334 hack event(s)
Description of the event: Circle tweeted that the Circle Chief Strategy Officer's Twitter account (@ddisparte) has been taken over by a scammer. Any link to an offer is a scam. We are investigating this situation and taking appropriate action. Earlier, Circle’s Chief Strategy Officer tweeted that a loyalty rewards distribution program would be launched for USDC holders. However, the tweet has now been deleted.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to the official Twitter, the General Bytes encrypted currency ATM service was attacked on March 17 and 18. The attacker used the upload interface in the system to upload and run a malicious Java program, and then the attacker obtained the permissions of the database in the server and Hot wallet withdrawal API Key. According to SlowMist MistTrack, the loss was about $1.8 million.
Amount of loss: $ 1,800,000 Attack method: Malicious software
Description of the event: According to the BBC, a scam called iEarn Bot has affected thousands of victims in several countries. In the scam, victims were persuaded to sign up for an "AI intelligent quantitative trading robot" called iEarn Bot, which appeared to successfully trade cryptocurrencies on their behalf. However, after some time, the victims realize that they are unable to withdraw their due earnings nor withdraw the funds they invested. iEarn Bot claims to be an American company, despite its website being riddled with misinformation. The man identified as the company's founder told the BBC he had nothing to do with the scheme, with companies and institutions listed as "strategic partners" saying they had no such partnerships. The BBC uncovered a cryptocurrency wallet that received payments from around 13,000 other people totaling close to $1.3 million.
Amount of loss: $ 1,300,000 Attack method: Scam
Description of the event: The SUCKR project on the Aptos chain is suspected of being a rug pull. The hacker called the mint_SUCKR (admin privilege function) function to mint a large number of SUCKR tokens and exchange them for USDT. The price of SUCKR tokens plummeted by 9% 249h.
Amount of loss: - Attack method: Rug Pull
Description of the event: @HideYoApes previously owned several expensive NFTs from Yuga Labs, including a Bored Ape, Mutant Ape, three Bored Ape Kennel Club NFTs, a SewerPass, and two Otherdeeds. The attacker sold all the NFTs for a profit of 127.3 wETH (~$208,000). HideYoApes explained on Twitter that he had downloaded and installed the MetaMask wallet extension from MetaMask’s official website.
Amount of loss: $ 208,000 Attack method: Phishing Attack
Description of the event: Hackers exploited a vulnerability in the Dexible smart contract code to withdraw funds from crypto wallets using funds approved for spending. The team added that "a small number of whales" lost 85% of the funds stolen in the attack. Data on the chain shows that Block Tower Capital, a digital asset investment company, was one of the victims. The address labeled Block Tower Capital had $1.5 million worth of TRU tokens stolen in this incident. The attackers transferred TRU tokens to SushiSwap for ether (ETH) and then to TornadoCash.
Amount of loss: $ 1,500,000 Attack method: Affected by Dexible events
Description of the event: The email account of domain name registrar Namecheap has been hacked and hackers are using the account to send phishing emails. According to a report by BleepingComputer, the phishing campaign originated from SendGrid, an email platform used by Namecheap to send marketing emails and renewal notifications. The phishing emails pretended to be from logistics provider DHL and cryptocurrency wallet MetaMask. The email posing as MetaMask stated that the recipient's account had been suspended and would need to complete a KYC verification process before it could be reactivated. The email also contained a Namecheap marketing link that redirected users to a fake MetaMask page that asked users to enter their seed phrase or private key, seeking to steal the recipient's personal information and cryptocurrency wallet assets. The official MetaMask response stated that MetaMask will not collect KYC information, nor will it send emails to users about their accounts.
Amount of loss: - Attack method: Phishing Attack
Description of the event: Kevin Rose, the founder of the NFT project Moonbirds, tweeted that his personal wallet was hacked and 25 Chromie Squiggles and other NFTs were lost, with an estimated loss of more than $1 million. Arran Schlosberg, vice president of engineering at Proof Collective, said their NFTs are safe after Kevin Rose was hacked and lost $1 million. Schlosberg said the phishing attack tricked Rose into signing a malicious signature, and the hackers then transferred his valuable NFT.
Amount of loss: $ 1,000,000 Attack method: Phishing Attack
Description of the event: The Robinhood Twitter account was hacked and used to promote a fraudulent crypto project. The hackers announced the launch of a new token called $RBH, which they say will be priced at $0.0005 on Binance Smart Chain. About 25 people purchased the fraudulent tokens for a total of just under $8,000 before the link was removed. Robinhood said in a blog post that the unauthorized content posted on Robinhood Twitter, Instagram and Facebook was removed within minutes, and the team believes the source of the incident was a third-party vendor.
