1513 hack event(s)
Description of the event: Mycelium, a perpetual agreement, tweeted that due to the oracle feeding problem of the ETH-USD trading pair, MLP suffered a loss of 4~6% from robot arbitrage (the current pool size is about $6.6 million, and the estimated loss is about $300,000), but the team has fixed the loophole and resumed trading. The reason for this is that due to the fact that Binance began blocking US IPs in late December, one of Mycelium's three oracle data vendors went offline, and the other vendor also seemed to have gone wrong overnight, resulting in prices relying only on Coinbase and Bitfinex. Coinciding with about 4 pm yesterday, Bitfinex's ETH-USD feed price fluctuated significantly, and the spread was extremely large, perhaps the arbitrage robot detected the spread and began to arbitrage at a higher than usual amount, resulting in a loss of MLP.
Amount of loss: $ 300,000 Attack method: Oracle Attack
Description of the event: The official Twitter account of CyberKongz in the NFT project was attacked by hackers, who replaced the homepage links, etc. with phishing links and released false Mint information. At present, the account has been renamed and is under freezing protection.
Amount of loss: $ 50,000 Attack method: Twitter was hacked
Description of the event: Aurelien Michel, developer of MAYC's Mutant Ape Planet NFT series, has pleaded guilty after being arrested on charges of defrauding $2.9 million. Aurelien Michel and the other defendants marketed the Mutant Ape Planet NFT to potential buyers with promises including “rewards, sweepstakes, exclusive access to other crypto assets, and community-controlled wallets to fund the marketing of the NFT collection.” The project developer also implicitly promises that NFT holders can obtain "metaverse land". However, none of Michel's promises were kept. When all the NFTs were sold, Michel and the other defendants allegedly transferred the proceeds of $2.9 million to other wallets, including wallets under Michel’s control.
Amount of loss: $ 2,900,000 Attack method: Scam
Description of the event: Nikhil Gopalani, chief operating officer of Nike's encrypted fashion brand RTFKT, tweeted that he was attacked by a phisher and lost more than $173,000, including 19 CloneX NFTs, 18 RTKFT Space Pods, 11 CryptoKicks, etc. Gopalani believes the phishing attack may have been the result of accidentally providing confidential information to hackers posing as Apple representatives.
Amount of loss: $ 173,000 Attack method: Phishing attack
Description of the event: Luke Dashjr, one of the original Bitcoin Core developers, claimed on Twitter that attackers had managed to compromise multiple wallets, with more than 216 BTC (approximately $3.6 million) stolen. Dashjr initially blamed the attack on a leaked PGP key, but later said the PGP leak was just part of a broader hack in which the attacker also bypassed two-factor authentication and gained access to his wallet.
Amount of loss: 216 BTC Attack method: Private Key Leakage
Description of the event: About a week ago, Arbitrum-based project DictumExchange announced an airdrop. It turned out to be a scam.
Amount of loss: - Attack method: Rug Pull
Description of the event: The Twitter account of celebrity investor Kevin O’Leary was hacked on Thursday and used to promote a bitcoin and ethereum giveaway scam, Bitcoin.com reported. The hacker claims that Mr. Wonderful (Kevin O’Leary) is giving away 5,000 BTC and 15,000 ETH, and the tweet also provides a link so anyone can participate. The scam giveaway posts have now been removed by Twitter a few hours after they were posted.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Several users claimed that their funds were stolen in the official Telegarm group of BitKeep, a Web3 multi-chain wallet. BitKeep issued an announcement saying that after preliminary investigation by the team, it is suspected that some APK package downloads were hijacked by hackers, and the packages implanted by hackers were installed. At present, funds on multiple chains have been damaged, and only BNB Chain has lost more than 3 million US dollars.
Amount of loss: $ 9,000,000 Attack method: Unknown
Description of the event: The multi-chain exchange protocol Rubic was hacked and lost more than $1.4 million. The attacker has transferred 1,100 ETH to the Tornado Cash mixing protocol. According to the analysis of the SlowMist security team, the root cause of the attack is that the Rubic protocol wrongly added USDC tokens to the Router whitelist, resulting in the theft of USDC tokens of users authorized to the RubicProxy contract.
Amount of loss: $ 1,400,000 Attack method: Data incoming error
Description of the event: On December 23, Defrost Finance V2, the Avalanche ecological native stablecoin project, was attacked by a flash loan, and the hackers made a profit of $173,000. On December 25th, Defrost Finance V1 went wrong again, hackers managed to steal the owner’s key, the protocol was added with fake collateral tokens, and a malicious price oracle was used to liquidate current users, with losses estimated at more than $12 million. On December 27, the hackers who carried out the attack on Defrost Finance V1 have returned the stolen funds.
