356 hack event(s)
Description of the event: The Aave fork project on the Pulse chain suffered a governance attack. The hacker first purchased a large number of Aave tokens to obtain the governance authority of the Aave fork project, and then created multiple contracts. The hacker seemed to want to use the governance authority to modify the implementation of the proxy contract Address, using the user's authorization to the contract that has not been canceled, to transfer the user's funds away. Such as WBTC, YFI, BAL, AAVE, UNI and other tokens. Finally, the hacker converted the stolen funds into ETH through the cross-chain bridge protocol, and sent it to the 0xA30190b96FaEe0080144aA0B7645081Fcbf49E6F address of Ethereum. The attacker made a profit of 483 ETH (approximately $930,000).
Amount of loss: $ 930,000 Attack method: Governance Attack
Description of the event: ‘Blockchain for dog nose wrinkles’ Ponzi makes off with $127m. A South Korean company lured investors with its new technology: a blockchain app that can identify dogs by their nose wrinkles.The investigation found that what the company promoted to be its dog nose wrinkle reader was fake.The South Korean police say investors have lost more than $100 million in what it describes as a “typical Ponzi.”
Amount of loss: $ 127,000,000 Attack method: Scam
Description of the event: The U.S. Commodity Futures Trading Commission (CFTC) recently filed a lawsuit in the U.S. District Court for the Northern District of California against William Koo Ichioka, an alleged digital asset and foreign exchange Ponzi scheme, alleging that he mishandled more than $21 million in investor assets and used new customer funds to create the illusion of profits in his Ponzi scheme.William Koo Ichioka raised money from William Koo Ichioka raised funds from more than 100 individuals and entities, promising to trade forex through the operation of a commodity interest pool called Ichioka Ventures. He advertised the service on his website claiming that the promised returns matched the performance of his investments, as he himself was a white knuckle investor who had made millions of dollars. According to his trading strategy, Ichioka promised a 10% return every 30 business days to those who participated in his program. However, his trades suffered huge losses. To hide the losses, he provided false documents to inflate the amount of money in his commodity interest pool accounts and provided participants with false account statements. Ichioka also used other participants' funds to pay for the alleged gains. Although Ichioka claimed that he was investing for his clients, he actually used client funds for personal expenses. He commingled participants' assets with his own and used them to purchase luxury items such as jewelry, cars, and watches.
Amount of loss: $ 21,000,000 Attack method: Scam
Description of the event: The Twitter account of decentralized exchange Slingshot has been compromised by scammer Pink Drainer, who posted links to fake websites and claimed that users could claim airdrop tokens. Users are advised to be aware of the risks and not to click on the links.
Amount of loss: - Attack method: Account Compromise
Description of the event: Recently, a security firm discovered a stack overflow vulnerability in the Move VM that does not limit the depth of recursive calls, which can cause a total network shutdown, prevent new validator nodes from joining the network, and potentially even cause a hard fork. mainnet_v1.2.1, Aptos mainnet_v1.4.3 and earlier are all affected by this vulnerability. Suimainnet_v1.2.1, Aptosmainnet_v1.4.3, and Move-language versions after June 10, 2023 fix this vulnerability.
Amount of loss: - Attack method: Overflow Vulnerability
Description of the event: ZenGo CEO Ouriel Ohayon tweeted that BitBoy Crypto founder Ben Armstrong's Twitter account was hacked and used to promote a crypto scam to steal users' NFT assets, the same scam that hit garry tan, peter schiff and others, asking users to be aware of the risks involved.
Amount of loss: - Attack method: Account Compromise
Description of the event: NFT giant whale Franklin is suspected to have posted a warning on his Twitter handle @ElectionDayMad1 with text and video that his Twitter account @franklinisbored was stolen, please do not send any cryptocurrency or click on any links, and that none of the tweets from the early morning of June 9 were posted by him.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to a tweet from MistTrack, the Twitter account of Cole, co-founder of the NFT project Pudgy Penguins, appears to have been attacked, seemingly by the PinkDrainer hacker group. Please do not click on suspicious links.
Amount of loss: - Attack method: Account Compromise
Description of the event: Jump Crypto, the digital asset trading arm of Jump Trading, said on Twitter that its security team discovered a stack overflow vulnerability in CosmWasm, a smart contract platform designed by the Cosmos ecosystem. The bug would stop users uploading new smart contracts on Cosmos-based blockchains from functioning on those chains entirely.
Amount of loss: - Attack method: Overflow Vulnerability
Description of the event: The Sandbox tweeted that the Twitter account of its CEO and co-founder Arthur Madrid was hacked, and the hackers posted a scam/phishing link for a fake SAND token airdrop. The Sandbox reminds users not to click on the link, but to report the post so it can be blocked.
Amount of loss: - Attack method: Account Compromise
Description of the event: The team behind Fintoch, a blockchain financial platform, is suspected of being a Ponzi scheme. It defrauded users of 31.6 million USDT on BNB Chain, and the funds were bridged to multiple addresses on Tron and Ethereum. Users reported that they could not withdraw funds. Fintoch advertises that it is a blockchain financial platform built by Morgan Stanley, and users can get 1% return on investment every day. The team page on the Fintoch website refers to "Bobby Lambert" as its CEO, when in fact he doesn't exist and is a paid actor. Earlier, the Singapore government and Morgan Stanley both issued warnings about the investment plan.
