1857 hack event(s)
Description of the event: Vesper Finance tweeted that its No. 23 lending pool Vesper Lend beta launched on the interest rate agreement Fuse has been attacked again. The attacker manipulated an oracle and depleted the beta test borrowing pool of DAI, ETH, WBTC, and USDC of approximately $1 million. This is not an attack on the Vesper contract, no VSP or VVSP is threatened. Vesper has banned the lending of all tokens in Beta Vesper Lend Rari Pool #23, and also switched the oracle from VUSD/USDC to VUSD/ETH (Uni v3). Prior to this, the Vesper Lend loan pool on Rari Fuse was attacked, and the attacker made a profit of 3 million US dollars.
Amount of loss: $ 1,000,000 Attack method: Oracle Attack
Description of the event: SashimiSwap was attacked due to a logic error in the swap function, and the attacker finally made a profit: 6,261.304 uni, 4,466,096 Sashimi and 63,762 usdt, nearly $200,000.
Amount of loss: $ 200,000 Attack method: Contract Vulnerability
Description of the event: On December 28th, according to Twitter user coby.eth, a fake MetaMask governance token was created and launched on the DEXTools platform. The creator of the token used malicious code to make users browse the token information, and a pop-up interface showed that the MASK Token was verified and displayed A forged platform verification mark (blue certification symbol) is displayed. coby.eth stated that after the transaction volume exceeded US$1 million, the token was transformed into a "Pixiu plate", and users could only buy but not sell. According to browser data, the total transaction volume of this "Pixiu Pan" MASK Token is close to 10 million U.S. dollars, with a total of 642 related transactions and close to 400 addresses.
Amount of loss: $ 10,000,000 Attack method: Scam
Description of the event: The assets of MetaSwap, a project on the BSC chain, were transferred. The total amount of stolen funds of 1100 BNB was transferred to the Tornado.cash wallet (BSC version), and the price of MGAS tokens fell by 46.99%. All official accounts related to Metaswap - including Twitter , Instagram and Medium - all deleted.
Amount of loss: 1,100 BNB Attack method: Rug Pull
Description of the event: MetaDAO took a Rug Pull, took away the funds (800 ETH, about 3.2 million US dollars), and has been transferred to Tornado.cash mixed currency. MetaDAO's website is currently unavailable due to suspension.
Amount of loss: 800 ETH Attack method: Rug Pull
Description of the event: The NFT project Monkey Kindom stated that hackers stole $1.3 million in SOL from the community through a security breach in discord. The hacker first attacked Grape, the solution to authenticate users on Solana, and took advantage of the vulnerability to take over an administrative account that posted a phishing link in the announcement channel of Monkey Kindom discord.
Amount of loss: $ 1,300,000 Attack method: Account Compromise
Description of the event: Uniswap V3 liquidity management protocol Visor Finance was hacked again. Hackers took advantage of the loopholes to withdraw more than 8.8 million VISRs and sold them on Uniswap, causing the VISR tokens to plummet by nearly 95% and profit over 120 ETH through Tornado Cash. Money laundering. According to SlowMist analysis, this attack is due to a flaw in the RewardsHypervisor contract when checking the permissions of the user's recharge, causing the attacker to construct a malicious contract to arbitrarily cast mortgage credentials. Prior to this June, Visor Finance was also hacked and lost more than US$500,000.
Amount of loss: 120 ETH Attack method: Contract Vulnerability
Description of the event: The staking and yield farming platform Bent Finance tweeted that the Bent Deployer wallet upgraded the curve pool contract from November 30, 2021 to 2021 01:09:27 PM +UTC, and the exploiter added a malicious contract that made cvxcrv and cvxcrv and The mim pool is able to hardcode user balances and then deploy another contract to mask it. The attackers stole a total of 513,000 cvxcrv LP tokens. Bent Finance later updated the incident report saying that with the help of two white hat hackers, the team analyzed the incident and concluded: "This was actually the work of an 'inside member'. After several days of hacking, the attackers finally agreed to return the funds to the following multisig address: 0xaBb8B277F49de499b902A1E09A2aCA727595b544. The attackers sold off (now bounced back) and sent us ETH and DAI, there was a slight shortfall in returning funds, but we've fixed that. So far, we have raised another 200,000 cvxcrv (~$1 million) from the community to help fill the gap. "The official said that the vulnerability has been fixed to ensure that such incidents do not occur again.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: A Discord server run by Fractal in the recently launched game NFT market was hacked. The hacker defrauded 373 members of 800 Solana cryptocurrencies worth US$150,000. The startup said in its announcement that it will compensate the victims in full.