Amount of loss: $ 12,173,000 Attack method: Private Key Leakage
Description of the event: Password management platform LastPass said a hacker accessed a cloud-based storage environment using information previously obtained in an incident they disclosed in August 2022, and some source codes and technical information were stolen and used to attack another employee , to obtain credentials and keys for accessing and decrypting certain storage in cloud-based storage services.
Amount of loss: - Attack method: Information Leakage
Description of the event: Quantitative trading company mgnr has deleted all tweets and quit some groups, leaving only 0.097 Ethereum in its wallet address. The address with the domain name mgnr.eth transferred 43.6 million USDC to Coinbase on November 14, and at the same time transferred 8 million USDC and 0.1 Ethereum to the Genesis Trading address.
Amount of loss: $ 52,000,000 Attack method: Rug Pull
Description of the event: In response to an attack, Raydium tweeted that a patch has been put in place so far to prevent further attacks. This attack has nothing to do with the escalated privileges of the program itself. The vulnerability seems to stem from a Trojan horse attack and the leakage of the private key of the liquidity pool owner account. The attacker gained access to the pool owner account and was then able to call the withdraw pnl function, which is used to collect transaction/protocol fees earned on swaps in the pool. The affected pools include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, RAY-SOL, stSOL-USDC, ZBC-USDC, UXP-USDC, and whETH-USDC, with a total loss of approximately $4.395 million.
Amount of loss: $ 4,395,000 Attack method: Private Key Leakage
Description of the event: The NimbusPlatform project on the BSC chain was attacked, and the attacker made a profit of about 278 BNB. According to the analysis of SlowMist, the main reason for this attack is that the calculation of rewards only depends on the number of tokens in the pool, which leads to being manipulated by flash loans, thereby obtaining more rewards than expected.
Amount of loss: 278 BNB Attack method: Contract Vulnerability
Description of the event: Polynomial Protocol has a loophole in optimism's deposit contract. The problem stems from the swapAndDeposit() function, which has no restrictions on its input. Anyone can pass in an address and maliciously construct swapData to steal contract-approved tokens.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: 3Commas founder and CEO Yuriy Sorokin issued an investigative update on attacks on API keys and trading platforms after many users of Binance, OKX, FTX and some other trading platforms experienced unauthorized transactions via API keys . On December 29, CoinDesk reported that the US Federal Bureau of Investigation (FBI) is investigating the 3Commas data breach. Edmundo (Mundy) Pena, leader of the roughly 60-member 3Commas victims group that has previously been in contact with the U.S. Secret Service and other law enforcement agencies, told CoinDesk he calculated the group’s losses at more than $20 million.
Amount of loss: $20,000,000 Attack method: Information Leakage
Description of the event: Arbitrum-based cryptocurrency lending platform Lodestar Finance was hacked and nearly $7 million in assets siphoned off, the attackers were able to manipulate the price of the plvGLP token, allowing them to use the inflated token to "borrow" the entirety of the Lodestar platform Liquidity available.
Amount of loss: $ 7,000,000 Attack method: Price Manipulation
Description of the event: According to reports, PayPal notified the United States Attorney General's Office of Maine (Maine), saying that they discovered that they had been hacked on December 20, 2022, and after investigation believed that the incident occurred between December 6 and 8. Credential stuffing attack, the total number of affected users is 34,942. PayPal pointed out that the attack may lead to the disclosure of customer information, including: name, address, security code, personal tax information, phone number and birthday. However, PayPal emphasized that no user personal information has been stolen. PayPal also mentioned that it has provided 24 months of credit theft monitoring services for affected users. PayPal added that this incident is not a PayPal system vulnerability, but that users repeatedly use the same set of account numbers and password combinations on different services or websites, allowing hackers to steal, purchase, or obtain user account numbers, passwords, etc. from other places, and then use a large number of Account and password combination, crack PayPal account.
Amount of loss: - Attack method: Credential stuffing attack
Description of the event: BIT Mining reports that its subsidiary, cryptocurrency mining pool BTC.com, suffered a “cyber attack” on Dec. 3, in which the attackers stole approximately $700,000 in customer assets and $2.3 million in company assets . However, they said some of the funds had been recovered.
Amount of loss: $ 3,000,000 Attack method: Cyber attack
Description of the event: Ankr's deployer key was suspected to be leaked, and hackers minted a total of 60 trillion aBNBc. According to MistTrack analysis, some funds have been cross-chained from BSC to ETH and Polygon. The hacker used Celer Network, PancakeSwap, Multichain, deBridge, 1inch, PancakeSwap, SushiSwap, ParaSwap in the process of transferring funds, and 900 BNB has been transferred to Tornadocash so far. The Ankr team stated, “Our aBNB tokens (the proof tokens for BNB pledges) have been stolen and we are currently working with exchanges to stop trading immediately. Currently all underlying assets on Ankr pledges are safe and all infrastructure Services will not be affected."
Amount of loss: $ 5,000,000 Attack method: Private Key Leakage