1909 hack event(s)
Description of the event: CNA, one of the largest insurance companies in the United States, paid a ransom of US$40 million (approximately 257 million yuan) after being attacked by ransomware in March to regain control of its network. The company has confirmed that an organization named Phoenix is the perpetrator of this attack.
Amount of loss: $ 40,000,000 Attack method: Ransomware
Description of the event: According to the official community information of Meerkat Finance, its vault contract was hacked, and the hacker used the loophole to steal all the funds in the vault. According to reports, the BSC project Meerkat Finance is suspected of running away and swept away about 31 million US dollars, of which 14 million BUSD and the other 73,000 BNB. MKAT claims to have been hacked to steal all resources.
Amount of loss: $ 31,000,000 Attack method: Rug Pull
Description of the event: Tether officially tweeted that forged documents allegedly "between Tether personnel and representatives of Deltec Bank & Trust and other institutions" are circulating online. In addition, Tether officially received a ransom request for sending 500 BTC to bc1qa9f60pved3w3w0p7snpxlnh5t4uj95vxn797a7 today. The sender stated that unless they receive Bitcoin before tomorrow, they will leak documents to the public in order to "destroy the Bitcoin ecosystem." Tether said it will not pay the ransom. And remind customers, employees, and the encryption community to stay vigilant and ensure operational safety. Tether stated that it has reported falsified communications and related ransom demands to law enforcement.
Amount of loss: - Attack method: Ransomware
Description of the event: The game ecosystem platform SeascapeNetwork stated that the private key of an early investor was stolen after the token was released today, which led to hackers obtaining 18,750 CWS in the investor's wallet. According to Etherscan data verification, this address has changed all CWS to ETH, and then recharged it to the Ethereum mixing platform Tornado.Cash several times, which is close to 330 ETH, which is equivalent to USD 500,000.
Amount of loss: $ 500,000 Attack method: Private Key Leakage
Description of the event: The 70 GB data of Gab, a social networking platform that supports Bitcoin, was hacked. Gab has handed over the hacked data to the reporting website Distributed Denial of Secrets. Emma Best, founder of Distributed Denial of Secrets, said that the hacked data included public posts, personal information and passwords, and private account posts and messages.
Amount of loss: - Attack method: Information Leakage
Description of the event: The agent of the DeFi platform Furucombo was attacked and the amount stolen amounted to more than 15 million U.S. dollars. The DeFi aggregation platform Furucombo officially released a tweet, saying: "The root cause has been found and the vulnerability has been patched. The funds are now safe. We are investigating the stolen funds and organizing follow-up actions. The follow-up will continue to be updated."Later, Furucombo stated that it would issue 5 million iouCOMBO tokens to affected users
Amount of loss: $ 15,000,000 Attack method: Contract Vulnerability
Description of the event: DeFi Insurance Agreement The Armor team claimed that some team members were scammed by OTC and were defrauded of 1.2 million ARMOR tokens. The scammers have already dumped all tokens for a profit of 600 ETH (approximately US$850,000). The Armor team disclosed that the scammers pretended to be strategic investors on social media, falsely claiming to purchase tokens from the team through OTC, defrauded 1.2 million ARMOR tokens in OTC transactions, and then sold them. According to the Armor team, "No hacking, the project is still safe."
Amount of loss: $ 850,000 Attack method: Scam
Description of the event: The DAI pool of Yeld.finance, the DeFi revenue aggregator, was attacked by a lightning loan, resulting in a loss of 160,000 DAI, involving more than 10 users. Tether, TrueUSD and USDC were not affected. According to reports, Yeld’s problem is consistent with the previous Yearn.Finance DAI pool vulnerability problem. The official also stated that the affected users will be repaid with tokens, which will be rewarded with income from the DAI pool to make up for some of their losses. Later, Yeld.finance officially stated that the 160,000 DAI caused by the lightning loan attack has been returned. This event is suspected to be the work of a white hat, and the official will further update the details.
Amount of loss: $ 160,000 DAI Attack method: Flash loan attack
Description of the event: A serious loophole has been discovered in the Primitive Finance smart contract on the Ethereum chain options agreement. Since the contract cannot be upgraded or suspended, the official chose to hack the smart contract to protect user funds. The hacked funds are safe. All hacked funds will be returned to their owners.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: According to Stuff.co.nz, hackers took approximately 62,000 New Zealand dollars (45,000 USD) worth of cryptocurrency from the troubled exchange. The investigation revealed that the hacker accessed a dormant wallet that belongs to the US-based blockchain company Stakenet and is controlled by Grant Thornton, the liquidator of Cryptopia. According to the survey results, the dormant wallet holds XSN worth approximately US$1.96 million, which is the native token of Stakenet.
