180 hack event(s)
Description of the event: On July 9, according to monitoring by MistTrack’s MistEye security system, the well-known decentralized trading platform GMX (@GMX_IO) suffered an attack, resulting in asset losses exceeding $42 million. Analysis indicates that the core of this attack lies in the exploitation of two features: the use of leverage when the Keeper system executes orders, and the update mechanism where the global average price adjusts during shorting operations but does not update when closing short positions. Leveraging these mechanics, the attacker conducted a reentrancy attack to create large short positions, manipulating the global short average price and the size of the global short position. This, in turn, artificially inflated the price of GLP, which the attacker then redeemed for profit.
Amount of loss: $ 42,000,000 Attack method: Reentrancy Attack
Description of the event: The Iran-based Nobitex cryptocurrency exchange suffered a $90 million hack, and the attacker has also promised to imminently release data and source code from the platform. The hacking group appears to have burned the crypto assets, effectively destroying them rather than taking them for their own profits. Gonjeshke Darande (also "Predatory Sparrow"), a hacking group with links to Israel, claimed responsibility for the theft, accusing the platform of serving as a "key regime tool" to finance terror and violate sanctions.
Amount of loss: $ 90,000,000 Attack method: Unknown
Description of the event: On May 22, according to community reports, the SUI ecosystem’s liquidity provider Cetus Protocol was reportedly attacked. Liquidity pool depth dropped sharply, and multiple token pairs on Cetus experienced significant price declines. The estimated losses exceed $230 million. The project announced shortly after that $162 million of the funds had been frozen.
Amount of loss: $ 230,000,000 Attack method: Contract Vulnerability
Description of the event: On May 16th, Demex's lending market Nitron was exploited, resulting in a loss of $950,559 in user funds. According to Demex's post-incident analysis, the root cause of the exploit was a donation-based oracle manipulation attack targeting the deprecated dGLP vault.
Amount of loss: $ 950,559 Attack method: Oracle Attack
Description of the event: According to on-chain investigator ZachXBT, crypto exchange BitoPro was reportedly hacked on May 8, 2025, resulting in losses of approximately $11.5 million. The attacker drained assets from BitoPro’s hot wallets on Tron, Ethereum, Solana, and Polygon, then sold them via DEXs. The stolen funds were subsequently laundered through Tornado Cash or bridged via Thorchain to the Bitcoin network, eventually ending up in a Wasabi Wallet. BitoPro stated that the tactics used in this incident closely resemble those seen in several major international cases, attributing the attack to the North Korean hacking group Lazarus.
Amount of loss: $ 11,500,000 Attack method: Malicious Software
Description of the event: Hyperliquid's X account is suspected to have been compromised. Please do not trust any content it posts or click on any links, to avoid potential losses.
Amount of loss: - Attack method: Account Compromise
Description of the event: The decentralized perpetual futures exchange KiloEx was attacked, involving assets across multiple chains including BNB and Base. According to an analysis by the SlowMist Security Team, the root cause of the incident was the lack of access control checks in KiloEx's top-level contract (MinimalForwarder), which allowed the manipulation of oracle prices. Thanks to the active response from the project team and collaboration with SlowMist and others, all stolen assets were successfully recovered after 3.5 days of effort.
Amount of loss: $ 8,440,000 Attack method: Contract Vulnerability
Description of the event: An attacker exploited a smart contract belonging to the 1inch DEX aggregator, stealing $5 million in the USDC stablecoin and wETH. According to the platform, the vulnerability existed in "smart contracts using the obsolete Fusion v1 implementation", and the stolen funds belonged to resolvers (that is, entities that fulfill 1inch orders) rather than users.
Amount of loss: $ 5,000,000 Attack method: Contract Vulnerability
Description of the event: On February 21, 2025, on-chain investigator ZachXBT revealed a large-scale outflow of funds from the Bybit platform, resulting in the theft of over $1.46 billion.
Amount of loss: $ 1,460,000,000 Attack method: Supply Chain Attack
Description of the event: JupiterDAO confirmed on X that the official Jupiter X account (@JupiterExchange) has been compromised. Users are advised not to click on any links or copy-paste any contract addresses.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Singapore-based Phemex cryptocurrency exchange's hot wallets were hacked, resulting in a loss of approximately $70 million.
Amount of loss: $ 70,000,000 Attack method: Unknown
Description of the event: The peer-to-peer cryptocurrency trading platform NoOnes suffered a major security breach earlier this month. CEO Ray Youssef explained that the breach occurred on January 1st due to an exploit involving their Solana bridge.
Amount of loss: $ 7,900,000 Attack method: Security Vulnerability
Description of the event: Clober DEX liquidity vault on Base Network was exploited resulting in a loss of 133.7 ETH (~$501k). The root cause of the attack was a reentrancy vulnerability in the _burn() function of the Rebalancer contract.
Amount of loss: $ 501,000 Attack method: Contract Vulnerability
Description of the event: According to Clipper's post-mortem, on December 1, 2024, an attacker exploited a vulnerability in a smart contract used by Clipper, manipulating the single-asset deposit and withdrawal feature. This manipulation affected the liquidity pools on the Optimism and Base networks, causing an imbalance that allowed the attacker to withdraw more assets than they had deposited. The attack resulted in a loss of approximately $457,878.
Amount of loss: $ 457,878 Attack method: Contract Vulnerability
Description of the event: The cryptocurrency exchange XT has reportedly fallen victim to a hacking incident, resulting in the loss of approximately $1.7 million worth of crypto assets. The hacker has converted the funds into 461.58 ETH and deposited them into the address 0xB43f…8F83.
Amount of loss: $ 1,700,000 Attack method: Unknown
Description of the event: SUNRAY FINANCE experienced a private key compromise, allowing the exploiter to gain control of the SUN and ARC tokens and sell them off, draining the funds from DEX pairs. So far, the attacker has stolen approximately $2.855 million.
Amount of loss: $ 2,855,000 Attack method: Private Key Leakage
Description of the event: According to on-chain detective ZachXBT on his personal channel, cryptocurrency exchange M2 was hacked, resulting in the theft of approximately $13 million from several on-chain hot wallets.
Amount of loss: $ 13,700,000 Attack method: Unknown
Description of the event: During a routine GM token burn, Aark Digital encountered a callback error due to a third-party contract modification. To resolve this, Aark Digital initiated a contract upgrade and GM delisting to adjust affected user balances. Users holding GM were required to convert GM to USDC. Aark Digital ran a script to process these conversions, receiving inputs like target user, amount, token address, and decimals from event data. While executing, a single user’s USD Value shifted erroneously from 0.498942 to 498,942 * (10 ^ 12), due to an incorrect balance update (not from a deployed contract error). Exploiting this security vulnerability, the attacker caused Aark Digital a loss of 1,499,841 USDC and 159.09 ETH.
Amount of loss: $ 1,900,000 Attack method: Incorrect Balance Update
Description of the event: Scroll-based DEX protocol Ambient Finance announced on X platform that their domain has been hijacked. Until further notice, please do not interact with the Ambient Finance frontend.
Amount of loss: - Attack method: DNS Attack
Description of the event: According to the announcement from BingX, at around 4 AM Singapore time on September 20, BingX's security systems detected an unauthorized intrusion targeting one of their hot wallets.
Amount of loss: $ 45,000,000 Attack method: Unknown