1208 hack event(s)
Description of the event: Recently, a user suffered a phishing attack while visiting the Curve exchange website, and lost 20 Bitcoins. It is reported that the fraud group used the Google advertising system to purchase Google search ads, pretending to be the Curve exchange for fraudulent advertising. Due to google’s new advertising program, ads are usually displayed in the first place in search, which has caused many users to be deceived.
Amount of loss: 20 BTC Attack method: Phishing attack
Description of the event: The WLEO contract of the Ethereum project was hacked, resulting in the theft of $42,000 worth of funds. The hackers stole Ethereum from the pool of the decentralized exchange Uniswap by casting WLEO to themselves and replacing it with Ethereum.
Amount of loss: $ 42,000 Attack method: Casting WLEO
Description of the event: Encrypted wallet ZenGo researcher Alex Manuskin revealed that UniCats, a so-called "yield farming platform" based on the Ethereum network, is suspected of stealing at least $200,000 in encryption from several users, including the governance token UNI of the decentralized financial platform Uniswap assets. A backdoor in the smart contract allows UniCats to retain control of its user tokens even if these tokens have been withdrawn from the user pool. Previous attacks against Bancor also used similar vulnerabilities.
Amount of loss: $ 200,000 Attack method: Scam
Description of the event: The decentralized wallet imToken tweeted that users reported that 310,000 DAI had been reduced, which conflicted with DeFi Saver Exchange. imToken recommends that the automated management system of collateralized bond warehouses (CDP) imi stated that its security team is investigating the incident and trying to troubleshoot all user wallets that hit and issue warnings. DeFiSaver responded that this part of the funds is safe and is contacting users. DeFiSaver admitted that this was related to the foreign exchange benefits reported in June.
Amount of loss: 310,000 DAI Attack method: Exchange leak
Description of the event: A user named Kazuo Kusunose posted on Google forums that he had lost $15,000 due to an encryption scam discovered in Google ads. Allegedly, the suspicious website named Coindaq.io tried to use the digital renminbi that China is studying, claiming that users can deposit funds on the platform to participate in the sale of digital renminbi. The victim expressed the hope that Google can investigate the matter and establish a webpage targeted at the alleged fraud.
Amount of loss: $ 15,000 Attack method: Scam
Description of the event: According to bluekirbyfi twitter messages, yearn. Finance founder Andre Cronje, launched the game project Eminence (EMN) encounter a flash loan attack, hackers will return $8 million of funds to the yearn deployer contracts.
Amount of loss: - Attack method: Flash loan attack
Description of the event: KuCoin exchange issued an announcement stating that KuCoin detected large withdrawals of Bitcoin and ERC-20 tokens in multiple hot wallets in the early morning of the 26th, and the deposit and withdrawal services have been suspended. KuCoin stated that the total amount involved in the KuCoin platform accounts for a relatively low proportion of the total funds held on the KuCoin platform, and the assets in the KuCoin cold wallet are not affected. At the same time, KuCoin has redeployed the hot wallet for the first time. KuCoin officially stated that if any user suffers losses in this incident, KuCoin and its insurance fund will be fully borne by KuCoin. KuCoin has now started a comprehensive internal security review. During this period, the deposit and withdrawal services will be suspended. The specific opening time will be Further notice. Kucoin said it will announce more details as soon as possible. As previously reported, starting at 2:49 am Beijing time on September 26, Etherscan marked the address of the cryptocurrency exchange KuCoin to transfer a large number of tokens, including MKR, USDT, OCEN, etc., to a new address beginning with 0xeb31973e0f. Including 11,486 Ethereum, 19,788,586 USDT, 525,405 Gladius (GLA), 77,874 Hawala (HAT), 21,660,274 Ocean Token (OCEAN), 8,893,428 Chroma (CHR), 30,452,178 Ampleforth Network (AMPL), 198,678 Ankr (ANKR) etc.
Amount of loss: $ 150,000,000 Attack method: Wallet Stolen
Description of the event: On September 26, the SushiSwap imitation project named GemSwap was exposed and LP was taken away. The query found that the project posted a tweet at around 15:00 today and revealed that it was attacked by the developer of "whatitdobb". It is understood that the project completed the liquidity migration earlier today, but the developer who initiated the attack had The relevant permission was obtained and the tokens in the liquidity pool were able to be taken away. The specific losses caused by this attack are currently unclear.
Amount of loss: - Attack method: Rug Pull
Description of the event: The financial blogger "Super Bitcoin" stated on Weibo that Mr. Huai (weibo username "crash X") participated in the liquidity mining project Soda, and suddenly discovered a loophole in which 20,000 ETH can be directly liquidated Drop. But he chose to tell the development team, but the development team did not pay attention. He had no choice but to liquidate an ETH, and sent a Weibo warning to inform the developers of the existence of this bug. One hour later, the parties to the Soda agreement responded by prompting the borrower to repay and the mortgager to withdraw, and at the same time indicated that they would fix the loopholes and suspend the front-end borrowing function. But as of the early morning of September 21st, more than 400 ETH in Soda's mortgage loan pool were still maliciously liquidated. In the morning of the same day, the agreement officially stated on Twitter that the vulnerability has been fixed, and the newly deployed smart contract is expected to take effect at 21:00 on September 22.
