1914 hack event(s)
Description of the event: DeFi revenue aggregator BT.Finance tweeted, "It was hacked. The attacked strategies include ETH, USDC and USDT. Other strategies are not affected. BT.Finance withdrawal fee protection has reduced the loss of this attack by nearly 140,000 US dollars." BT.Finance expressed the hope that hackers can return the funds and will use BT tokens to thank its bug test. According to ICO Analytics, the affected funds are approximately US$1.5 million.
Amount of loss: $ 1,500,000 Attack method: Flash loan attack
Description of the event: Bitcoin trading market KeepChange stated that the exchange received a request for withdrawal from a customer's account to an address belonging to the attacker, and a control subsystem of the platform suspended the request, resulting in no loss of Bitcoin. However, the attackers stole some customer data, including email addresses, names, number of transactions, total transaction amounts, and passwords.
Amount of loss: - Attack method: Information Leakage
Description of the event: Yearn v1 yDAI vault was attacked and the attackers stole 2.8 million US dollars. Banteg, the core developer of Yearn finance, subsequently stated that the attacker received 2.8 million US dollars and vault lost 11 million US dollars.
Amount of loss: $ 11,000,000 Attack method: Flash loan attack
Description of the event: The DeFi insurance project ArmorFi has paid a $1.5 million bug bounty to the white hat hacker Alexander Schlindwein. Because the hacker discovered a "critical loophole" in the agreement, and may cause all the company's underwriting funds to be depleted.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: According to feedback from Binance Smartchain investors, on February 1st, the BSC listed project Multi Financial ran away, and it only took about 5000 BNB in one day. The compromised investor stated that it had reported that Binance had blocked the address of the project party and reported to the police. Recently, there have been many running incidents on BSC. The popcornswap project has approached 48,000 BNB. In a few days, three other projects (Zap Finance and Tin Finance, SharkYield) ran away. The current SharkYield ran away is suspected to have taken away 6000 BNB. Binance said that BSC is the same public chain as Ethereum and should not be responsible for the above projects. It hopes that users will manually intervene in investment and select high-quality projects to participate.
Amount of loss: 5,000 BNB Attack method: Rug Pull
Description of the event: Another DeFi project popcornswap on Binance Smart Chain has gone. It is reported that some users said in the community that the project used cake's LP, the contract was open source but there was no audit, and the LP was run in less than two hours. Currently, there are more than 40,000 BNB in the wallet and no action is taken.
Amount of loss: 48,000 BNB Attack method: Rug Pull
Description of the event: Weibo user “CryptoBlanker” broke the news: the refi.finance project party directly used the reserved setBoardroom() function to change the Boardroom address to the address it deployed. Light BAS was taken away 2,600, worth 111 ETH (about 144,000 US dollars).
Amount of loss: 111 ETH Attack method: Rug Pull
Description of the event: On January 27, 2021, SushiSwap was attacked again. This attack took advantage of the fact that DIGG itself did not have a WETH trading pair, and the attacker created this trading pair and manipulated the initial transaction price, resulting in a huge slippage during the fee exchange process. The attacker only needs to use a small amount of DIGG and WETH provide initial liquidity to obtain huge profits.
Amount of loss: 81 ETH Attack method: Price Manipulation
Description of the event: User information of BuyUCoin, an Indian cryptocurrency exchange, was leaked, and personal data of more than 325,000 people appeared in the database of the hacker organization. According to Indian news media Inc42, a hacker group called ShinyHunters placed a database containing the names, phone numbers, email addresses, tax identification numbers and bank account information of more than 325,000 BuyUCoin users.
Amount of loss: - Attack method: Information Leakage
Description of the event: The privacy coin project Firo stated on Twitter that it is currently under 51% attacks and it is recommended that users do not trade during this period until the network returns to normal.
Amount of loss: - Attack method: 51% attack
Description of the event: On January 11, the Michigan state police claimed that an anonymous person mailed death threats to Governor Gretchen Whitmer and employees of the state in an attempt to collect $2 million worth of Bitcoin. The letter said that unless the governor transfers more than $2 million in cryptocurrency to him before January 25, the state employee will die. A Michigan State Police spokesperson responded that the threat was not credible.
Amount of loss: - Attack method: Ransomware
Description of the event: The Tor network was attacked and all v3 onion addresses were inaccessible. Darknetdaily posted that this seems to be a new type of attack that will affect the entire network and cause the consensus authorization node to overload. Hugbunter, the administrator of the dark web forum Dread, said that all v3 onion addresses are currently inaccessible. The cause of the accident is unknown, but it may cause a huge attack on the entire network. Hugbunter speculated that an article he published earlier might have spawned this attack. The article advocated that competitors in the market should be prevented from launching DDoS attacks against each other.