Amount of loss: $ 8,000 Attack method: Account Compromise
Description of the event: Dogechain ecological multi-purpose GameFi and DeFi agreement Doglands may have exit scams. The contract addresses on the project chain are 0x106E6a2D5433247441c1Cdf4E3e24a0696a46d0, 0x12b17 and 0x0e815, which drain all the reserves in the LP tokens, with a value of about $204000. The funds have now been transferred to Ethereum through the cross-chain bridge and transferred to multiple addresses. Doglands has deleted the official Twitter and website.
Amount of loss: $ 204,000 Attack method: Rug Pull
Description of the event: Encrypted KOL NFT God tweeted that due to hackers hacking into its Twitter, Substack, Gmail, Discord and wallets, it lost all its encrypted assets and NFTs, and the hackers also posted fraudulent links through the stolen accounts. The reason for being hacked was that the Ledger was set as a hot wallet instead of a cold wallet on the new device, and the mnemonic was imported and used in the wallet on the networked computer. Then yesterday, after downloading the video streaming software OBS for the game live broadcast, I clicked on Google. The sponsored links of the website downloaded malware that gave hackers access to their funds. Yu Xian, the founder of SlowMist, said that the core reason is that the computer runs a game program with a Trojan horse, and then the mnemonic of encrypted assets is connected to the Internet on this computer, so it may be stolen by hackers.
Amount of loss: - Attack method: Malicious Software
Description of the event: A vulnerability known as CVE-2022-3656 affects more than 2.5 billion users of Google Chrome and Chromium-engine-based browsers. This vulnerability allows the theft of sensitive files such as encrypted wallets and cloud provider files. The vulnerability was discovered by examining how the browser interacts with the file system. Specifically, the browser did not properly check whether a symlink pointed to an inaccessible location, allowing sensitive files to be stolen. This problem is often referred to as symbolic link following. Attackers may use encrypted phishing sites to strategically gain access to users' sensitive files.
Amount of loss: - Attack method: Browser Vulnerability
Description of the event: On January 10, Sui Name Service, an eco-domain name service provider, posted a message on social media that its Discord server was attacked by a former employee today, and the attacker posed as an administrator. At present, the Sui Name Service is restoring role labels for users.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The Web3 Twitter marketing platform Twity tweeted that there was a security vulnerability in its system, the Telegram account of the technician was leaked, and the chat record contained project information and wallet private key, resulting in the disclosure of administrator account information. The team is currently holding an emergency meeting to study solutions. All user assets and NFT information will be snapped. The specific solution will be published separately after it is formulated.
Amount of loss: - Attack method: Telegram was hacked
Description of the event: Nikhil Gopalani, chief operating officer of Nike's encrypted fashion brand RTFKT, tweeted that he was attacked by a phisher and lost more than $173,000, including 19 CloneX NFTs, 18 RTKFT Space Pods, 11 CryptoKicks, etc. Gopalani believes the phishing attack may have been the result of accidentally providing confidential information to hackers posing as Apple representatives.
Amount of loss: $ 173,000 Attack method: Phishing attack
Description of the event: Luke Dashjr, one of the original Bitcoin Core developers, claimed on Twitter that attackers had managed to compromise multiple wallets, with more than 216 BTC (approximately $3.6 million) stolen. Dashjr initially blamed the attack on a leaked PGP key, but later said the PGP leak was just part of a broader hack in which the attacker also bypassed two-factor authentication and gained access to his wallet.
Amount of loss: 216 BTC Attack method: Private Key Leakage
Description of the event: The Twitter account of celebrity investor Kevin O’Leary was hacked on Thursday and used to promote a bitcoin and ethereum giveaway scam, Bitcoin.com reported. The hacker claims that Mr. Wonderful (Kevin O’Leary) is giving away 5,000 BTC and 15,000 ETH, and the tweet also provides a link so anyone can participate. The scam giveaway posts have now been removed by Twitter a few hours after they were posted.
Amount of loss: - Attack method: Account Compromise
Description of the event: Password management platform LastPass said a hacker accessed a cloud-based storage environment using information previously obtained in an incident they disclosed in August 2022, and some source codes and technical information were stolen and used to attack another employee , to obtain credentials and keys for accessing and decrypting certain storage in cloud-based storage services.
Amount of loss: - Attack method: Information Leakage
Description of the event: Quantitative trading company mgnr has deleted all tweets and quit some groups, leaving only 0.097 Ethereum in its wallet address. The address with the domain name mgnr.eth transferred 43.6 million USDC to Coinbase on November 14, and at the same time transferred 8 million USDC and 0.1 Ethereum to the Genesis Trading address.
Amount of loss: $ 52,000,000 Attack method: Rug Pull
Description of the event: Polynomial Protocol has a loophole in optimism's deposit contract. The problem stems from the swapAndDeposit() function, which has no restrictions on its input. Anyone can pass in an address and maliciously construct swapData to steal contract-approved tokens.
Amount of loss: - Attack method: Contract Vulnerability