Amount of loss: 446 ETH Attack method: Unknown
Description of the event: According to the intelligence of the SlowMist Zone, the LV Finance project of the Ethereum mining project is suspected of running away within an hour and 4 million have been transferred away. Unlike previous projects, the project used fake audit websites and provided false audit information to trick investors into doing business. Invest and run away when the amount in the fund pool is large enough after a period of time. Currently, the project website lv.finance is no longer accessible.
Amount of loss: $ 4,000,000 Attack method: Rug Pull
Description of the event: The Bantiample team, a project on the Binance Smart Chain, has cashed out 3000 BNB to run away. At present, the main developer of the team has deleted the Telegram account, and the project token BMAP has fallen by more than 90% in a single day. According to the project's description, BMAP is a kind of AMPL-like imitation. Every time a user participates in a transaction, the total amount is reduced by 1%. However, it is actually just a common token, and it does not have the functions described by the project party. It just uses the AMPL project hotspot to commit fraud.
Amount of loss: 3,000 BNB Attack method: Rug Pull
Description of the event: According to Spanish prosecutors, they are investigating Arbistar's alleged manipulation of a Bitcoin trading scam. The disappearance of investor funds has affected 32,000 households who cannot use their savings invested in Bitcoin trading platform Arbistar. Earlier, it was reported that crypto company Arbistar announced that it would close a trading tool called Community Bot. The operator said that all funds on the platform are currently frozen and prevent users from withdrawing funds. Allegedly, the amount stolen may exceed 100 million euros (120 million U.S. dollars), which may be the “largest scam in Spain” related to cryptocurrencies.
Amount of loss: $ 120,000,000 Attack method: Scam
Description of the event: bZx officially tweeted that at 3:28 am Eastern time (15:30, September 13th, Beijing time), we began to study the decline in TVL of the agreement. By 6:18 AM EST (18:30, September 13th, Beijing time), we confirmed that several iTokens had repeated incidents. Lending is temporarily suspended. The duplicate method has been patched from the iToken contract code, and the agreement has resumed normal operation. According to the information of the founder of Compound, there are a total of US$2.6 million in LINK, US$1.6 million in ETH, and US$3.8 million in stablecoins, with a total of US$8 million in assets affected. 1inch co-founder Anton Bukov tweeted that the attacker had stolen about 4,700 ETH in this incident and attached the address of the stolen funds. In response, bZx said that the funds are currently not at risk. The funds listed have been deducted from our insurance fund. On September 16, bZx released an iToken repeat incident report, and the attacker has returned all funds.
Amount of loss: - Attack method: Replay Attack
Description of the event: Amplify, a user of DeFi, discovered a bug in SYFI, a smart contract for DeFi, and made 747 ETH on a single transaction, but from other users. The project crashed.
Amount of loss: 747 ETH Attack method: Unknown
Description of the event: The wRAM of the EOS ecological DeFi liquidity mining project Coral was attacked by hackers and lost more than 120,000 EOS.
Amount of loss: 120,000 EOS Attack method: Reentrancy Attack
Description of the event: According to SlowMist Zone intelligence, EOS project EMD is suspected to be on the run. To date, EmeraldMine1 has transferred 780,000 USDT, 490,000 EOS and 56,000 DFS to Account SJI111111111, and 121,000 EOS has been transferred to Changenow coin Laundering. Current lost MARKET value: US $2,468,838 =17,281,866 RMB.
Amount of loss: $ 2,468,838 Attack method: Rug Pull
Description of the event: A user with a Twitter account named Amplify revealed that he made a profit of US$250,000 from a system vulnerability in the new DeFi project Soft Finance.
Amount of loss: $ 250,000 Attack method: Unknown
Description of the event: European encrypted exchange ETERBASE has been hacked, resulting in the theft of some hot wallets and the loss of more than $5.4 million in assets.
Amount of loss: $ 5,400,000 Attack method: Wallet Stolen
Description of the event: Banco Estado Bank, one of the three largest banks in Chile, had to shut down its nationwide business on the 7th due to a cyber attack by REvil ransomware.
Amount of loss: - Attack method: Ransomware
Description of the event: It is said that hackers used the encrypted virus NetWalker to enter the database and steal information from federal agencies. The dark web payment page linked in the ransomware description shows that the hacker initially paid $2 million worth of bitcoin to unlock the file. Within a week, this number had increased to 355 BTC, which is approximately $3.62 million.The Argentine government refused to pay the ransom.
Amount of loss: - Attack method: Ransomware