1627 hack event(s)
Description of the event: Tencent Security Threat Intelligence Center has detected a large number of attacks originating from overseas IP and some domestic IP against domestic cloud server tenants. The attacker blasted into the server through SSH (port 22), and then executed malicious commands to download the Muhstik botnet Trojan. The botnet will control the compromised server to perform SSH lateral movement, download the Monero mining Trojan, and accept remote commands to launch DDoS attacks.
Amount of loss: - Attack method: Remote Intrusion
Description of the event: Bitfly officially tweeted that ETC encountered another large-scale 51% attack today. The attack has resulted in the reorganization of more than 4000 blocks. Bitfly reminded that unless the official notified further, the current mining pool payment is invalid. At the same time, the government encourages all miners to switch ETH pools on the official website. Blockchain data analysis company Bitquery released an investigation report on the second 51% attack of ETC. The report shows that the initiator of this attack and the initiator of the first attack were the same miner. The attackers profited at least 1.68 million US dollars from this attack.
Amount of loss: $ 1,680,000 Attack method: 51% attack
Description of the event: According to a tweet published by Jon Prosser on August 5, its YouTube channel with 262,000 subscribers was hacked, the channel name was changed to "NASA [news]", and a live broadcast about SpaceX CEO Elon Ma Skr gave false news of Bitcoin. In about two hours, the illegal profit was $4,000.
Amount of loss: $ 4,000 Attack method: Youtube was hacked
Description of the event: Opyn, an on-chain options platform, disclosed that its Ethereum put options were maliciously exploited by external participants. Opyn pointed out that all other Opyn contracts except Ethereum put options are not affected by this vulnerability. The attacker doubled the use of oToken and stole the mortgage assets of the put option seller. According to Opyn statistics, a total of 371,260 USDC has been stolen so far. Because the exercise function exercise() in the Opyn ETH Put smart contract does not perform real-time verification of the trader's ETH. According to the business logic of the Opyn platform, the buyer of the put option transfers the corresponding value of ETH to the seller to obtain the digital asset mortgaged by the seller. The cunning attacker first initiates a disguised transaction to himself, and uses the reusable feature of this ETH to initiate a transfer to the seller user again, thereby defrauding the seller's mortgaged digital assets.
Amount of loss: 371,260 USDC Attack method: Contract Vulnerability
Description of the event: YFII's hard fork project YYFI has completely become an "exit scam" in the early morning of August 1. From the very beginning, this project seems to be determined to prepare for its own run.
Amount of loss: - Attack method: Scam
Description of the event: CWT, the fifth largest travel company in the United States, agreed to pay $4.5 million worth of bitcoin to hackers who hijacked its computer systems.
Amount of loss: $ 4,500,000 Attack method: Ransomware
Description of the event: Bitfly tweeted that today, the ETC blockchain has undergone a chain reorganization of 3693 blocks at a block height of 10904146. This causes all state construction nodes to stop synchronizing. The ETC blockchain did not produce blocks for nearly 6 hours, and then the block production returned to normal.
Amount of loss: - Attack method: The miner using the old software
Description of the event: Spanish cryptocurrency exchange 2gether has been maliciously hacked, affecting around 5,500 users who trade on the platform. According to a statement by Spanish police dated 22 February 2022, a team from the Ministry of Cybercrime has arrested five persons suspected of hacking. A 2gether employee was reportedly found guilty of stealing $7 million from the company. He downloaded a pirated movie that contained malware. The malware hacked into the exchange’s systems, allowing hackers to steal more than $7 million in BTC and ETH. Police found attackers using computer viruses such as Remote Access Trojans (RATs) to gain access to 2gether's internal network. Although the employee gave the hackers access to the company's network, the attackers spent about six months analyzing the exchange's activity before carrying out the theft.
Amount of loss: $ 7,000,000 Attack method: Trojan horse virus
Description of the event: On July 25, 2020, there was unauthorized access to Ledger's database, resulting in data leakage. The leaked data includes e-commerce and marketing data, but payment information and encrypted assets are safe. Ledger’s announcement claimed that the API Key was used to achieve unauthorized access to the database. Currently, the API Key has become invalid.
Amount of loss: - Attack method: Information Leakage
Description of the event: In the early hours of this morning, many celebrity politicians and some companies' Twitter accounts were attacked by hackers, and these Twitter accounts all published relevant digital currency phishing scam information. However, the phishing information was deleted a few minutes after it was posted. As of now, the scammers have received 12.86 bitcoins in total.
Amount of loss: 12.86 BTC Attack method: Hacked account
Description of the event: Cashaa, a UK-based cryptocurrency exchange, said hackers stole 336 Bitcoins from a wallet on the exchange. The company has now stopped all transactions related to cryptocurrency.
