136 hack event(s)
Description of the event: A spokesperson for Floating Point Group (FPG), a trading platform for crypto institutions, said it was hit by a cyber attack on June 11 and has lost between $15 million and $20 million in cryptocurrency. fpg has taken security measures and successfully obtained SOC 2 certification after hiring external auditors to conduct a series of cybersecurity audits and penetration tests last December. After the security breach was discovered, FPG froze all third-party accounts and implemented protective measures for all wallets. The company's account isolation measures limited the overall impact of the attack.
Amount of loss: $ 20,000,000 Attack method: Security Vulnerability
Description of the event: Nigerian gift card and cryptocurrency trading platform Patricia revealed on May 26 that hackers compromised its retail trading app, resulting in an undisclosed amount of BTC and naira assets being compromised, News.bitcoin reported. Other cryptocurrency balances were not affected and assets belonging to their customers and merchants remained safe. Patricia said it had stopped processing withdrawals and was "undergoing internal restructuring".
Amount of loss: - Attack method: Retail transaction app is compromised
Description of the event: The crypto exchange Kucoin stated that its official Twitter account was stolen for about 45 minutes from 00:00 on April 24 (UTC+2) on the 24th, and the attacker posted false activities, causing multiple users to lose assets. As of 02:00 (UTC+2) on April 24, 22 transactions have been identified, including ETH/BTC related to fake activity, with a total value of 22,628 USDT. Kucoin will fully compensate all verified asset losses caused by social media leaks and fake activities.
Amount of loss: $ 22,628 Attack method: Twitter was hacked
Description of the event: Bitrue tweeted: We have identified a brief exploit in one of our hot wallets on 07:18 (UTC), 14 April 2023. We were able to address this matter quickly and prevented the further exploit of funds. The attackers were able to withdraw assets worth approximately 23M USD in ETH, QNT, GALA, SHIB, HOT and MATIC. The affected hot wallet only holds less than 5% of our overall funds. The rest of our wallets remain secure and have not been compromised.To conduct additional security checks, Bitrue will temporarily suspend all withdrawals and will reopen withdrawals on 18 April 2023. We seek your understanding and patience at this time. All identified users who are affected by this incident will be compensated in full.
Amount of loss: $ 23,000,000 Attack method: Wallet Stolen
Description of the event: South Korean cryptocurrency exchange GDAC said on its official website that it was hacked and lost nearly $13 million. On April 9, the hackers moved nearly $13 million, or 23 percent of their total custody assets, from the GDAC hot wallet to an unidentified wallet. Hackers stole nearly 61 bitcoins (BTC), 350.5 ethers (ETH), 10 million wemix tokens (WEMIX), and 220,000 USDT.
Amount of loss: $ 13,000,000 Attack method: Wallet Stolen
Description of the event: In its official Telegram channel, FTX said it had been compromised, instructing users not to install any new upgrades and to remove all FTX apps. Over $600 million stolen from FTX's crypto wallets.
Amount of loss: $ 600,000,000 Attack method: Telegram was hacked
Description of the event: Crypto derivatives exchange Deribit tweeted that $28 million in losses from Deribit’s hot wallet was stolen, but customer funds were safe and the losses were covered by company reserves. According to the analysis of SlowMist MistTrack, the loss included 6967.65 ETH, 691 BTC and about 3.41 million USDC, and then the attacker exchanged USDC for 2143.95 ETH.
Amount of loss: $ 28,000,000 Attack method: Wallet Stolen
Description of the event: SlowMist founder Cosine tweeted that Gate.io’s official Twitter account may have been hacked. Hackers sent phishing messages to trick users into visiting gąte[.]com. Once you click "Claim", the eth_sign signature phishing will appear, which may lead to the theft of related assets such as Ethereum.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: According to the X-explore blog, the hacker address starting with 0x1d37 is stealing GAS by exploiting the FTX vulnerability, minting XEN tokens 17,000 times at zero cost. The reason for this attack is that FTX does not limit the gas limit of the withdrawal transaction while the withdrawal fee is free. Instead, the estimateGas method is used to evaluate the handling fee. This method causes the GAS LIMIT to be mostly 500,000, which exceeds the default value of 21,000 by 24%. times.
Amount of loss: 81 ETH Attack method: Contract Vulnerability
Description of the event: The TokenStakingPoolDelegate contract updated by BXH after the last attack suffered another flash loan attack. The contract lost 40,085 USDT, and the attacker made a profit of 31,794 USDT after paying off the flash loan fee. After analysis, this attack is caused by the use of getReserves() in the contract's getITokenBonusAmount function to obtain the instantaneous quotation, so that the attacker can make a profit by manipulating the quotation.
Amount of loss: 40,085 USDT Attack method: Flash Loan Attack
Description of the event: According to the SlowMist security team, according to the BXH Stupid Kids team’s announcement on September 23, a total of $2.5 million worth of assets and 38 million BXH tokens were stolen the night before yesterday (September 21). According to the analysis and evaluation of SlowMist MistTrack, the private key of the original owner of the BXH VaultPool contract is suspected to be stolen, and the inCaseTokensGetStuck function is called to transfer the funds in the contract to the hacker's address. The hacker's address is 0x158f...e345. Up to now, the hacker has exchanged the stolen funds to the ETH chain across the chain, and further transferred all the stolen funds to Tornado Cash, with a total transfer amount of 1865 ETH.
