50 hack event(s)
Description of the event: Hedera tweeted to disclose the details of the attack. The attacker attacked the smart contract service code of the Hedera main network and transferred the Hedera Token Service tokens held by some user accounts to their own accounts. The attackers targeted accounts used as liquidity pools on multiple DEXs migrated to use the Hedera Token Service using Uniswap V2-derived contract generations, including Pangolin Hedera, SaucerSwap, and HeliSwap. When attackers moved tokens obtained through the attack to a Hashport Network bridge, bridge operators detected the activity and acted quickly to disable it. To prevent attackers from stealing more tokens, Hedera shut down the mainnet proxy, which removes user access to the mainnet.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: As Coindesk reported, the Solana network experienced a fork event that limited users’ ability to execute transactions. According to Solana Explorer, the network was processing about 93 transactions per second at around 2AM ET today, well below the previous network rate of nearly 5000 TPS about 15 minutes ago. Such low throughput has prohibited users from performing activities such as on-chain transactions and transfers on Solana.
Amount of loss: - Attack method: Fork
Description of the event: Ethereum L2 protocol Loopring tweeted that it was hit by a large-scale DDoS attack. While the funds were not at risk, the service was down for 11 hours. Currently, domain access on the mobile app side has been reconfigured and the Loopring wallet service has been restored.
Amount of loss: - Attack method: DDos attack
Description of the event: In a tweet, @0xCrumbs disclosed that Dogechain was hacked yesterday, and the attackers exploited the vulnerability to mint 9.7 million $Doge (about $600,000) and transfer $316,000 through a cross-chain bridge. Currently 3 million remain in the starting wallet, in addition to $100,000 worth of USDC/ETH. Therefore, @0xCrumbs believes that yesterday's Dogechain maintenance was caused by the attack. SlowMist also tweeted that the attackers used Anyswap to bridge funds to the BSC and ETH chains, which were then transferred to Binance. But Dogechain officials tweeted that no funds were lost during the maintenance period.
Amount of loss: $ 600,000 Attack method: Contract vulnerabilities
Description of the event: Public chain project Sui tweeted that its Discord server had been hacked, and asked users not to click on any links posted on the Discord server in the past 8 hours. According to some replies to the tweet, some users have already lost money by clicking on links posted by the hackers on Sui Discod.
Amount of loss: - Attack method: Discord was hacked
Description of the event: A large-scale incident of currency theft occurred on the Solana public chain, and a large number of users were transferred SOL and SPL tokens without their knowledge. According to SlowMist MistTrack statistics, more than 8,000 Solana wallets have been stolen so far. Assets are valued at approximately $4.5 million.
Amount of loss: $ 8,000,000 Attack method: Unknown
Description of the event: Polygon Chief Information Security Officer Mudit Gupta tweeted that two remote procedure call (RPC) interfaces of Polygon and Fantom were affected by a Domain Name System (DNS) hijacking attack on Friday. The reason was that a hacker hijacked Ankr's Domain Name System (DNS) to steal the user's seed stage, and Ankr quickly recovered the error and said no funds were lost.
Amount of loss: - Attack method: DNS Attack
Description of the event: Optimism and Wintermute both released announcements, disclosing to the community a loss of 20 million OP tokens. At the time of the release of OP tokens, Optimism entrusted Wintermute to provide liquidity services for OP in the secondary market. As part of the agreement, Optimism will provide Wintermute with 20 million OP tokens. To receive the tokens, Wintermute gave Optimism a multi-signature address, to which Optimism transferred 20 million OPs after Optimism test sent two transactions and Wintermute confirmed it was correct. After Optimism transferred the coins, Wintermute found that they had no way to control these coins, because the multi-signature addresses they provided were only deployed on the Ethereum mainnet for the time being and have not yet been deployed to the Optimism network. To gain control of these tokens, Wintermute immediately initiated remediation operations. However, attackers have already noticed this vulnerability and deployed multi-signature to this address on the Optimism network before Wintermute, successfully controlling the 20 million tokens. At present, the Optimism hacker has returned 17 million OP tokens and transferred 1 million OP to the Vitalik address, and Vitalik has returned the funds.
Amount of loss: 2,000,000 OP Attack method: Multi-signature address transfer vulnerability
Description of the event: The blockchain network Elrond is suspected of having a security breach, and hackers "obtained" nearly 1.65 million $EGLD "out of thin air" and sold it through the decentralized exchange Maiar. On June 8, Elrond founder and CEO Beniamin Mincu tweeted that the previous bug has been resolved, all funds and users are safe, and almost all stolen funds have been recovered.
Amount of loss: $ 113,000,000 Attack method: Virtual Machine Vulnerability
Description of the event: Sentinel founder Serpent tweeted that the first search result of the NFT trading platform X2Y2 on the Google search page was a scam website. It used the loopholes in Google ads to make the real website and the scam URL look exactly the same, and about 100 ETH had been stolen. . At present, the fake website has been removed after being reported by community members and exposed by the media. Users can directly enter x2y2.io to enter the official website.
