1627 hack event(s)
Description of the event: Use multiple accounts to simultaneously send transaction requests for attack, so that the last attacker account gets the highest winning rate.
Amount of loss: 5,710 EOS Attack method: Transaction Rollback Attack
Description of the event: EOS Atidium's official account wwwatidiumio was abnormal. A total of 6 tokens including ATD tokens 337,759,004 were transferred to account b4jmqvvktgjx. The account then transferred 130 million ATD tokens to Newdex Exchange for cash, a total of 3,183.8564 EOS were profitable..
Amount of loss: 3,183 EOS Attack method: Private Key Leakage
Description of the event: Hacker ybdzmtgouwxn launched an attack on nutsgambling, an EOS quiz game. In less than an hour, a total of 144 attacks were launched, and a total of 1,141.71 EOS was obtained. In order to prevent the flow of funds from being tracked, the hacker used multiple sub-accounts to sequentially transfer the acquired assets to the account kcbtvwtxeabc, which has not been withdrawn to the exchange yet.
Amount of loss: 1,141.71 EOS Attack method: Roll back attack
Description of the event: American Bitcoin payment processor BitPay stated that the company's Copay wallet was attacked by hackers. Bitpay announced on Monday that it learned of this issue from a report on Copay GitHub. The report showed that third-party JavaScript libraries used by these applications were modified and malicious code was loaded. The malware was inserted into versions 5.0.2 to 5.1.0 of the Copay and BitPay wallet applications and may be used to obtain private keys for stealing Bitcoin and Bitcoin Cash. According to reports, the attack appeared to be carried out by a developer named Right9ctrl, who took over the maintenance of the NodeJS library from the left manager. About three months ago, when Right9ctrl was granted access to the repository, he inserted malware at this time.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: The attacker (kuybupeykieh) launched an attack on the EOS quiz game contract (vegasgame111), making a total of hundreds of EOS. The data on the tracking chain found that, in order to prevent the flow of funds from being tracked, the hacker used dozens of operations to create sub-accounts. In order to transfer the acquired assets sequentially, the attacker used the "fake EOS" vulnerability to carry out the attack.
Amount of loss: - Attack method: Fake EOS Vulnerability Attack
Description of the event: The attacker malisringho continually initiated 35 game requests to the EOS Lelego contract llgcontract1., eventually guessing 27 times, making a total profit of 6,282.5 EOS, and then successfully transferring 6,500 EOS to the Binance Exchange.
Amount of loss: 6,282.5 EOS Attack method: Random number attack
Description of the event: EOS game contract LuckyGo has been off the line and the attacker iloveloveeos (malicious contract) was exposed in September because of attack on FairDice.
Amount of loss: - Attack method: Random number attack
Description of the event: A large number of HVTs in the AirDropsDAC contract account were transferred to the sym111111add account under abnormal operation, the account was then exchanged for 2,514 EOS at Newdex, which was subsequently transferred to the gizdkmjvhege account.
Amount of loss: 2,514 EOS Attack method: Private Key Leakage
Description of the event: According to a report by Finder on November 12, AurumCoin (AU), a new digital currency based on the monetary gold standard system (the US dollar operation method), has recently suffered a 51% attack and lost 15,752.26 Australian dollars (approximately 11,362 US dollars).
Amount of loss: $ 11,362 Attack method: 51% attack
Description of the event: The game contract was attacked by the attacker lockonthecha.
Amount of loss: 20,000 EOS Attack method: Random number attack
Description of the event: The well-known DApp EOSDice was hacked again due to random number issues. The attacker was a hacker who previously attacked EOSDice and FFGame DApp. The project side wrongly add a controlled seed in random algorithm which lead the attack.
Amount of loss: 4,633 EOS Attack method: Random number attack
Description of the event: The hacker has launched a total of 700 attacks on the MyEosVegas game contract eosvegasjack.
Amount of loss: 10,000 EOS Attack method: Unknown
Description of the event: By deploying the attack contract and using the same algorithm as FFgame to calculate the random number in the contract, the attacker immediately uses the random number attack contract in inline_action after generating the random number, resulting in the winning result being "predicted", thus reaching the super high winning rate.
Amount of loss: 1,331 EOS Attack method: Random number attack
Description of the event: Attacked by the attacker, the specific content is unknown.
Amount of loss: 200 EOS Attack method: Unknown
Description of the event: Hackers successfully sandwiched crypto-stealing code into the middle of a popular web traffic-measuring plugin from StatCounter, which is now used on more than two million websites, including government sites. They have determined, however, that the rather wide swath of infections may have been designed to eventually infect cryptocurrency trading sites, and that the scheme did, in fact, infect popular crypto-trading site Gate.io. By situating the code in the middle of StatCounter’s downloadable javascript web traffic analysis tool, hackers made it harder to detect.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: Random number was cracked by attacker.
Amount of loss: 2,545 EOS Attack method: Random number attack
Description of the event: EOSeven was transferred 600 million SVN from eosevendice2 to account tuningfinish, then back 450 million to eosevendice2. After that, tuningfinish sold the SVN token on Newdex and finally transferred the resulting EOS to Binance Exchange.
Amount of loss: - Attack method: Insider Manipulation
Description of the event: The hacker "refundwallet" tried to attack the EOSCast game contract "eoscastdmgb1". The hacker first used the "fake EOS" attack method to conduct 8 transfer attacks, but failed, and then successfully attacked 9 times by using the "fake EOS transfer variant". According to the rules of the game, hackers launched attacks with 100, 1,000, and 10,000 fake EOS. Each attack can get 198, 9,800, 19,600 EOS. When the last attack was carried out, the game party noticed an abnormal attack and transferred it in time. After leaving the remaining 8,000 EOS in the bonus pool, in the end, the hacker made a total of 72,912 EOS.
Amount of loss: 70,000 EOS Attack method: Fake EOS Vulnerability Attack
Description of the event: The official forgot to put the seed into the database when expanding the server, and no longer record the seed after the 868590 game.
Amount of loss: 1374.375 EOS Attack method: Operational Mistake
Description of the event: MapleChange, based in Canada, announced on Twitter the exchange "sustained a hack" and was investigating the issue. The post also said the exchange had turned off users' accounts temporarily. About refunding its customers, it opened a Discord server (a platform for users to chat) so customers could post there about their missing funds, based on which it would initiate refunds. The exchange's website was down.
Amount of loss: 913 BTC Attack method: Unknown