59 hack event(s)
Description of the event: Blockchain network Everscale said that a large number of EVER tokens have been stolen and they are working closely with exchanges where EVER is listed in order to stop any further outflow of tokens. To halt the actions of those responsible, they have temporarily disconnected Octus Bridge.
Amount of loss: - Attack method: Unknown
Description of the event: The project named "IPO" (Twitter handle @IPO_web3) is suspected to have suffered a Rug Pull, losing around 102,000 BSC-USD, the project's tokens are down 32%, and the stolen funds are now located in addresses beginning with 0x35fe.
Amount of loss: $ 102,000 Attack method: Rug Pull
Description of the event: According to official sources, a bug in Arbitrum's sequencer code previously caused a brief outage in the network's batch transaction submission feature, which prevented transactions from being confirmed on the main chain. The bug has since been fixed and the bulk transaction submission feature has been restored.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: DWallet Labs discovered a zero-day vulnerability in TRON multi-signature accounts that put more than $500 million in digital assets at risk. What about the threshold and number of signers defined in the account. The bug has now been disclosed and fixed, so no user assets are now at risk.
Amount of loss: - Attack method: Multisig Vulnerability
Description of the event: Blockchain security researcher iczc tweeted that a vulnerability was found in Polygon zkEVM and received a bug bounty from Immunefi L2. The vulnerability prevents asset migration from L1 to L2 by preventing assets bridged from L1 to Polygon zkEVM (L2) from being properly claimed in L2. iczc found in the code logic of processing claim tx pre-execution results that malicious attackers can bypass the "isReverted" pre-execution check on claim transactions by setting the gas fee to non-zero, allowing them to send a large number of Low-cost claims DoS attacks on sequencers and validators, increasing computational overhead. Also, transactions are not immediately removed from the pool after execution. The status is updated from Pending to Selected and continues to exist in the PostgreSQL database. Currently, there is only one trusted sequencer capable of fetching transactions from the transaction pool and executing them. Therefore, another vulnerability is to maliciously mark any deposit amount by sending a failed transaction. This will cause claim transactions that correctly use credits to be rejected because the credits are already used. This makes the L2 network unusable for new users. The Polygon zkEVM team fixed this vulnerability by removing the specific gas logic for claiming transactions, with no funds at risk.
Amount of loss: - Attack method: Logic Vulnerability
Description of the event: Fede's Intern, a contributor to the venture capital studio LambdaClass, said on Twitter that it found that Aleo, a programmable privacy network, had an inflation loophole and used the first loophole to stop block production, and contacted the Aleo team by email. Following an open discussion on the Zero Knowledge Podcast, Aleo CEO and Zero Knowledge Podcast contributor Alex Pruden stepped in and the bug is now fixed.
Amount of loss: - Attack method: Inflation Vulnerability
Description of the event: On May 19, Blockworks Research stated on Twitter that the Bitcoin Layer 2 network Stacks has experienced several obstacles in the past few months: 1. There is a serious loophole in the STX "stacking" mechanism; 2. Confused review It becomes common during Stacks mining; 3. Stacks chain block reorganization is more common.
Amount of loss: - Attack method: Block Reorganization
Description of the event: The EOS Network Foundation tweeted that the EOS EVM has released version v0.4.2, which fixes a serious security vulnerability found in the EOS EVM. The EOS EVM contracts, EOS EVM nodes, and EOS EVM RPC components implemented by the EOS mainnet all need to be upgraded.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The public chain REI Network stated in a telegram announcement that its official Twitter account was hacked, do not believe the airdrop information, and wait for further notice. After checking, the Twitter account has deleted the airdrop-related information, but released a new tweet 2 hours ago, and the relevant official personnel in the Telegram group have not yet confirmed whether the latest tweet is a phishing link.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Hedera tweeted to disclose the details of the attack. The attacker attacked the smart contract service code of the Hedera main network and transferred the Hedera Token Service tokens held by some user accounts to their own accounts. The attackers targeted accounts used as liquidity pools on multiple DEXs migrated to use the Hedera Token Service using Uniswap V2-derived contract generations, including Pangolin Hedera, SaucerSwap, and HeliSwap. When attackers moved tokens obtained through the attack to a Hashport Network bridge, bridge operators detected the activity and acted quickly to disable it. To prevent attackers from stealing more tokens, Hedera shut down the mainnet proxy, which removes user access to the mainnet.
Amount of loss: $ 570,000 Attack method: Contract Vulnerability
Description of the event: As Coindesk reported, the Solana network experienced a fork event that limited users’ ability to execute transactions. According to Solana Explorer, the network was processing about 93 transactions per second at around 2AM ET today, well below the previous network rate of nearly 5000 TPS about 15 minutes ago. Such low throughput has prohibited users from performing activities such as on-chain transactions and transfers on Solana.
