351 hack event(s)
Description of the event: The @PANewsCN X account has been compromised. Do not click on any recent links or interact with its posts. Please wait for an official update.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to monitoring by Scam Sniffer, the front end of CoinTelegraph has been hacked—exercise caution. Reportedly, clicking the CoinTelegraph website triggers a pop-up containing “airdrop” information that cannot be closed within the page.
Amount of loss: - Attack method: Frontend Attack
Description of the event: According to monitoring by Scam Sniffer, the front end of CoinMarketCap has been compromised. Users are advised to remain vigilant. Following an investigation, CoinMarketCap confirmed that a total of 76 accounts were affected, with losses amounting to $21,624.47. The platform has pledged to fully reimburse the impacted users.
Amount of loss: $ 21,624 Attack method: Frontend Attack
Description of the event: The private key of a wallet with minting privileges for Web3 security firm Hacken’s native token, HAI, was leaked. According to Hacken, the incident was caused by “human error during architectural changes.” After gaining access to the key, the attacker minted approximately 900 million HAI tokens on Ethereum and BNB Chain—nearly doubling the total supply. While the attacker only profited around $250,000, the exploit caused the token price to plummet by roughly 97%.
Amount of loss: $ 250,000 Attack method: Private Key Leakage
Description of the event: a16z stated on social media:“Earlier today, our X account was briefly compromised. During that time, the account promoted a token and other fake content — none of which originated from a16z. Apologies for any confusion caused by the clowns who temporarily took over our account."
Amount of loss: - Attack method: Account Compromise
Description of the event: Mehdi Farooq, a partner at crypto VC firm Hypersphere, disclosed on X that he fell victim to a fake Zoom meeting phishing attack, resulting in the draining of six crypto wallets and the loss of his savings accumulated over several years. The attack began when an acquaintance, “Alex Lin,” reached out via Telegram to schedule a meeting. Citing compliance reasons, the attacker convinced Farooq to switch to Zoom Business and tricked him into downloading a malicious update.
Amount of loss: - Attack method: Social Engineering
Description of the event: Echo Protocol, a project built on the Bitcoin ecosystem, has experienced a compromise of its official X (formerly Twitter) account. Users are advised to refrain from interacting with any recent posts or links and to await official updates through verified channels.
Amount of loss: - Attack method: Account Compromise
Description of the event: On June 6, 2025, ALEX Protocol was attacked due to a vulnerability in its on-chain self-listing verification logic, which is constrained by limitations on Stacks. As a result, multiple asset pools were drained, with total losses amounting to approximately $8.37 million.
Amount of loss: $ 8,370,000 Attack method: Contract Vulnerability
Description of the event: The vulnerability originated in the Migrator.sol contract. The contract allowed the Mendi Comptroller address to be passed dynamically, rather than being hardcoded. This enabled the attacker to supply their own malicious Comptroller, mint a synthetic position on Malda, and withdraw approximately $285,000.
Amount of loss: $ 285,000 Attack method: Contract Vulnerability
Description of the event: According to monitoring by SlowMist, Usual Protocol suffered a sophisticated arbitrage attack. The attacker exploited a price discrepancy between the protocol’s internal mechanisms and external markets. The core issue lay in the Vault system, which allowed a fixed 1:1 exchange between USD0++ and USD0—despite the two tokens trading at different prices on decentralized exchanges. The attacker strategically created a custom liquidity pool and manipulated the transaction path to trick the Vault into releasing USD0 tokens without receiving the expected sUSDS collateral. These USD0 tokens were then sold on external markets at prices higher than the internal rate, allowing the attacker to profit through arbitrage.
Amount of loss: $ 42,800 Attack method: Contract Vulnerability
Description of the event: The English football club @SheffieldUnited has confirmed that its official X account was hacked. The attacker posted a Solana token address.
