186 hack event(s)
Description of the event: On September 23, the Mixin Network cloud service provider database was attacked, the amount of funds involved was ~$200M.
Amount of loss: $ 200,000,000 Attack method: Unknown
Description of the event: On September 22nd, SlowMist tweeted that the website conducts phishing attacks by writing malicious MEV bot codes. Victims have deployed the code they copied from the site. However, there is a risk with the start and withdrawMoney functions in the code, which first calculate the hacker's address and later transfer the incoming funds directly after the user deploys the contract and calls it. The phishing website is https://unimevbot.com. The hacker's on-chain address is 0xfBcf33613A2609C050525395ec6885F6538fEC60.
Amount of loss: - Attack method: Phishing Attack
Description of the event: On September 20th, the Discord trading bot, None, posted an announcement stating that due to a critical exploit within their infrastructure. The team have lost a significant amount of funding, as well as the team tokens that were crucial for their operations. Furthermore, three core team members have left, rendering None unable to continue its operations. Users still have 30 days to withdraw their tokens and funds; thereafter, the project will be shut down.
Amount of loss: - Attack method: Infrastructure vulnerability
Description of the event: On September 17th, ThalaLabs' Twitter account was compromised, and a phishing website was posted, which is linked to a known wallet drainer.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: On September 17th, the OneMint Discord account was compromised. The attacker posted malicious links and shut down channels like support.
Amount of loss: - Attack method: Discord was hacked
Description of the event: Mark Cuban, a billionaire entrepreneur and owner of the Dallas Mavericks, fell victim to a hack on September 16th. Altogether, he was set back by around $870,000 across 10 cryptocurrencies. He said he moved his remaining funds to Coinbase custody.
Amount of loss: $ 870,000 Attack method: Wallet Stolen
Description of the event: Ether co-founder Vitalik Buterin's X account is suspected to have been hacked and posted a link (actually a phishing link) to a free Proto Danksharding Memorial NFT pickup related to ConsenSys. ZachXBT says the hackers have now stolen $700,000. Upon review, the tweet containing the phishing link has been removed.
Amount of loss: $ 700,000 Attack method: Twitter was hacked
Description of the event: The token GALA of the blockchain gaming platform Gala Game underwent a major upgrade on May 15, 2023, and the token contract address was updated. As a result, there are now two tokens in circulation, both called GALA. The price ratio of old GALA and normal GALA is 1:12. The attacker has been using old GALA tokens to deposit funds on various exchanges since July 27 this year to test fake deposits. At the same time, hackers were also involved in the LDO “fake top-up” incident and the Nomad Bridge attack last August. On September 6, hackers deposited old GALA tokens to CoinHub, successfully causing the exchange to treat the deposited old GALA tokens as normal GALA tokens. Then the hacker user withdrew the real GALA. Now there is only $168 worth of GALA left in the exchange hot wallet, and the hacker earned 2.7 ETH.
Amount of loss: 2.7 ETH Attack method: False top-up
Description of the event: According to reports, Cyberport Hong Kong was hacked and the information, company documents, identity documents and other information of start-up companies were obtained by hackers, totaling about 436 GB of company data. As can be seen in the post of X, an account that focuses on Internet security, the hacker's website asked for about US$300,000 (approximately HKD 2.35 million) for the stolen information. On September 6, Hong Kong Cyberport responded to a cyber security incident suspected of being hacked, saying that Cyberport had discovered a cyber security incident involving an unauthorized third party intruding into some of Cyberport's computer systems. Cyberport is very concerned about the incident and has immediately taken action to control it, including handling the alarm and shutting down the affected computer equipment. It has also quickly launched a detailed investigation with the assistance of independent cybersecurity experts. Cyberport has also notified the relevant authorities and the Office of the Privacy Commissioner for Personal Data in Hong Kong.
Amount of loss: - Attack method: Information Leakage
Description of the event: The encrypted gambling platform Stake.com has been attacked, including the ETH/Polygon/BSC chain, and the loss has reached 41 million US dollars. On September 5, Stake co-founder Edward Craven confirmed the hack but said the platform’s private keys had not been compromised. Craven said the attack was a "sophisticated breach" that targeted the company's services used to authorize transactions on the Ethereum, Polygon and BNB Chain blockchains. On September 6, the US Federal Bureau of Investigation (FBI) stated that the North Korean hacker group Lazarus Group was responsible for the Stake.com attack.