Amount of loss: - Attack method: Fork
Description of the event: Ethereum L2 protocol Loopring tweeted that it was hit by a large-scale DDoS attack. While the funds were not at risk, the service was down for 11 hours. Currently, domain access on the mobile app side has been reconfigured and the Loopring wallet service has been restored.
Amount of loss: - Attack method: DDoS Attack
Description of the event: In a tweet, @0xCrumbs disclosed that Dogechain was hacked yesterday, and the attackers exploited the vulnerability to mint 9.7 million $Doge (about $600,000) and transfer $316,000 through a cross-chain bridge. Currently 3 million remain in the starting wallet, in addition to $100,000 worth of USDC/ETH. Therefore, @0xCrumbs believes that yesterday's Dogechain maintenance was caused by the attack. SlowMist also tweeted that the attackers used Anyswap to bridge funds to the BSC and ETH chains, which were then transferred to Binance. But Dogechain officials tweeted that no funds were lost during the maintenance period.
Amount of loss: $ 600,000 Attack method: Contract Vulnerability
Description of the event: Public chain project Sui tweeted that its Discord server had been hacked, and asked users not to click on any links posted on the Discord server in the past 8 hours. According to some replies to the tweet, some users have already lost money by clicking on links posted by the hackers on Sui Discod.
Amount of loss: - Attack method: Discord was hacked
Description of the event: A large-scale incident of currency theft occurred on the Solana public chain, and a large number of users were transferred SOL and SPL tokens without their knowledge. According to SlowMist MistTrack statistics, more than 8,000 Solana wallets have been stolen so far. Assets are valued at approximately $4.5 million.
Amount of loss: $ 8,000,000 Attack method: Unknown
Description of the event: Polygon Chief Information Security Officer Mudit Gupta tweeted that two remote procedure call (RPC) interfaces of Polygon and Fantom were affected by a Domain Name System (DNS) hijacking attack on Friday. The reason was that a hacker hijacked Ankr's Domain Name System (DNS) to steal the user's seed stage, and Ankr quickly recovered the error and said no funds were lost.
Amount of loss: - Attack method: DNS Attack
Description of the event: Optimism and Wintermute both released announcements, disclosing to the community a loss of 20 million OP tokens. At the time of the release of OP tokens, Optimism entrusted Wintermute to provide liquidity services for OP in the secondary market. As part of the agreement, Optimism will provide Wintermute with 20 million OP tokens. To receive the tokens, Wintermute gave Optimism a multi-signature address, to which Optimism transferred 20 million OPs after Optimism test sent two transactions and Wintermute confirmed it was correct. After Optimism transferred the coins, Wintermute found that they had no way to control these coins, because the multi-signature addresses they provided were only deployed on the Ethereum mainnet for the time being and have not yet been deployed to the Optimism network. To gain control of these tokens, Wintermute immediately initiated remediation operations. However, attackers have already noticed this vulnerability and deployed multi-signature to this address on the Optimism network before Wintermute, successfully controlling the 20 million tokens. At present, the Optimism hacker has returned 17 million OP tokens and transferred 1 million OP to the Vitalik address, and Vitalik has returned the funds.
Amount of loss: 2,000,000 OP Attack method: Multi-signature address transfer vulnerability
Description of the event: The blockchain network Elrond is suspected of having a security breach, and hackers "obtained" nearly 1.65 million $EGLD "out of thin air" and sold it through the decentralized exchange Maiar. On June 8, Elrond founder and CEO Beniamin Mincu tweeted that the previous bug has been resolved, all funds and users are safe, and almost all stolen funds have been recovered.
Amount of loss: $ 113,000,000 Attack method: Virtual Machine Vulnerability
Description of the event: Sentinel founder Serpent tweeted that the first search result of the NFT trading platform X2Y2 on the Google search page was a scam website. It used the loopholes in Google ads to make the real website and the scam URL look exactly the same, and about 100 ETH had been stolen. . At present, the fake website has been removed after being reported by community members and exposed by the media. Users can directly enter x2y2.io to enter the official website.
Amount of loss: 100 ETH Attack method: Phishing Attack
Description of the event: Solana-based NFT team at Metaplex, a web application and deployment platform, discontinued the program section today, Solana shows the program deployment of its program section, when further stabilized, the Solana team will be used to deploy a bot to use it for Deploy a bot. When attempting to complete a test transaction, 0.01 SOL will be charged for labor. The collected penalty funds will be provided to the configuration account of the Candy Machine instance.
Amount of loss: - Attack method: Downtime