211 hack event(s)
Description of the event: On December 5, 2023, thirdweb, the Web3 base development platform, indicated that a security vulnerability was discovered in pre-built smart contracts. The impacted pre-built contracts include but are not limited to DropERC20, ERC721, ERC1155 (all versions), and AirdropERC20. Please see a full list of impacted smart contracts and mitigation steps at this link (https://blog.thirdweb.com/security-vulnerability/).
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: Lido officials say that over the course of the last 24 hours, Lido DAO contributors were made aware of a platform vulnerability that affected an active Node Operator using the Lido on Ethereum protocol (InfStones) sometime over the course of the previous few months. The vulnerability was disclosed to InfStones in July 2023 by security researchers dWallet Labs. The Node Operator has announced that the vulnerability has been 184 addressed. The vulnerability is related to the possible exposure of root-level access to 25 validator servers that may not be related to the Lido protocol, including possibly key material, to external attackers. It is not clear to contributors at this time if servers and/or keys related to Lido validators were included in the scope of affected systems or not.
Amount of loss: - Attack method: Third-party Library Vulnerability
Description of the event: Crypto quantization company Kronos Research tweeted that they experienced unauthorized access of some of their API keys.
Amount of loss: $ 26,000,000 Attack method: API Key Attack
Description of the event: Lendora Protocol on Scroll is suspected of an exit scam. The website is now offline and the contracts were paused.
Amount of loss: - Attack method: Rug Pull
Description of the event: A fake Ledger Live app on the official Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen.
Amount of loss: $ 588,000 Attack method: Fake Application
Description of the event: According to @fraxfinance, Frax Finance's DNS has been attacked. Please don’t use http://frax[.]finance and http://frax[.]com domains until further notice.
Amount of loss: - Attack method: DNS Hijacking Attack
Description of the event: Monero discloses that its community crowdfunding wallet was drained of 2,675.73 XMR (the entire balance). The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR.
Amount of loss: $ 460,000 Attack method: Unknown
Description of the event: Maestro Router was compromised and approximately $ 510,000 was stolen.
Amount of loss: $ 510,000 Attack method: Unknown
Description of the event: On October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Amount of loss: $ 4,400,000 Attack method: Information Leakage
Description of the event: On October 18, 2023, , the HopeLend protocol fell victim to a hacker attack. The attack resulted in a loss of approximately 528 ETH, out of which 263.91 ETH were bribed by the frontrunner to a Validator (managed by Lido). The exploit frontrunner eventually profited by 264.08 ETH. On October 20, Hope.money tweeted that a frontrunner from Armor Team voluntarily returned the acquired assets.
Amount of loss: $ 818,747 Attack method: Security Vulnerability
Description of the event: On October 17, Fantom Foundation Telegram Community Administrator Jane stated that some of Fantom Foundation's hot wallet assets were drained due to a zero-day vulnerability on Google Chrome. According to SlowMist's analysis of on-chain transmission methods and previous emergency response experience, this should be a case of private key theft, which may be the result of the Foundation or its employees being attacked by phishing, social engineering, and running malicious Trojan files, leading to the theft of some wallet private keys.
Amount of loss: $ 657,000 Attack method: Private Key Leakage
Description of the event: Attacker posted a phishing link in the announcements channel of Wall Street Meme's Discord server.
Amount of loss: - Attack method: Discord was hacked
Description of the event: There is a fake collab land verification in the Loozr Discord. The verification will take you to a phishing site that connects to a wallet drainer
Amount of loss: - Attack method: Discord was hacked
Description of the event: LastPass, a password management platform, is suspected to have suffered a data breach. On October 12, Twitter user flippen.eth tweeted that he had lost more than 20 ETH from his hot wallet overnight after storing his mnemonic on LastPass, an online password management platform, stating, "This problem seems to be widespread, so if you've ever used LastPass, it's time to update your password and abandon your wallet and the mnemonics stored there.”
Amount of loss: 20 ETH Attack method: Information Leakage
Description of the event: The @nowaiAI announced their Discord server has been compromised. Do not connect your wallet. It connects to phishing site: hxxps://nowaiguard.github.io/discord/.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The Ethereum Foundation fell victim to a sandwich attack by an MEV Bot when selling 1700 ETH through Uniswap V3, resulting in a loss of $9,101. The MEV Bot profited $4,060 from the attack.
Amount of loss: $ 9,101 Attack method: Sandwich Attack
Description of the event: OmniBTC's Discord was hacked and the attackers posted a phishing link in the announcement channel.
Amount of loss: - Attack method: Discord was hacked
Description of the event: On October 6, an unknown individual contacted our domain service provider Dynadot, impersonating an authorized Galxe member and bypassing the security process with falsified documentation. The impersonator then gained unauthorized access to the domain account, which was manipulated to redirect website visitors to a fake site and sign transactions that misappropriated their funds. On October 7, Galxe released a statement on the October 6 DNS security incident stating that the site is now fully restored, with an estimated 1,120 users affected and approximately $270,000 stolen. On October 11, Galxe announced a compensation plan for the security incident that occurred on October 6, 2023. Any affected users will receive full compensation in USDT on Polygon, calculated based on its value at 18:00 Beijing time on October 9.
Amount of loss: $ 270,000 Attack method: DNS Hijacking Attack
Description of the event: Metropolis World announced that their Discord server was compromised.
Amount of loss: - Attack method: Discord was hacked
Description of the event: SpaceChain Discord was hacked. A phishing link was posted in the announcements channel of SpaceChain Discord server.
Amount of loss: - Attack method: Discord was hacked