Amount of loss: $ 31,600,000 Attack method: Scam
Description of the event: At 15:25 on May 20, Tornado Cash encountered a governance attack. The attacker granted himself 1.2 million votes through a malicious proposal, exceeding the number of legal votes (about 700,000), and gained full governance control. An attacker could withdraw all locked votes and drain all tokens in the governance contract, disabling routers, though the attacker would still not be able to drain individual pools. Tornado Cash governance attackers obtained a total of 483,000 TORN from governance vaults.
Amount of loss: $ 2,173,500 Attack method: Governance Attack
Description of the event: A Nevada man has been charged in connection with his alleged involvement in CoinDeal, an investment fraud scheme that defrauded more than 10,000 victims of more than $45 million, the U.S. Department of Justice announced. According to court documents, Lee allegedly conspired with Neil Chandran and others to defraud investors of companies controlled by Chandran. Operating under the name "ViRSE," these companies include Free Vi Lab, Studio Vi Inc., ViDelivery Inc., ViMarket Inc., and Skalex USA Inc., among others. Presumably, these companies are developing virtual world technology, including their own cryptocurrency, for use in virtual worlds. Chandran allegedly misled investors by falsely promising extremely high returns on the premise that his company was about to be acquired by a syndicate of wealthy buyers. As further alleged, Lee was the nominal owner and director of ViMarket and was instructed by Chandran on how to transfer received investor funds into ViMarket's bank accounts.
Amount of loss: $ 45,000,000 Attack method: Scam
Description of the event: The Web3 content publishing platform Mirror application is currently experiencing an outage under load.
Amount of loss: - Attack method: Load
Description of the event: Yuga Labs tweeted that the Twitter account of the company's new CEO, Daniel Alegre, was hacked and is now under hacker control. Yuga Labs reminds users not to click on any minting links, nor to interact with any twitter accounts named Daniel Alegre until the official update notice is released, the Yuga Labs team is working with twitter to regain control of the account .
Amount of loss: - Attack method: Account Compromise
Description of the event: UniSat Wallet tweeted: “Due to a vulnerability in our code base, the UniSat Marketplace that just launched has suffered a lot of double-spend attacks. In the test last week, we simulated different double-spend attack methods and improved the code. and enhancements. Unfortunately, certain issues were still exposed in the initial public release. Currently, we have preliminary findings, and out of a total of 383 transactions, 70 transactions have been identified as affected. We will report on In the next few days, we will further investigate and compensate the losses of users related to this incident.” It is reported that UniSat Marketplace is an inscription market based on PSBT and supporting BRC-20 assets on the Bitcoin chain.
Amount of loss: - Attack method: Double Spend Attack
Description of the event: Sealaunch, an NFT data and research platform, has monitored that the MEV Bot named jaredfromsubway.eth recently carried out "sandwich attacks" on buyers and sellers of Meme coins such as WOJAK and PEPE, earning more than $1.4 million in profits. Additionally, Sealaunch stated that MEV Bots spent 7% of Ethereum’s gas fees during the 24-hour period between April 18 and 19. A sandwich attack occurs when the attacker "sandwiches" the victim's transaction between two of his own to profit from the user by manipulating prices.
Amount of loss: $ 1,400,000 Attack method: Sandwich Attack
Description of the event: Paribus, the first cross-chain lending platform on Cardano, was attacked and lost about $100,000. The reason for the attack is that it uses a fork of an old version of Compound V2, which has a known reentrancy vulnerability.
Amount of loss: $ 100,000 Attack method: Reentrancy Attack
Description of the event: Terraport, a decentralized finance project launched by TerraCVita, an independent development team of Terra Classic, was hacked and all its liquidity was exhausted. Data shows that nearly $4 million worth of LUNC, USTC and TERRA tokens have been emptied. The attacker withdrew 9,148,426 TERRA and 15.1 billion LUNC in the first transaction, and 576,736 TERRA and 5,487,381 USTC in the second transaction.
Amount of loss: $ 4,000,000 Attack method: Contract Vulnerability
Description of the event: On April 3, MEV bots suffered a malicious sandwich attack that cost them around $25 million. Data on the chain shows that the malicious verifier who attacked the MEV bots today has been punished by Slash and kicked out of the verifier queue. According to SlowMist analysis, the reason why the MEV bots was attacked was that even if the beacon block was incorrect, the relay still returned the payload to the proposer, which resulted in the proposer being able to access the content of the block before another block was finalized. The attacker takes advantage of this problem to maliciously construct an invalid block, so that the block cannot be verified, and the relay cannot broadcast (the status code is 202) to obtain the transaction content in advance. mev-boost-relay has urgently released a new version to alleviate this problem, and it is recommended that relay operators upgrade the relay in time.
Amount of loss: $ 25,000,000 Attack method: Sandwich Attack