65 hack event(s)
Description of the event: The parallel-execution EVM public chain Artela announced on the X platform that their official Discord was hacked today. The attacker took control of the Discord channel and spread fake airdrop messages. The team took immediate action, removed the fraudulent posts, and the Discord has now been restored.
Amount of loss: - Attack method: Account Compromise
Description of the event: Terra blockchain experienced a security breach that led to the theft of tokens. The attackers exploited a known vulnerability related to the third-party module IBC hooks, stealing the value of cross-chain assets, including USDC stablecoins and Astroport tokens. The Terra team has taken emergency measures to prevent further losses and coordinated with validators to apply a patch to fix the vulnerability. According to Zaki Manian, co-founder of Sommelier Finance, although the vulnerability was patched in the Cosmos ecosystem back in April, Terra did not include this patch in their June upgrade, resulting in the vulnerability being re-exposed and exploited.
Amount of loss: $ 5,280,000 Attack method: Third-party Vulnerability
Description of the event: On July 26, 2024, Casper Network was attacked. Following the attack, Casper Network tweeted that they had worked with validators to pause the network in order to minimize the impact of the security vulnerability until it could be patched. According to the preliminary report released by Casper Network on July 31, 13 wallets were affected in this incident. The total amount of illicit transactions is estimated to be around $6.7 million. Casper Network discovered that malicious actors exploited a vulnerability that allowed a contract installer to bypass access rights checks on urefs, enabling them to grant the contract access to uref-based resources. This privilege escalation facilitated unauthorized access, including the ability to transfer tokens.
Amount of loss: $ 6,700,000 Attack method: Security Vulnerability
Description of the event: According to Cointelegraph, the Twitter account of American actress Sydney Sweeney was hacked, with now-deleted posts promoting a crypto token bearing her name in an apparent pump-and-dump scheme.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to community feedback, the official Discord server of Merlin Chain appears to have been targeted in a hacker attack, where a management account posted a notification containing a phishing link.
Amount of loss: - Attack method: Discord was hacked
Description of the event: On February 18th, Starcoin, a project within the Move ecosystem, tweeted that they detected abnormal activities on their network that required immediate attention to safeguard the integrity and security of the system. As a precautionary measure, Starcoin has temporarily suspended our network to conduct a thorough investigation together with SlowMist.
Amount of loss: - Attack method: Unknown
Description of the event: Klaytn, the South Korean public blockchain, tweeted a reminder to users that its official Discord server has been attacked. Until further notice, please refrain from clicking on any links or interacting with any posts. The team is currently working to remove malicious bots and regain control.
Amount of loss: - Attack method: Account Compromise
Description of the event: Blockchain network Everscale said that a large number of EVER tokens have been stolen and they are working closely with exchanges where EVER is listed in order to stop any further outflow of tokens. To halt the actions of those responsible, they have temporarily disconnected Octus Bridge.
Amount of loss: - Attack method: Unknown
Description of the event: According to official sources, a bug in Arbitrum's sequencer code previously caused a brief outage in the network's batch transaction submission feature, which prevented transactions from being confirmed on the main chain. The bug has since been fixed and the bulk transaction submission feature has been restored.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: DWallet Labs discovered a zero-day vulnerability in TRON multi-signature accounts that put more than $500 million in digital assets at risk. What about the threshold and number of signers defined in the account. The bug has now been disclosed and fixed, so no user assets are now at risk.
Amount of loss: - Attack method: Multisig Vulnerability
Description of the event: Fede's Intern, a contributor to the venture capital studio LambdaClass, said on Twitter that it found that Aleo, a programmable privacy network, had an inflation loophole and used the first loophole to stop block production, and contacted the Aleo team by email. Following an open discussion on the Zero Knowledge Podcast, Aleo CEO and Zero Knowledge Podcast contributor Alex Pruden stepped in and the bug is now fixed.