Amount of loss: - Attack method: Network Attack
Description of the event: The ZKSwap token ZKS, a decentralized exchange based on ZK Rollup, has problems due to Uniswap adding liquidity. ZKSwap officially stated that the reason for this phenomenon was that someone used scripts to brush transactions, resulting in a higher price for first adding liquidity. The project party can only sell a part of ZKS to return the price to normal levels. All the USDT obtained from selling ZKS has been injected into the liquidity pool and will not be withdrawn in the next 3 months
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: Twitter netizens said that due to a loophole in the award contract, the coverage agreement lost $3 million. Conversion, the data on the chain shows that attackers (0xf05Ca...943DF) have used the cover contract to issue a total of about 10,000 COVER, and have replaced them with assets such as WBTC and DAI. Later, the blockchain browser showed that the attacker (address label Grap Finance: Deployer) who made a profit of 3 million US dollars by issuing additional COVER returned 4350 ETH to the address labelled YieldFarming.insure: Deployer. CoverProtocol officially tweeted announcing that it will provide a new COVER token based on the snapshot before the breakthrough was repeated. And the 4350 ETH returned by the attacker will also be returned to LP token holders through snapshot processing.
Amount of loss: $ 3,000,000 Attack method: Contract Vulnerability
Description of the event: The Altilly Exchange platform was attacked by legally authorized access. According to the official weighing, the attacker gained access to 30 BTC and 12,000 USDT and stole them while controlling the server.
Amount of loss: 30 BTC + 12,000 USDT Attack method: Unauthorized access
Description of the event: According to sources, the Russian cryptocurrency exchange Livecoin previously stated that it was attacked and lost control of its server. Later, Livecoin announced its closure on Twitter and provided a link to its new domain name "Livecoin.news".
Amount of loss: - Attack method: Server compromised
Description of the event: A major security breach in the British cryptocurrency exchange Exmo has caused the platform to freeze all withdrawals. Since EXMO has a separate server for each cryptocurrency, the hacking only affected six cryptocurrencies, BTC, XRP, ZEC, USDT, ETC, and ETH, and the affected assets were equivalent to 6% of the company's total assets. According to The Block research analyst Igor Igamberdiev, EXMO seems to have lost $10.5 million in funds. The exchange provided a list of stolen coins and their addresses, and analysis showed that most of the funds had been sent to Poloniex. The lost coins include Bitcoin (BTC), Ethereum (ETH), XRP, Ethereum Classic (ETC), Tether (USDT) and Zcash (ZEC).It was reported on December 25 that the hackers who attacked Exmo had withdrawn $4 million of stolen funds through Poloniex.
Amount of loss: $ 10,500,000 Attack method: Wallet Stolen
Description of the event: DeFi portal DefiPrime said on Twitter this morning that at 06:34 on December 18th, Beijing time, the liquidity LP token mortgage loan DeFi agreement Warp Finance suffered a lightning loan attack and about 8 million US dollars were stolen. In addition, Warp Finance officials also tweeted that they are investigating illegal stablecoin loans that were lent in the last hour, and recommend not to deposit stablecoins until the official finds out the violation.Afterwards, Warp Finance issued a statement regarding the lightning loan attack. It is said that lightning loan attackers can steal up to US$7.7 million worth of stablecoins, but the Warp Finance team has formulated a plan to recover approximately US$5.5 million worth of stablecoins still in the mortgage vault. The US$5.5 million will be The proportion is distributed to users who have suffered losses.
Amount of loss: $ 7,700,000 Attack method: Flash loan attack
Description of the event: On December 14th, the Procuratorate of Cordoba, Argentina prosecuted 12 scammers involved in the OneCoin cryptocurrency Ponzi scheme and ordered their arrests last Thursday. Eight of them have been arrested. It was previously reported that the OneCoin Ponzi scheme caused relevant investors to suffer a total of US$4.4 billion in financial losses from their investment in the project from April 2014 to March 2018.
Amount of loss: $ 4,40,000,000 Attack method: Scam
Description of the event: DeFi insurance agreement Nexus Mutual stated on Twitter that the personal address of its founder Hugh Karp was attacked by a platform user, stolen 370,000 NXM and lost more than 8 million US dollars. The official said that this is a targeted attack, only the official name, Karp used a hardware wallet, the attacker obtained remote access to his computer, and modified the wallet plug-in MetaMask, deceived him to sign the transaction, the attacker Completed KYC 11 days ago, and then changed to a new address on December 3. , To transfer funds to the attacker’s own address.
Amount of loss: 370,000 NXM Attack method: Permission Stolen