Amount of loss: $ 2,500,000 Attack method: Private Key Leakage
Description of the event: The ZB exchange was hacked with a total loss of around $4.3 million. ZB has notified the community on August 2 that deposits and withdrawals will be suspended due to a "sudden failure". The reason is "Sudden failure of the core application". It's worth noting that the attack actually happened on August 1, but it was overshadowed by the overwhelming news of the Nomad exploit.
Amount of loss: $ 4,300,000 Attack method: Wallet Stolen
Description of the event: IRA Financial Trust, South Dakota’s self-directed retirement account provider, has filed a lawsuit against crypto trading platform Gemini Trust Company (Gemini), alleging huge losses to the IRA as a result of Gemini’s security glitch. In February 2022, $36 million in crypto assets held by Gemini and belonging to customer retirement accounts was stolen. The lawsuit also claims that Gemini did not have adequate safeguards to protect customers’ crypto assets, failed to freeze accounts immediately after the incident, and instead allowed criminals to continue to transfer funds from customer accounts on Gemini’s trading platform after the IRA notified Gemini Middle-to-outward transfer.
Amount of loss: $ 36,000,000 Attack method: Wallet Stolen
Description of the event: On February 8, the LockBit ransomware group claimed to have stolen substantial customer data from cryptocurrency exchange PayBito. PayBito is a cryptocurrency exchange operated by HashCash, a global blockchain, and IT services company. Some of the stolen data is published on the group's Tor leak site. In this cyberattack, the ransomware group successfully stole a database containing personal data information from more than 100,000 customers worldwide. In addition, the group also stole some email data and password hashes, some of which can easily be decrypted. To make matters worse, the gang also managed to steal the administrator's personal data, claiming that the stolen data would be released on February 21, 2022, if the ransom is not paid.
Amount of loss: - Attack method: Ransomware
Description of the event: On March 1, ZachXBT, an on-chain data analyst, tweeted: "Indian cryptocurrency exchange Bitbns concealed a $7.5 million hack from its users on February 1, 2022, and informed users that it was system maintenance." According to CryptoSlate, Bitbns CEO Gaurav Dahake admitted in an AMA session that the exchange had indeed been hacked. But Dahake claims the system was taken offline to analyze anomalies, not to hide hacking. He also said that exchanges improve their security systems after such incidents, and that Bitbns has been operating "seamlessly" since the attack. Still, Dahake would not confirm the amount of assets stolen from the exchange in the attack.
Amount of loss: $ 7,500,000 Attack method: Wallet Stolen
Description of the event: According to the Crypto.com investigation report, “On January 17, 2022, Crypto.com learned that a small number of users had made unauthorized withdrawals of cryptocurrencies on their accounts. Crypto.com immediately suspended all token withdrawals to initiate the investigation and remained open 24/7 Work to resolve the issue. No clients suffered loss of funds. In most cases we blocked unauthorized withdrawals and in all other cases clients were fully reimbursed. The incident affected 483 Crypto. com users. Unauthorized withdrawals totaled 4,836.26 ETH, 443.93 BTC and approximately $66,200 in other currencies.”
Amount of loss: $ 34,000,000 Attack method: Permission Stolen
Description of the event: The LCX exchange tweeted that LCX's technical team detected an unauthorized access on the LCX platform, nearly $8 million in encrypted assets were stolen, and about 60% were frozen.
Amount of loss: $ 8,000,000 Attack method: Wallet Stolen
Description of the event: According to the official announcement, some ERC-20, BSC and Polygon tokens of AscendEX were abnormally transferred out of the hot wallet of the exchange, and the cold wallet of AscendEX was not affected by this incident. It is estimated that Pinnacle AscendEX’s losses totaled US$77.7 million (of which US$60 million was on Ethereum, US$9.2 million was on BSC, and US$8.5 million was on Polygon).
Amount of loss: $ 77,700,000 Attack method: Wallet Stolen
Description of the event: The payment system of ONUS, the largest cryptocurrency trading platform in Vietnam, running a vulnerable version of Log4j suffered a cyber attack. Cyclos notified ONUS to repair the system on December 13, but it was too late. Although ONUS has fixed the security loopholes in the Cyclos instance, the window of loopholes allowed attackers to successfully steal data from sensitive databases. The stolen database contained nearly 2 million user data, including KYC (Know Your Customer) data, hashed passwords, etc. Subsequently, the attacker asked ONUS to pay a ransom of 5 million, otherwise the stolen data would be made public. On December 25, because ONUS did not pay the full ransom, the attackers sold customer data on the dark web data exchange market.
Amount of loss: - Attack method: Ransomware
Description of the event: BitMart founder and CEO Sheldon Xia tweeted to admit that a large-scale security breach occurred on the platform, and hackers were able to extract assets worth about US$150 million. The affected ETH hot wallet and BSC hot wallet carry a small amount of assets on BitMart, and the other wallets are safe and undamaged.
Amount of loss: $ 150,000,000 Attack method: Wallet Stolen