1627 hack event(s)
Description of the event: On January 27, 2021, SushiSwap was attacked again. This attack took advantage of the fact that DIGG itself did not have a WETH trading pair, and the attacker created this trading pair and manipulated the initial transaction price, resulting in a huge slippage during the fee exchange process. The attacker only needs to use a small amount of DIGG and WETH provide initial liquidity to obtain huge profits.
Amount of loss: 81 ETH Attack method: Price Manipulation
Description of the event: User information of BuyUCoin, an Indian cryptocurrency exchange, was leaked, and personal data of more than 325,000 people appeared in the database of the hacker organization. According to Indian news media Inc42, a hacker group called ShinyHunters placed a database containing the names, phone numbers, email addresses, tax identification numbers and bank account information of more than 325,000 BuyUCoin users.
Amount of loss: - Attack method: Information Leakage
Description of the event: The privacy coin project Firo stated on Twitter that it is currently under 51% attacks and it is recommended that users do not trade during this period until the network returns to normal.
Amount of loss: - Attack method: 51% attack
Description of the event: On January 11, the Michigan state police claimed that an anonymous person mailed death threats to Governor Gretchen Whitmer and employees of the state in an attempt to collect $2 million worth of Bitcoin. The letter said that unless the governor transfers more than $2 million in cryptocurrency to him before January 25, the state employee will die. A Michigan State Police spokesperson responded that the threat was not credible.
Amount of loss: - Attack method: Ransomware
Description of the event: The Tor network was attacked and all v3 onion addresses were inaccessible. Darknetdaily posted that this seems to be a new type of attack that will affect the entire network and cause the consensus authorization node to overload. Hugbunter, the administrator of the dark web forum Dread, said that all v3 onion addresses are currently inaccessible. The cause of the accident is unknown, but it may cause a huge attack on the entire network. Hugbunter speculated that an article he published earlier might have spawned this attack. The article advocated that competitors in the market should be prevented from launching DDoS attacks against each other.
Amount of loss: - Attack method: Network Attack
Description of the event: The ZKSwap token ZKS, a decentralized exchange based on ZK Rollup, has problems due to Uniswap adding liquidity. ZKSwap officially stated that the reason for this phenomenon was that someone used scripts to brush transactions, resulting in a higher price for first adding liquidity. The project party can only sell a part of ZKS to return the price to normal levels. All the USDT obtained from selling ZKS has been injected into the liquidity pool and will not be withdrawn in the next 3 months
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: Twitter netizens said that due to a loophole in the award contract, the coverage agreement lost $3 million. Conversion, the data on the chain shows that attackers (0xf05Ca...943DF) have used the cover contract to issue a total of about 10,000 COVER, and have replaced them with assets such as WBTC and DAI. Later, the blockchain browser showed that the attacker (address label Grap Finance: Deployer) who made a profit of 3 million US dollars by issuing additional COVER returned 4350 ETH to the address labelled YieldFarming.insure: Deployer. CoverProtocol officially tweeted announcing that it will provide a new COVER token based on the snapshot before the breakthrough was repeated. And the 4350 ETH returned by the attacker will also be returned to LP token holders through snapshot processing.
Amount of loss: $ 3,000,000 Attack method: Contract Vulnerability
Description of the event: The Altilly Exchange platform was attacked by legally authorized access. According to the official weighing, the attacker gained access to 30 BTC and 12,000 USDT and stole them while controlling the server.
Amount of loss: 30 BTC + 12,000 USDT Attack method: Unauthorized access
Description of the event: According to sources, the Russian cryptocurrency exchange Livecoin previously stated that it was attacked and lost control of its server. Later, Livecoin announced its closure on Twitter and provided a link to its new domain name "Livecoin.news".
Amount of loss: - Attack method: Server compromised
Description of the event: A major security breach in the British cryptocurrency exchange Exmo has caused the platform to freeze all withdrawals. Since EXMO has a separate server for each cryptocurrency, the hacking only affected six cryptocurrencies, BTC, XRP, ZEC, USDT, ETC, and ETH, and the affected assets were equivalent to 6% of the company's total assets. According to The Block research analyst Igor Igamberdiev, EXMO seems to have lost $10.5 million in funds. The exchange provided a list of stolen coins and their addresses, and analysis showed that most of the funds had been sent to Poloniex. The lost coins include Bitcoin (BTC), Ethereum (ETH), XRP, Ethereum Classic (ETC), Tether (USDT) and Zcash (ZEC).It was reported on December 25 that the hackers who attacked Exmo had withdrawn $4 million of stolen funds through Poloniex.
Amount of loss: $ 10,500,000 Attack method: Wallet Stolen
Description of the event: DeFi portal DefiPrime said on Twitter this morning that at 06:34 on December 18th, Beijing time, the liquidity LP token mortgage loan DeFi agreement Warp Finance suffered a lightning loan attack and about 8 million US dollars were stolen. In addition, Warp Finance officials also tweeted that they are investigating illegal stablecoin loans that were lent in the last hour, and recommend not to deposit stablecoins until the official finds out the violation.Afterwards, Warp Finance issued a statement regarding the lightning loan attack. It is said that lightning loan attackers can steal up to US$7.7 million worth of stablecoins, but the Warp Finance team has formulated a plan to recover approximately US$5.5 million worth of stablecoins still in the mortgage vault. The US$5.5 million will be The proportion is distributed to users who have suffered losses.