Amount of loss: 100 ETH Attack method: Phishing Attack
Description of the event: Solana-based NFT team at Metaplex, a web application and deployment platform, discontinued the program section today, Solana shows the program deployment of its program section, when further stabilized, the Solana team will be used to deploy a bot to use it for Deploy a bot. When attempting to complete a test transaction, 0.01 SOL will be charged for labor. The collected penalty funds will be provided to the configuration account of the Candy Machine instance.
Amount of loss: - Attack method: Downtime
Description of the event: According to the block explorer, the last block of the Arbitrum One network was generated at 18:29 Beijing time, and no new blocks and new transactions have been generated for more than 2 hours. At the same time, the Matemask wallet cannot connect to the Arbitrum One network.
Amount of loss: - Attack method: Downtime
Description of the event: Solana was down for 4 hours on January 4th, however, Solana.Status showed no problems with the network. The Solana blockchain suffered its third incident in just a few months, resulting in network congestion and failed transactions, with users debating whether it was caused by another DDos attack or just a network issue. Anatoly Yakovenko, co-founder of Solana Labs, denied there was a DDoS attack this time around.
Amount of loss: - Attack method: DDos attack
Description of the event: On December 3, a group of white hat hackers notified Polygon’s vulnerability bounty agency Immunefi of a vulnerability in the Polygon PoS creation contract. The Polygon core team contacted the organization and Immunefi's expert team and immediately launched a repair procedure. Validators and the full-node community are notified to upgrade 80% of the network without interruption within 24 hours. The upgrade was performed on December 5th at block #22156660, which did not affect the activity and performance of the network. The vulnerability has been fixed and the damage has been mitigated, with no substantial damage to the agreement and its end users. All Polygon contracts and node implementations remain fully open source. Polygon paid a total of approximately $3.46 million in bounty to the two white hats who helped discover the vulnerability. Despite our best efforts, malicious hackers were able to use this vulnerability to steal 801,601 MATIC before the network upgrade took effect. The foundation will bear the cost of the theft.
Amount of loss: 801,601 MATIC Attack method: Contract vulnerabilities
Description of the event: The Bitcoin sidechain Liquid Network launched by Blockstream encountered block signature-related issues after the recent upgrade, resulting in no block generation for more than 7 hours. According to Liquid Network's block explorer, the last block is 1517039, and it was generated 7 hours ago. Liquid Network said on Twitter, "It is investigating a block signature issue related to a recent feature upgrade, but user funds are safe and will not be affected."
Amount of loss: - Attack method: Block signature problem
Description of the event: The private public chain Secret Network stated on Twitter that the main network has undergone an unplanned upgrade, from secret-2 to secret-3, to prevent major network security issues from causing financial losses. The team stated that neither the native token SCRT nor the cross-chain bridge contract were affected. Only a single smart contract was affected. The contract came from SecretSwap. A vulnerability was exploited, allowing the attacker to take away the pledged SEFI contract. funds. At present, the cross-chain bridge is still closed, and the deposit function of the exchange is also closed.
Amount of loss: - Attack method: Contract vulnerabilities
Description of the event: The beta version of the mainnet of the public chain Solana has been unstable since 19:52 Beijing time last night, and it has been 12 hours since the Solana chain application has not been able to operate normally. According to information released by Solana Status, the Solana validator community chose to restart the network cooperatively, and the snapshot height is slot 96542804. Solana Status recommends that the verification node be updated to Mainnet-Beta 1.6.24 version. On September 21, Solana officially released a preliminary overview of the network outage on September 14. It is reported that on September 14, Solana’s network was offline for 17 hours. There was no financial loss, and the network resumed full functionality within 24 hours. The cause of network stagnation is denial of service attacks. At 12:00 UTC time, Grape Protocol launched IDO on Raydium, and transactions generated by robots congested the network. These transactions caused a memory overflow, causing many validating nodes to crash, forcing the network to slow down and eventually stop. When the verification node network cannot agree on the current state of the blockchain, the network will go offline, preventing the network from confirming new blocks.
Amount of loss: - Attack method: Denial of service attack
Description of the event: Ethereum Classic (ETC) tweeted that the ETC mainnet was forked due to previous vulnerabilities in the Ethereum client Geth. At present, most of the computing power is on the mainnet. Core-geth node operators should update to v1.12.1 or higher as soon as possible.
Amount of loss: - Attack method: Ethereum client Geth vulnerability
Description of the event: Starting at around 23:45 on August 3, Beijing time, BSV suffered a “large-scale” 51% attack, resulting in the simultaneous mining of three versions of the chain.
Amount of loss: - Attack method: 51% attack
Description of the event: Siastats tweeted that the Sia network, a decentralized storage project, has been under continuous DDoS attacks in the past two days. The targets of the attacks are network hosts and storage providers. The attacks have caused about 30% of host connections to be interrupted. Siastats stated that network functions were not affected. Only some of the host operators indicated that the Internet connection was interrupted. The affected operators can contact the Sia Foundation to mitigate the negative impact of the attack. The attack did not cause huge losses, and the network will continue to operate normally.
Amount of loss: - Attack method: DDoS attack