261 hack event(s)
Description of the event: According to intelligence from the SlowMist Security Team, the YIEDL project on the BSC chain was attacked, with the attacker stealing approximately $300,000. In this incident, the reason lies in the contract’s failure to adequately validate the external parameter(dataList) provided by the user during the processing of the redeem function call. This parameter is critical data for controlling asset exchanges, typically containing specific transaction instructions or routing information. The attacker maliciously constructed this external parameter, enabling unauthorized asset transfers.
Amount of loss: $ 300,000 Attack method: Contract Vulnerability
Description of the event: Shortly after the deployment of the FENGSHOU (NGFS) token, it was attacked, resulting in a loss of approximately $191,000. The vulnerability lies in a public `delegateCallReserves` function which allows the attacker to set an arbitrary address to a UniSwapV2 proxy.
Amount of loss: $ 191,000 Attack method: Contract Vulnerability
Description of the event: Users reported abnormal activity on the trading platform of the DeFi asset management protocol Velvet Capital on April 23rd. When attempting to connect to the frontend, users were prompted to approve their wallet's access permissions for the protocol.
Amount of loss: - Attack method: Frontend Attack
Description of the event: The Fake Safe Token (SAFE) on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.
Amount of loss: $ 752,683 Attack method: Rug Pull
Description of the event: Z123 on BSC was attacked by a hacker due to a contract vulnerability, resulting in a loss of approximately $136k. The .update() function of Z123 was repeatedly called which burned extra tokens and inflated the price.
Amount of loss: $ 136,000 Attack method: Contract Vulnerability
Description of the event: The Fake Cruiz (CRUIZ) on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.
Amount of loss: $ 38,556 Attack method: Rug Pull
Description of the event: Fake PRCL on the BNB Chain appears to have exit scammed, resulting in a 100% price drop and causing losses exceeding $100,000.
Amount of loss: $ 100,000 Attack method: Rug Pull
Description of the event: Token issuance protocol Mars was attacked and lost about 1M MARS 和 137 个 WBNB.
Amount of loss: $ 98,000 Attack method: Unknown
Description of the event: The Fake JILLBODEN on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.
Amount of loss: $ 335,339 Attack method: Rug Pull
Description of the event: The Fake VDZ on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.
Amount of loss: $ 323,088 Attack method: Rug Pull
Description of the event: The Bitcoin-native lending protocol, Zest Protocol twitted that it experienced an attack. The attacker lent out an amount exceeding the value of their collateral by artificially inflating its value. The attack has been mitigated, and all unauthorized access has been disabled. The attacker removed 324,000 STX from the protocol, and this loss will be compensated from the Zest Protocol's treasury, ensuring full reimbursement of user assets.
Amount of loss: $ 1,000,000 Attack method: Contract Vulnerability
Description of the event: Wall Street Memes (WSM)’s pre-sale contract was attacked, resulting in a loss of ~2.5M WSM, worth of ~$18,000.
Amount of loss: $ 18,000 Attack method: Flash Loan Attack
Description of the event: The DeFi protocol OpenLeverage has been attacked, resulting in a loss of approximately $260,000. In light of this, OpenLeverage has decided to discontinue the OpenLeverage trading and lending protocol. OpenLeverage is initiating processes for users to close trades/borrowings and withdraw funds safely. All protocol actions will remain paused until withdrawal processes begin early next week.
Amount of loss: $ 260,000 Attack method: Contract Vulnerability
Description of the event: The project ZongZiFa on BSC was exploited through a flash loan, resulting in a loss of approximately $229,000. The attacker manipulated the price of ZongZi to gain invitation rewards.
Amount of loss: $ 229,000 Attack method: Flash Loan Attack
Description of the event: The astrology-based project Lucky Star Currency rug-pulled in October 2023, resulting in a loss of $1.1 million. On March 22, 2024, ownership of the project was transferred to a malicious smart contract, which then drained tokens valued at almost $300,000 from those who still held them.
Amount of loss: $ 300,000 Attack method: Rug Pull
Description of the event: On March 14, 2024, according to intelligence from the SlowMist security team, the IT token on the BSC was attacked, with the attacker profiting approximately $15,200. The attacker exploited the transfer function in the IT token, which allowed additional tokens to be minted to the pool based on the amount of tokens being exchanged, gradually increasing the reserve of IT tokens in the pool, manipulating the price, and continuously exchanging BSC-USD tokens from the pool for profit.
Amount of loss: $ 15,200 Attack method: Contract Vulnerability
Description of the event: FLOKIAI (FLOKIAI) on the BNB Chain appears to have exit scammed. The address starting with 0xFe54 has exchanged 268,561,795,727,990.23 FLOKIAI tokens for approximately 316.4 BNB, valued at around $148,000.
Amount of loss: $ 148,000 Attack method: Rug Pull
Description of the event: ClosedAI (ClosedAI) appears to have exit scammed on the BNB Chain. The address starting with 0xFe54 has exchanged 277,635,327,881,198.25 ClosedAI tokens for approximately 307.3 BNB, valued at around $13,100.
Amount of loss: $ 131,000 Attack method: Rug Pull
Description of the event: JohnLennonC0IN (BEATLES) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 54,900 Attack method: Rug Pull
Description of the event: LongNoseDog (LONG) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 309,749 Attack method: Rug Pull