Amount of loss: $ 7,700,000 Attack method: Flash loan attack
Description of the event: On December 14th, the Procuratorate of Cordoba, Argentina prosecuted 12 scammers involved in the OneCoin cryptocurrency Ponzi scheme and ordered their arrests last Thursday. Eight of them have been arrested. It was previously reported that the OneCoin Ponzi scheme caused relevant investors to suffer a total of US$4.4 billion in financial losses from their investment in the project from April 2014 to March 2018.
Amount of loss: $ 4,40,000,000 Attack method: Scam
Description of the event: DeFi insurance agreement Nexus Mutual stated on Twitter that the personal address of its founder Hugh Karp was attacked by a platform user, stolen 370,000 NXM and lost more than 8 million US dollars. The official said that this is a targeted attack, only the official name, Karp used a hardware wallet, the attacker obtained remote access to his computer, and modified the wallet plug-in MetaMask, deceived him to sign the transaction, the attacker Completed KYC 11 days ago, and then changed to a new address on December 3. , To transfer funds to the attacker’s own address.
Amount of loss: 370,000 NXM Attack method: Permission Stolen
Description of the event: According to reports, DeTrade Fund was the biggest scam on Friday, the platform allowing any user to profit by putting money into its arbitrage system and defrauding more than 1,400 ETH raised in a pre-sale. Twitter user Artura discovered that DeTrade Fund is actually run by a Lithuanian. Shortly after Artura’s tweet, the scam’s affiliate addresses distributed hundreds of ETH to presale participants, returning around 65-70% of the initial stolen funds.
Amount of loss: $ 1,200,000 Attack method: Scam
Description of the event: Foxconn was attacked by ransomware, which temporarily caused problems in its production facilities in Mexico and resulted in the theft of data. It is reported that the ransomware attack occurred on Thanksgiving weekend and the hacker was a DoppelPaymer group. The target of the attack was the Foxconn factory in Juarez, Chihuahua. About 1,200 servers were infected. 100GB of unencrypted files were stolen. The ransomware attack also caused 20TB to 30TB of backup data to be deleted. It is reported that the DoppelPaymer group demanded a ransom of 1804.0955 Bitcoin (approximately 220 million yuan) in exchange for an encryption key and promise not to publish the stolen data. Foxconn did not pay, and at least part of the data has been published on the dark web. In response, Foxconn responded that its factories in the Americas have indeed been attacked by cyber ransomware recently. At present, its internal information security team has completed software and operating system security updates, and at the same time improved the level of information security protection. At the same time, the affected factories are restoring the network, which has little impact on the group's overall operations.
Amount of loss: - Attack method: Ransomware
Description of the event: Aeternity (AE) was attacked by 51% yesterday. According to core members of the Aeternity community, the 51% attack caused a loss of more than 39 million AE tokens. The official team is solving the problem. The main damages are exchanges and mining pools. Exchanges are concentrated in OKEx, Gate, and Binance. In this regard, Aeternity Chaohua Community Moderator "February Honghong" said that 51% attacks will not create new tokens. He can understand it as copying a fake token from the attacker and sending it to Exchange withdrawals are often the unlucky ones, and mining pools are the same. Therefore, 51% attacks are not technical vulnerabilities. POW itself is such an operating mechanism, so the team will not settle claims.
Amount of loss: $ 5,201,240 Attack method: 51% attack
Description of the event: The cryptocurrency exchange Poloniex issued an announcement stating that since December 5th at 6:30 UTC (14:30 Beijing time), its service was interrupted due to a distributed denial of service (DDoS) attack. At present, Poloniex has resumed normal trading, and user funds have not suffered any loss.
Amount of loss: - Attack method: DDoS Attack
Description of the event: At 3:00 pm on December 1st, Beijing time, the security technical team discovered through Skynet that the Compounder.Finance project located at the address of 0x0b283b107f70d23250f882fbfe7216c38abbd7ca has undergone multiple large-value transactions. After verification, it was found that these transactions were internal operations of Compounder.Finance project owners, transferring a large number of tokens to their own accounts. According to statistics, Compounder.Finance eventually lost a total of about 80 million yuan worth of tokens.
Amount of loss: $ 80,000,000 Attack method: Project owner internal operations
Description of the event: On December 1, the Australian cryptocurrency exchange BTC Markets accidentally disclosed the full names and email addresses of all its customers in marketing emails sent to customers, which may expose all customers to potential phishing attacks. These emails are sent in batches of 1,000, which means that every customer has received the names and email addresses of 999 other users. BTC Markets CEO Caroline Bowler said that the company sincerely apologized for the incident and emphasized that the executives of the exchange are currently working around the clock to minimize the impact of violations and implement “additional security features”. To prevent future information leakage. Bowler advises BTC Markets customers to ensure that two-factor authentication is enabled to protect their accounts and to change the password of their email account.
Amount of loss: - Attack method: Information Leakage
Description of the event: DeFi asset mortgage platform Saffron Finance issued an announcement stating that Epoch 1 redemption errors caused by contract loopholes resulted in 50 million DAI deposits deposited by Epoch 1 being locked for 8 weeks. The team is currently working on an emergency fix to solve this problem and will transition to Epoch 2. Saffron Finance is a DeFi asset mortgage platform released by an anonymous team. The token is SFI, allowing liquidity providers to select customized risk exposures to obtain returns. In each cycle, users can choose different risk-return combinations (A, AA, S) on Saffron to provide liquidity. A cycle of 14 days (LP locks within 14 days). After the cycle ends, users can remove liquidity and obtain Interest and prorated SFI.
Amount of loss: $ 50,000,000 Attack method: Contract Vulnerability