Amount of loss: - Attack method: Account Compromise
Description of the event: Cointelegraph’s official X account was reportedly compromised and used to send phishing links to contributors on the platform. Crypto KOL @thedefiedge reported receiving a DM from the account, asking him to review an article that allegedly mentioned him. When he clicked the link in a private browsing window, it prompted an X login — but the domain was “Cointetegraph,” a misspelled version of Cointelegraph. Previously, there were also market reports that Cointelegraph’s account had posted an on-chain token contract and disabled comments. That post has since been deleted.
Amount of loss: - Attack method: Account Compromise
Description of the event: TRON DAO stated on X that its account was compromised on May 2, 2025, at 9:25 AM PST. During the breach, an unauthorized party published a post containing contract address, sent private messages, and followed several unknown accounts.
Amount of loss: - Attack method: Account Compromise
Description of the event: The open-source data visualization tool Grafana has responded to a recent attack, stating that the attacker forked a Grafana repository, executed a curl command to inject malicious code, and exported environment variables into a file encrypted with a private key, thereby stealing access tokens. The attacker then deleted the fork to conceal their activity. Using the compromised credentials, the attacker replicated the attack against four private repositories. This unauthorized access was limited to automation systems and did not affect production environments or release artifacts. Based on the attack behavior, the goal appeared to be token theft and stealthy persistence for future use.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: The official X account of AI blockchain project DIN (@din_lol_) has been compromised by a hacker. Current posts from the account are not from the official team, and users are advised not to click any links or engage with related content. Additionally, the X accounts of DIN founder Harold and the DIN Foundation (@Foundation_DIN) have also been hijacked. The DIN team is actively addressing the incident and urges users to rely on official channels for further updates.
Amount of loss: - Attack method: Account Compromise
Description of the event: Jake Gallen, CEO of digital asset trading platform Emblem Vault, was hacked after a suspicious Zoom video call, resulting in the loss of over $100,000 worth of Bitcoin and Ethereum. The attacker posed as a YouTube content creator with over 90,000 subscribers and exploited Zoom’s default remote access settings during the interview to install malicious software named “GOOPDATE” on Gallen’s computer.
Amount of loss: $ 100,000 Attack method: Social Engineering
Description of the event: According to an announcement from blockchain payment platform UPCX, unauthorized activity was detected in its management accounts. As a precaution, the platform has urgently suspended UPC deposits and withdrawals. The official statement assures that user assets remain unaffected, and an active investigation is underway to determine the cause of the incident, with further updates to follow. Earlier reports suggested that an unauthorized party had accessed UPCX’s official addresses. The attacker allegedly transferred a total of 18.4 million UPC (approximately $70 million) from three management accounts. On April 4, UPCX posted on Twitter that, despite differing reports from various sources, the project still retains control over 18,473,290 UPC. While the suspicious activity remains under investigation, the project team will proceed with the transfer of the relevant UPC at approximately 09:00 UTC on April 4, 2025.
Amount of loss: $ 70,000,000 Attack method: Unknown
Description of the event: According to an official announcement from DeFi asset management protocol Zapper, its .fi domain was hijacked via social engineering. The current zapper(.fi) page is malicious and should be avoided — users are strongly advised not to click on any related links.
Amount of loss: - Attack method: Domain Hijacking
Description of the event: RWA restaking platform Zoth suffered a $8.29 million hack after an attacker gained access to admin privileges that allowed them to modify the platform's smart contracts. The hacker "upgraded" the contract to a malicious version, then withdrew $8.45 million in USD0++, a token issued by the Usual protocol. After swapping the assets into various other tokens, they were left with 4,223 ETH (~$8.29 million).
Amount of loss: $ 8,290,000 Attack method: Private Key Leakage
Description of the event: The media platform Watcher.Guru, which focuses on cryptocurrency and financial market news, posted on X that its account was hacked today. Watcher.Guru is still investigating the specific method of the breach and has contacted X's official team for further clarification.
Amount of loss: - Attack method: Account Compromise