428 hack event(s)
Description of the event: The official ether.fi Discord was hacked, and fraudulent messages containing scam links were posted. ether.fi urges users not to interact with any links within the Discord.
Amount of loss: - Attack method: Account Compromise
Description of the event: On May 28, SlowMist detected potential suspicious activity related to Cork Protocol. According to the SlowMist security team’s analysis, the root cause of the attack was the lack of strict validation on user-supplied data, allowing the protocol’s liquidity to be manipulated and transferred to unintended markets, which attackers then exploited to perform unauthorized redemptions and profit illegally.
Amount of loss: $ 12,000,000 Attack method: Contract Vulnerability
Description of the event: Zunami Protocol has reported a hack in which the collateral for zunUSD and zunETH was stolen, resulting in a loss of approximately $500,000. The attacker has transferred the stolen funds to Tornado Cash.
Amount of loss: $ 500,000 Attack method: Unknown
Description of the event: Curve Finance’s official website and X account were compromised in quick succession. On May 5, attackers first took control of the project’s X account and used it to post a phishing message promoting a fake airdrop. Then on May 12, the project issued a warning that the Curve frontend had been “hijacked,” in what appeared to be a domain takeover incident.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to the SlowMist MistEye security monitoring system, Aventa, which specializes in creating intuitive Web3 utilities for the crypto community, appears to have been attacked, resulting in a loss of approximately 3.9 ETH.
Amount of loss: $ 7,000 Attack method: Flash Loan Attack
Description of the event: On April 26, 2025, lending protocol Term Labs introduced an internal inconsistency in decimal precision during an update to the tETH oracle, resulting in incorrect pricing of the tETH asset within the protocol. This mispricing triggered unintended liquidations, affecting approximately 918 ETH. The incident stemmed from human error during a sensitive system upgrade — a failure in operational execution rather than a flaw in the code or smart contracts. Through rapid response and negotiation efforts, Term Labs successfully recovered around 556 ETH, reducing the final net protocol loss to 362 ETH (approximately $650,000).
Amount of loss: $ 1,650,000 Attack method: Human Error
Description of the event: R0AR has been exploited, with total losses amounting to approximately $780K. According to analysis by the SlowMist security team, the root cause of the exploit was the presence of a backdoor in the contract. During deployment, the R0ARStaking contract altered the balance (user.amount) of a specified address by directly modifying storage slots. Subsequently, the attacker extracted all funds from the contract through an emergency withdrawal function. R0AR stated in a tweet: “At this stage, we do not believe this to be an external exploit. One nefarious developer, external to the R0AR core team, is seemingly behind the drain. They have been removed from the project with all accesses revoked.”
Amount of loss: $ 780,000 Attack method: Insider Manipulation
Description of the event: According to the SlowMist MistEye security monitoring system, a MEV bot (address: 0x49e27d11379f5208cbb2a4963b903fd65c95de09) has lost approximately 116.7 ETH due to a lack of access control.
Amount of loss: $ 210,000 Attack method: Lack of Strict Access Control
Description of the event: According to the SlowMist MistEye security monitoring system, the leveraged trading project SIR.trading (@leveragesir) on the Ethereum chain has been attacked, resulting in a loss of over $300,000 in assets. The root cause of this hack is that the transiently stored value set using tstore in the function was not cleared after the function call ended. This allowed the attacker to exploit this characteristic by constructing specific malicious addresses to bypass permission checks and transfer tokens.
Amount of loss: $ 355,000 Attack method: Contract Vulnerability
Description of the event: An attacker using a flash loan attack stole $13 million in the Magic Internet Money token from the Abracadabra Money project. The attack was enabled by a bug in the platform's smart contracts, and the hacker ultimately made off with around 6,262 ETH.
Amount of loss: $ 13,000,000 Attack method: Contract Vulnerability
Description of the event: An attacker exploited a smart contract belonging to the 1inch DEX aggregator, stealing $5 million in the USDC stablecoin and wETH. According to the platform, the vulnerability existed in "smart contracts using the obsolete Fusion v1 implementation", and the stolen funds belonged to resolvers (that is, entities that fulfill 1inch orders) rather than users.
Amount of loss: $ 5,000,000 Attack method: Contract Vulnerability
Description of the event: The crypto-focused stablecoin neobank Infini was attacked, with the attacker gaining access to a wallet with admin rights and stealing nearly $50 million from the company.
Amount of loss: $ 50,000,000 Attack method: Lack of Strict Access Control
Description of the event: Moonray's Discord was Compromised, and the attackers posted fraudulent airdrop messages. Users are advised to stay cautious and aware of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: On January 13, 2025, the SlowMist MistEye security monitoring system detected an attack on UniLend, resulting in a loss of ~$197K.
Amount of loss: $ 197,600 Attack method: Contract Vulnerability
Description of the event: Sorra was suspected to have been attacked on ETH, resulting in an approximate loss of $43K.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The official X account of the RWA lending protocol Centrifuge was compromised, and fake information was posted.
Amount of loss: - Attack method: Account Compromise
Description of the event: LAURA was suspected to have been attacked on ETH, resulting in an approximate loss of $48.2K.
Amount of loss: $ 48,200 Attack method: Contract Vulnerability
Description of the event: The FEG project suffered an attack resulting in a loss of approximately $1 million. Analysis suggests that the root cause of the incident appears to be a composability issue arising from the integration with the underlying Wormhole cross-chain bridge, which facilitates cross-chain message and token transfers.
Amount of loss: $ 1,000,000 Attack method: Security Vulnerability
Description of the event: A series of exploiting transactions on Ethereum targeting the liquidity pool of the HarryPotterObamaSonic10Inu 2.0 token. The attacker profited approximately $243K and deposited the funds into Tornado.
Amount of loss: $ 243,000 Attack method: Price Manipulation
Description of the event: Arata tweeted that the Arata ecosystem and CEX wallet have been exploited. The hacker managed to sell a significant portion of the tokens.
Amount of loss: - Attack method: Unknown