Amount of loss: - Attack method: Inflation Vulnerability
Description of the event: Blockchain security researcher iczc tweeted that a vulnerability was found in Polygon zkEVM and received a bug bounty from Immunefi L2. The vulnerability prevents asset migration from L1 to L2 by preventing assets bridged from L1 to Polygon zkEVM (L2) from being properly claimed in L2. iczc found in the code logic of processing claim tx pre-execution results that malicious attackers can bypass the "isReverted" pre-execution check on claim transactions by setting the gas fee to non-zero, allowing them to send a large number of Low-cost claims DoS attacks on sequencers and validators, increasing computational overhead. Also, transactions are not immediately removed from the pool after execution. The status is updated from Pending to Selected and continues to exist in the PostgreSQL database. Currently, there is only one trusted sequencer capable of fetching transactions from the transaction pool and executing them. Therefore, another vulnerability is to maliciously mark any deposit amount by sending a failed transaction. This will cause claim transactions that correctly use credits to be rejected because the credits are already used. This makes the L2 network unusable for new users. The Polygon zkEVM team fixed this vulnerability by removing the specific gas logic for claiming transactions, with no funds at risk.
Amount of loss: - Attack method: Logic Vulnerability
Description of the event: On May 19, Blockworks Research stated on Twitter that the Bitcoin Layer 2 network Stacks has experienced several obstacles in the past few months: 1. There is a serious loophole in the STX "stacking" mechanism; 2. Confused review It becomes common during Stacks mining; 3. Stacks chain block reorganization is more common.
Amount of loss: - Attack method: Block Reorganization
Description of the event: The EOS Network Foundation tweeted that the EOS EVM has released version v0.4.2, which fixes a serious security vulnerability found in the EOS EVM. The EOS EVM contracts, EOS EVM nodes, and EOS EVM RPC components implemented by the EOS mainnet all need to be upgraded.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The public chain REI Network stated in a telegram announcement that its official Twitter account was hacked, do not believe the airdrop information, and wait for further notice. After checking, the Twitter account has deleted the airdrop-related information, but released a new tweet 2 hours ago, and the relevant official personnel in the Telegram group have not yet confirmed whether the latest tweet is a phishing link.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Hedera tweeted to disclose the details of the attack. The attacker attacked the smart contract service code of the Hedera main network and transferred the Hedera Token Service tokens held by some user accounts to their own accounts. The attackers targeted accounts used as liquidity pools on multiple DEXs migrated to use the Hedera Token Service using Uniswap V2-derived contract generations, including Pangolin Hedera, SaucerSwap, and HeliSwap. When attackers moved tokens obtained through the attack to a Hashport Network bridge, bridge operators detected the activity and acted quickly to disable it. To prevent attackers from stealing more tokens, Hedera shut down the mainnet proxy, which removes user access to the mainnet.
Amount of loss: $ 570,000 Attack method: Contract Vulnerability
Description of the event: As Coindesk reported, the Solana network experienced a fork event that limited users’ ability to execute transactions. According to Solana Explorer, the network was processing about 93 transactions per second at around 2AM ET today, well below the previous network rate of nearly 5000 TPS about 15 minutes ago. Such low throughput has prohibited users from performing activities such as on-chain transactions and transfers on Solana.
Amount of loss: - Attack method: Fork
Description of the event: Ethereum L2 protocol Loopring tweeted that it was hit by a large-scale DDoS attack. While the funds were not at risk, the service was down for 11 hours. Currently, domain access on the mobile app side has been reconfigured and the Loopring wallet service has been restored.
Amount of loss: - Attack method: DDoS Attack
Description of the event: In a tweet, @0xCrumbs disclosed that Dogechain was hacked yesterday, and the attackers exploited the vulnerability to mint 9.7 million $Doge (about $600,000) and transfer $316,000 through a cross-chain bridge. Currently 3 million remain in the starting wallet, in addition to $100,000 worth of USDC/ETH. Therefore, @0xCrumbs believes that yesterday's Dogechain maintenance was caused by the attack. SlowMist also tweeted that the attackers used Anyswap to bridge funds to the BSC and ETH chains, which were then transferred to Binance. But Dogechain officials tweeted that no funds were lost during the maintenance period.
Amount of loss: $ 600,000 Attack method: Contract Vulnerability
Description of the event: Public chain project Sui tweeted that its Discord server had been hacked, and asked users not to click on any links posted on the Discord server in the past 8 hours. According to some replies to the tweet, some users have already lost money by clicking on links posted by the hackers on Sui Discod.
Amount of loss: - Attack method: Discord was hacked