Amount of loss: 336 BTC Attack method: Malicious Software
Description of the event: From April 2014 to December 2019, the BitClub network was a fraudulent scheme that solicited funds from investors in exchange for stakes in so-called cryptocurrency mining pools and rewarded their investments, according to an announcement issued by the U.S. Attorney's Office in New Jersey. to recruit new investors into the program. Over the five-year period of the program, BitClub defrauded investors of at least $722 million in bitcoin.
Amount of loss: $ 722,000,000 Attack method: Ponzi
Description of the event: In the recent referendum on constitutional reform, 1.14 million Russians voted through the blockchain platform, but their data has been made public on the Internet and can be accessed directly from state-owned servers. Election officials Shared a ZIP file containing id card information, passport Numbers and other passport information of people who voted on the blockchain platform, sources said. The ZIP file is stored on a government website. The files are free and can be downloaded by anyone at any given time. In addition, the files are password-protected, though the passwords are not very strong. Meanwhile, there are other problems with the blockchain voting platform, such as a loophole for partial repeat votes.
Amount of loss: - Attack method: Information Leakage
Description of the event: The team that developed Bitcoin Gold (BTG), a bifurcated project, has announced a 51% attack. According to the official disclosure, THE BTG network has been hit by 51% attacks lasting nearly 10 days. However, on July 2, the BTG team had issued an attack alert to the mine pool and the exchange and issued version 0.17.2, which included checkpoints at 640,650 blocks. The BTG team reminds all BTG Core nodes to upgrade to version 0.17.2.
Amount of loss: - Attack method: 51% attack
Description of the event: Ravencoin's community member CryptoScope team discovered that there are vulnerabilities in the Ravencoin blockchain, which has been cast by unknown people. 1.5% of the total RVN is 21 billion. Tron Black, the developer of Ravencoin, said that these tokens may have been sold to the market after being mined, so the economic losses have been absorbed by the Ravencoin ecosystem. The official reminds all miners, mining pools or exchanges to upgrade the client to the latest version, just use the latest version. The community is also considering various options to reduce the subsequent impact of the incident, such as halving the time in advance to restore the total to the original planned 21 billion.
Amount of loss: $ 40,000,000 Attack method: Minting Attack
Description of the event: Coingecko researcher Daryllautk tweeted that VETH suffered a hacker attack on the decentralized exchange Uniswap. The hacker stole 919,299 VETH (worth $900,000) using only 0.9ETH. After the attack, VETH officially stated that the contract was used by the UX improvement it placed in transferForm(), which was their fault. They will redeploy vether4 and will compensate all affected Uniswap pledgers. This attack mainly uses the visibility of the changeExcluded function in the contract to be external and there is no permission restriction. The user can directly make external calls to create the necessary conditions for the attack.
Amount of loss: $ 900,000 Attack method: Contract Vulnerability
Description of the event: According to DeBank Twitter, hackers once again used dYdX's lightning loan to attack the COMP trading pair in Balancer's part of the liquidity pool, and took away the unreceived COMP rewards from the pool to make a profit of 10.8 ETH, which is about $2408.
Amount of loss: $ 2,408 Attack method: Flash loan attack
Description of the event: The Balancer liquidity pool was attacked by Lightning Loan and lost $500,000. The two losses suffered by Balacer are STA and STONK. At present, the liquidity of these two token pools has been exhausted. Both STA and STONK tokens are deflation tokens, which means that this attack only affects the liquidity pool of deflation tokens. The deflationary tokens on Balancer and its smart contracts are incompatible in certain specific scenarios, allowing attackers to create and profit from STA/STONK circulation pools with price deviations.
Amount of loss: $ 500,000 Attack method: Compatibility Issue
Description of the event: The malicious Web3 applications "phishing dapps" were discovered in a recent study, they pretend to be legitimate applications or services to steal cryptocurrencies. For example, since MakerDAO officially closed the single-mortgage Sai system, such phishing tools have begun to appear, and they pretended to need a new tool to help users migrate from SAI to DAI. For example, a domain name provides a simple interface to start the migration from SAI to the new DAI at a 1:1 ratio, it seems like an official channel. However, the actual transaction to be signed simply sends the SAI to an address owned by the attacker. SAI, which has been traced to more than US$100,000, was transferred to the attacker's account.
Amount of loss: $ 100,000 Attack method: Phishing attack
Description of the event: Atomic Loans, issued a decision on vulnerability disclosure and suspension of new loan requests. The decision shows that the security researcher samczsun privately disclosed two vulnerabilities in the currently deployed contracts and lender agents.oth vulnerabilities would've allowed a malicious borrower to unlock part/ all of their BTC collateral without repaying their loan in specific circumstances. Up to now, neither of these vulnerabilities were exploited by any users, and there were no funds impacted on the platform. Additionally the platform has disabled the ability for any borrower or lender to participate in new loans until they launch v2.
Amount of loss: - Attack method: Unknown