Amount of loss: $ 45,000 Attack method: Unknown
Description of the event: UL LLC (commonly known as Underwriters Laboratories) suffered a ransomware attack that encrypted its server and caused the server to shut down the system when it recovered. To prevent the attack from spreading further, the company shut down the system so that certain employees could not perform their work. According to sources familiar with the attack, UL decided not to pay the ransom, but to restore from backup.
Amount of loss: - Attack method: Ransomware
Description of the event: F2Pool was attacked by DDos, and some addresses experienced short-term failures, which have been restored.
Amount of loss: - Attack method: DDoS Attack
Description of the event: According to CryptoPotato, the ransomware group DoppelPaymer launched another attack, this time leaking sensitive data of KMA, the North American branch of automaker Kia Motors. Criminals demand Bitcoin to pay the ransom, and the total ransom may be as high as 600 Bitcoins (worth more than 30 million U.S. dollars). KMA stated that the company has experienced “IT outages involving internal, reseller, and customer-facing systems” and stated that it is working to resolve these issues. The ransom note left by the DoppelPaymer ransomware group stated that they had broken into KMA's system.
Amount of loss: - Attack method: Ransomware
Description of the event: The privacy coin Verge (XVG) underwent a reorganization of 560,000 blockchains after a 51% attack on Monday. Lucas Nuzzi of CoinMetrics stated that the history of token transactions over 200 days has been deleted.
Amount of loss: - Attack method: 51% attack
Description of the event: The attacker uses Lightning Loan to Alpha Finance for leveraged lending, and uses Alpha Finance’s own Cream IronBank quota to return the Lightning Loan. In this process, the attacker obtains a large amount of cySUSD by adding liquidity to Cream, allowing the attacker to use it. These cySUSD are further borrowed in Cream Finance. Due to problems with Alpha Finance, both agreements suffered losses at the same time.
Amount of loss: $ 37,500,000 Attack method: Flash loan attack
Description of the event: DeFi revenue aggregator BT.Finance tweeted, "It was hacked. The attacked strategies include ETH, USDC and USDT. Other strategies are not affected. BT.Finance withdrawal fee protection has reduced the loss of this attack by nearly 140,000 US dollars." BT.Finance expressed the hope that hackers can return the funds and will use BT tokens to thank its bug test. According to ICO Analytics, the affected funds are approximately US$1.5 million.
Amount of loss: $ 1,500,000 Attack method: Flash loan attack
Description of the event: Bitcoin trading market KeepChange stated that the exchange received a request for withdrawal from a customer's account to an address belonging to the attacker, and a control subsystem of the platform suspended the request, resulting in no loss of Bitcoin. However, the attackers stole some customer data, including email addresses, names, number of transactions, total transaction amounts, and passwords.
Amount of loss: - Attack method: Information Leakage
Description of the event: Yearn v1 yDAI vault was attacked and the attackers stole 2.8 million US dollars. Banteg, the core developer of Yearn finance, subsequently stated that the attacker received 2.8 million US dollars and vault lost 11 million US dollars.
Amount of loss: $ 11,000,000 Attack method: Flash loan attack
Description of the event: The DeFi insurance project ArmorFi has paid a $1.5 million bug bounty to the white hat hacker Alexander Schlindwein. Because the hacker discovered a "critical loophole" in the agreement, and may cause all the company's underwriting funds to be depleted.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: According to feedback from Binance Smartchain investors, on February 1st, the BSC listed project Multi Financial ran away, and it only took about 5000 BNB in one day. The compromised investor stated that it had reported that Binance had blocked the address of the project party and reported to the police. Recently, there have been many running incidents on BSC. The popcornswap project has approached 48,000 BNB. In a few days, three other projects (Zap Finance and Tin Finance, SharkYield) ran away. The current SharkYield ran away is suspected to have taken away 6000 BNB. Binance said that BSC is the same public chain as Ethereum and should not be responsible for the above projects. It hopes that users will manually intervene in investment and select high-quality projects to participate.
Amount of loss: 5,000 BNB Attack method: Rug Pull