394 hack event(s)
Description of the event: Moonray's Discord was Compromised, and the attackers posted fraudulent airdrop messages. Users are advised to stay cautious and aware of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: The SuperVerse X account was compromised and used to post a fraudulent airdrop claim containing a phishing link.
Amount of loss: - Attack method: Account Compromise
Description of the event: Sorra was suspected to have been attacked on ETH, resulting in an approximate loss of $43K.
Amount of loss: $ 43,000 Attack method: Contract Vulnerability
Description of the event: LAURA was suspected to have been attacked on ETH, resulting in an approximate loss of $48.2K.
Amount of loss: $ 48,200 Attack method: Contract Vulnerability
Description of the event: The FEG project suffered an attack resulting in a loss of approximately $1 million. Analysis suggests that the root cause of the incident appears to be a composability issue arising from the integration with the underlying Wormhole cross-chain bridge, which facilitates cross-chain message and token transfers.
Amount of loss: $ 1,000,000 Attack method: Security Vulnerability
Description of the event: A series of exploiting transactions on Ethereum targeting the liquidity pool of the HarryPotterObamaSonic10Inu 2.0 token. The attacker profited approximately $243K and deposited the funds into Tornado.
Amount of loss: $ 243,000 Attack method: Price Manipulation
Description of the event: Arata tweeted that the Arata ecosystem and CEX wallet have been exploited. The hacker managed to sell a significant portion of the tokens.
Amount of loss: - Attack method: Unknown
Description of the event: Vestra DAO tweeted that a hacker exploited a vulnerability in the locked staking contract, manipulating the reward mechanism to claim rewards exceeding their entitlement. As a result, a total of 73,720,000 VSTR tokens were stolen. The stolen tokens were gradually sold on Uniswap, causing approximately $500,000 in ETH liquidity losses.
Amount of loss: $ 500,000 Attack method: Contract Vulnerability
Description of the event: DeBox officially announced that due to the leakage of the private key of an operational account's personal EOA wallet, 31.03 ETH and 4.879 million BOX tokens were stolen.
Amount of loss: $ 275,000 Attack method: Private Key Leakage
Description of the event: Spectral tweeted that they received an alert about a vulnerability affecting certain tokens on the bonding curve contracts on Syntax, which was used to remove approximately $200K in liquidity.
Amount of loss: $ 250,000 Attack method: Contract Vulnerability
Description of the event: The Sweepr Token (SWEEPR) on ETH was suspected to have been attacked, resulting in a loss of approximately $14K.
Amount of loss: $ 14,000 Attack method: Contract Vulnerability
Description of the event: The vETH token suffered an attack, resulting in approximately $450K in losses.
Amount of loss: $ 450,000 Attack method: Price Manipulation
Description of the event: On November 8, a hacker breached the CoinPoker’s hot wallet, resulting in the unauthorized draining of approximately $2M USD. The attack spanned across multiple blockchain networks, including BNB Chain, Ethereum, and Polygon networks. Later, it funneled through Tornado Cash to obscure the trail and to launder the funds.
Amount of loss: $ 2,000,000 Attack method: Third-party Vulnerability
Description of the event: The official X account of Eigenlayer, the Ethereum re-staking protocol, is suspected to have been hacked. The hacker has posted a fake phishing link; please do not interact with it.
Amount of loss: - Attack method: Account Compromise
Description of the event: ZK startup Lagrange's X account has been allegedly compromised, and a scam link related to the LGR token has been posted. Please stay vigilant and be cautious of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to meme coin KOL Murad (@MustStopMurad), the official X account of SPX6900 (SPX) has been hacked. Users are advised not to click any links.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the staking protocol Symbiotic has been suspected of being hacked. The hacker has already posted a fake phishing link. Please do not interact with it.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Fire ($FIRE) token on Ethereum was exploited just 24 seconds after its launch, resulting in the theft of 9 ETH (approximately $24,000). The root cause was related to the token burn mechanism within the transfer() function.
Amount of loss: $ 2,4000 Attack method: Contract Vulnerability
Description of the event: According to on-chain sleuth ZachXBT, the project Truflation was hacked a few hours ago for $5M+ on multiple chains from the treasury multisig and personal wallets.
Amount of loss: $ 5,600,000 Attack method: Malware Attack
Description of the event: Onyx protocol suffered a security breach, resulting in a loss of over $3.8 million. The attacker exploited a known precision issue in the Compound V2 code. Additionally, the NFTLiquidation contract failed to properly validate untrusted user input, allowing the attacker to inflate the self-liquidation reward amount, which further worsened the losses.
Amount of loss: $ 3,800,000 Attack method: Contract Vulnerability