Amount of loss: $ 150,000 Attack method: Account Compromise
Description of the event: The Discord server run by Fractal, a gaming NFT marketplace, was hacked, a fake Discord bot disguised as an official posted a fake minting link in Fractal's "#announcements" channel, and nearly 3,500 people fell victim to it, losing nearly 600,000 Dollar. In its announcement, the company said it would fully compensate victims of the hack.
Amount of loss: $ 600,000 Attack method: Account Compromise
Description of the event: According to official sources, GrimFinance, a compound income platform on the Fantom chain, suffered a lightning loan attack, and the current loss has exceeded 30 million U.S. dollars. The attacker uses the function named "beforeDeposit()" in GrimFinance's vault strategy to attack and enter the malicious Token contract.
Amount of loss: $ 30,000,000 Attack method: Flash Loan Attack
Description of the event: The data on CoinMarketCap's website flashed bugs, and the quotes of multiple cryptocurrencies were wrong.
Amount of loss: - Attack method: Data error
Description of the event: At 5:21 (UTC+8) on December 15, 2021, the WePiggy-OEC agreement made a short-term error in the CHE oracle, which caused the price of CHE in WePiggy to be much higher than the market price, resulting in abnormal liquidation for users who borrowed CHE assets. Calculated at the price at the time of the incident, the total loss of user assets is approximately US$400,000.
Amount of loss: $ 400,000 Attack method: Abnormal liquidation
Description of the event: Chain game project Vulcan Forged officially tweeted that 148 wallets holding PYR were hacked, and more than 4.5 million PYR had been stolen. It then stated: Most of the PYR has been returned from the treasury to the affected wallets.
Amount of loss: $ 102,820,974 Attack method: Private Key Leakage
Description of the event: On December 13, the DeFi platform Definer oracle was attacked. This incident was caused by the problem of Definer’s implementation of the oracle in OEC. It used the token balance of a single liquidity pool at a point in time as the price source, which led to the accident. The implementation of Ethereum used ChainLink’s The oracle does not have this problem.
Amount of loss: 30,765 CHE Attack method: Oracle Attack
Description of the event: Dharma Wallet officially tweeted that there was a downtime. After Dharma updated Twitter, it said that it has returned to normal and all funds are safe.
Amount of loss: - Attack method: Downtime
Description of the event: According to the official announcement, some ERC-20, BSC and Polygon tokens of AscendEX were abnormally transferred out of the hot wallet of the exchange, and the cold wallet of AscendEX was not affected by this incident. It is estimated that Pinnacle AscendEX’s losses totaled US$77.7 million (of which US$60 million was on Ethereum, US$9.2 million was on BSC, and US$8.5 million was on Polygon).
Amount of loss: $ 77,700,000 Attack method: Wallet Stolen
Description of the event: Smart contract automation tool Gelato Network tweeted: "We have been alerted to a critical vulnerability in Sorbet Finance's G-UNI router contract. This vulnerability only affects users interacting with the Sorbet UI." Gelato Network released a security incident investigation report, saying that white hat hackers transferred a total of $27 million in assets to ensure the safety of user assets, but there were still $744,000 of funds that were maliciously attacked by MEV. The project stated that the vulnerability that emerged this time is similar to the previous dydx vulnerability, and the smart contract at risk can make arbitrary low-level calls aimed at executing transactions on 1inch, making potential exploits possible.
Amount of loss: $ 744,000 Attack method: Contract Vulnerability
Description of the event: The payment system of ONUS, the largest cryptocurrency trading platform in Vietnam, running a vulnerable version of Log4j suffered a cyber attack. Cyclos notified ONUS to repair the system on December 13, but it was too late. Although ONUS has fixed the security loopholes in the Cyclos instance, the window of loopholes allowed attackers to successfully steal data from sensitive databases. The stolen database contained nearly 2 million user data, including KYC (Know Your Customer) data, hashed passwords, etc. Subsequently, the attacker asked ONUS to pay a ransom of 5 million, otherwise the stolen data would be made public. On December 25, because ONUS did not pay the full ransom, the attackers sold customer data on the dark web data exchange market.
Amount of loss: - Attack method: Ransomware
Description of the event: At 8 pm on December 8, the hacker account itsspiderman used an overflow vulnerability to issue additional tripool market-making certificates in eCurve out of thin air, pledged and loaned most of the tokens in the agreement in PIZZA. Afterwards, hackers created more than 1.3 million accounts and dispersed the stolen assets. The loss of the PIZZA protocol in this attack is equivalent to about 5 million U.S. dollars. After negotiations, the hackers agreed to a ransom of $500,000.
Amount of loss: $ 500,000 Attack method: Contract Vulnerability