Amount of loss: $ 41,000,000 Attack method: Wallet Stolen
Description of the event: A Brazilian YouTuber, Ivan Bianco, accidentally leaked the mnemonic of his cryptocurrency wallet during a live stream on his Fraternidade Crypto channel, resulting in the theft of nearly $60,000 worth of cryptocurrency and a batch of NFTs. Fraternidade Crypto has around 34,000 subscribers on YouTube. During the live broadcast, Bianco opened a file recording the mnemonic phrase, which allowed an unknown person to take control of his wallet and steal its funds. Bianco reported the incident to police after missing the funds. He also claimed that an unidentified man contacted him on Discord after the funds were stolen. The anonymous person identified himself as the money thief and expressed regret for his actions before hanging up and leaving. After the call ended, the wallet that stole most of the funds returned a total of approximately $50,000 worth of crypto assets to Bianco.
Amount of loss: $ 10,000 Attack method: Mnemonic Leakage
Description of the event: On September 1, community users discovered that Gitcoin’s official X account was suspected to have been stolen. The thief had used the account to post some phishing information. On September 9, Gitcoin tweeted that it had regained access to the official Twitter account. In the details of the incident later released by the official, Gitcoin stated that it still did not know how the thief bypassed the 2FA verification, but it would continue to investigate and implement stricter security measures in the future.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The private key of the BitBrowser browser user was suspected to be leaked, and many members of the encryption community reported that the private key was stolen. BitBrowser issued a notice, admitting that the cached data of the server may have been invaded, and the case has been reported. Users whose wallets have enabled extended data synchronization are at risk of being stolen. It is recommended to take immediate measures to transfer wallet assets. Cos, the founder of SlowMist, said on Twitter that the leakage of the private key of BitBrowser users has caused at least $520,000 in losses.
Amount of loss: $ 520,000 Attack method: Private Key Leakage
Description of the event: NFT collector SOL Big Brain lost about $1.5 million. Attackers compromised the Telegram account of a portfolio company founder and used it to send messages to SOL Big Brain, which double-checked that the sender was indeed the company founder and followed instructions. However, the attackers have set up a contract that uses wallets that allow phishing to drain SOL Big Brain. He lost $740,000 in stablecoins, $550,000 in ETH, and $200,000 in GEAR tokens.
Amount of loss: $ 1,500,000 Attack method: Phishing Attack
Description of the event: Bankruptcy claims agency Kroll experienced a cybersecurity incident that resulted in the disclosure of non-sensitive customer data of certain claimants in pending bankruptcy cases, FTX said on X Platforms. FTX's own system is not affected by this incident. BlockFi claimant data was also compromised in the incident. On August 26, FTX issued a document stating that in response to the Kroll cybersecurity incident, FTX has taken precautionary measures to temporarily freeze the affected user accounts in the customer claims portal.
Amount of loss: - Attack method: Information Leakage
Description of the event: Harbor Protocol, the Cosmos ecological cross-chain stablecoin protocol, tweeted that Harbor Protocol was exploited, causing stablecoin minting and part of the funds in stOSMO, LUNA and WMATIC vaults to be depleted. From the information gathered so far, the attackers used the following address to perform all operations: comdex1sma0ntw7fq3fpux8suxkm9h8y642fuqt0ujwt5. Harbor Protocol lost 42,261 LUNA, 1,533 CMDX, 1,571 stOSMO, and 18,600,000,000,000,000 WMATIC-WEI in the attack.
Amount of loss: $ 20,000 Attack method: Contract Vulnerability
Description of the event: The official Sei Network Discord server has been compromised, please do not click on any links until the team confirms that they have regained control of the server.
Amount of loss: - Attack method: Discord was hacked
Description of the event: Hexagate tweeted that about $200,000 has been exploited from a single MEV Bot in the past few days, including BNBChain, Ethereum, Polygon, and Arbitrum.
Amount of loss: $ 200,000 Attack method: Unknown
Description of the event: An admin on the Fetch discord server showing the username "Atari_buzz1kLL" has had their @discord account compromised. Please do not interact with any posts on our Discord until the issue has been resolved. There is no Fetch airdrop happening right now.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The Twitter account of Blockchain Capital, an encryption venture capital organization, was stolen this morning, and multiple tweets were posted to promote token claim scams. At present, the relevant fraudulent tweets have been deleted, and the Twitter account has now been restored.
Amount of loss: - Attack method: Twitter was hacked