is no Fetch airdrop happening right now.
Amount of loss: - Attack method: Discord was hacked
Description of the event: Crypto infrastructure company Fireblocks has disclosed a series of vulnerabilities (collectively referred to as "BitForge") affecting various popular crypto wallets that use multi-party computation (MPC) technology, CoinDesk reported. The company classified BitForge as a "zero-day" vulnerability, and Coinbase, ZenGo, and Binance — the three companies most affected by BitForge — have already worked with Fireblocks to fix the underlying vulnerability. "If not remediated, the vulnerabilities would allow attackers and malicious insiders to siphon funds from the wallets of millions of retail and institutional customers in seconds, without the knowledge of users or providers", Fireblocks said.
Amount of loss: - Attack method: BitForge Vulnerability
Description of the event: The Twitter account of Blockchain Capital, an encryption venture capital organization, was stolen this morning, and multiple tweets were posted to promote token claim scams. At present, the relevant fraudulent tweets have been deleted, and the Twitter account has now been restored.
Amount of loss: - Attack method: Twitter was hacked