1513 hack event(s)
Description of the event: Solana validator operator Laine tweeted, "Solana Mainnet-Beta is experiencing a performance degradatation, block progression is currently halted, core engineers & validators are actively investigating." According to SolanaFM data, the last block appears to have been processed at UTC time 09:52. Solana Status tweeted, "Block production on Solana mainnet beta resumed at 14:57 UTC, following a successful upgrade to v1.17.20 and a restart of the cluster by validator operators. Engineers will continue to monitor performance as network operations are restored.The outage began at approximately 09:53 UTC, lasting 5 hours. Core contributors are working on a root cause report, which will be made available once complete."
Amount of loss: - Attack method: Downtime
Description of the event: The project Detto Finance in the Base ecosystem is suspected of a rug pull, with its social media accounts currently inaccessible, resulting in approximately $95,000 in losses.
Amount of loss: $ 94,147 Attack method: Rug Pull
Description of the event: The user-friendly crypto wallet designed for DeFi and NFTs, Phantom, reported a DDoS attack on its platform. Someone attempted to overload its systems, causing potential temporary interruptions in some services. User assets are secure.
Amount of loss: - Attack method: DDoS Attack
Description of the event: The DeFi protocol Abracadabra Money (MIM_Spell) has fallen victim to an attack, resulting in approximately $6.5 million in losses. Following the attack, Abracadabra.Money (MIM_Spell) provided an update on the situation via Twitter, stating that their technical team identified the vulnerability. Preliminary findings indicate the exploit targeted specific Cauldrons V3 & V4, allowing unauthorized MIM borrowing. They’ve mitigated the issue by setting borrowing limits to zero for these cauldrons.
Amount of loss: $ 6,500,000 Attack method: Security Vulnerability
Description of the event: Klaytn, the South Korean public blockchain, tweeted a reminder to users that its official Discord server has been attacked. Until further notice, please refrain from clicking on any links or interacting with any posts. The team is currently working to remove malicious bots and regain control.
Amount of loss: - Attack method: Discord was hacked
Description of the event: On January 31st, according to blockchain investigator ZachXBT, Ripple fell victim to a hacking attack resulting in the theft of 213 million XRP, valued at approximately $112.5 million. Ripple's co-founder, Chris Larsen, tweeted, "Yesterday, there was unauthorized access to a few of my personal XRP accounts (not @Ripple) – we were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved."
Amount of loss: $ 112,500,000 Attack method: Unknown
Description of the event: The lending market ZeroLend has experienced a DDoS attack.
Amount of loss: - Attack method: DDoS Attack
Description of the event: The official Twitter account of zk-data marketplace Masa is suspected to be compromised, and fake airdrop links have been posted.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: DWF Labs tweeted that the Twitter account of their managing partner, Andrei Grachev, has been compromised.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Barley Finance tweeted that there has been a vulnerability attack on the wBARL pod. The team is working on resolving the issue. Details are as follows: 1. The exploiter took more than 10% of the total BARL supply in the pod, of which about 9% was the development team's collateral, used from Marketing and Dev allocations. Therefore, the damage to users is insignificant. 2. The solution is to change the wBARL pod contract to remove the functions that cause the exploit.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: GoledoFinance on Conflux was attacked, with a loss of 7.9m $CFX ($1.7M). The Goledo team has completed the initial investigation of the large borrowings in the lending pool. The team has determined that the issue is related to a flash loan.
Amount of loss: $ 1,700,000 Attack method: Flash Loan Attack
Description of the event: The Wall Street Memes token was subject to a coordinated attack. The hackers exploited a vulnerability with their staking provider and accessed the $WSM staking contract.
Amount of loss: - Attack method: Coordinated Attack
Description of the event: Portfolio management tool Citadel.one has been attacked, resulting in a loss of approximately $93K.
Amount of loss: $ 93,000 Attack method: Unknown
Description of the event: South Korean Web3 social music service Somesing announced that it fell victim to a security vulnerability attack last Saturday, resulting in a loss of 730 million native tokens (SSX), equivalent to approximately $11.58 million.
Amount of loss: $ 11,580,000 Attack method: Unknown
Description of the event: The Algorand Foundation tweeted that the Twitter account of Staci Warden (@StaciW_DC), the CEO of the Foundation, has been compromised.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: AltLayer, a temporary extension layer built on Optimistic Rollups, tweeted that early this morning, its Twitter profile was not displaying past tweets on the timeline. After approximately 3 hours of handling, the account has now been restored to normal. The entire incident may have been an organized attack. AltLayer advises users to stay safe and cross-check any information and links across multiple channels.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: On January 25th, the staking contract of the space-themed open-world Web3 game Nebula Revelation suffered a reentrancy attack. On January 28th, Nebula Revelation announced a compensation plan of 159,831 USDT. The team promises comprehensive compensation and has decided to reimburse users at the price before the theft to ensure fairness.
Amount of loss: $ 320,000 Attack method: Reentrancy Attack
Description of the event: Saga DAO, a community-run fan club for Solana's sellout mobile phone fell victim to a hacker attack, resulting in a theft of 750 SOL, equivalent to approximately $60,000. On February 2nd, SagaDAO tweeted that all funds stolen last week had been recovered. 65,761.03 USDC has been sent back to the Align multisig wallet protected by Phase Labs. The funds were returned from the original attacker's address.
Amount of loss: $ 65,761 Attack method: Remote Hack
Description of the event: JohnLennonC0IN (BEATLES) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 54,900 Attack method: Rug Pull
Description of the event: The blockchain gaming platform GMEE has announced via Twitter that the GMEE token contract on Polygon experienced unauthorized GitLab access a few hours ago, resulting in the theft of 600 million GMEE tokens. Subsequently, the attacker exchanged the tokens for ETH and MATIC.
Amount of loss: $ 7,000,000 Attack method: Authorization Attack