254 hack event(s)
Description of the event: A crook named "cryptopunksbot" was published on CryptoPunk's Discord server, providing NFT investors with the opportunity to win ten elusive NFT avatars. Stazie, the co-founder of the NFT game project Hedgie, accepted the false offer poster, but this move eventually cost him 16 CryptoPunks, which may be worth at least $1 million. Stazie inadvertently sent the wallet seed phrase to the scammer, resulting in the loss of some ETH. The scammer sold 5 CryptoPunks for 149 ETH ($385,000).
Amount of loss: $ 1,000,000 Attack method: Phishing attack
Description of the event: Mobile phone operator T-Mobile filed a lawsuit for failing to prevent the SIM exchange scam, which cost a customer $55,000 in Bitcoin. The plaintiff Richard Harris accused T-Mobile of improper behavior, including failing to adequately protect customer information, hiring appropriate support personnel, and violating federal and state laws that caused him to lose 1.63 bitcoins.
Amount of loss: $ 55,000 Attack method: SIM Card Attack
Description of the event: According to official sources, DAFI Protocol, an on-chain incentive protocol, stated that DAFI worth 200,000 US dollars was sold due to the “cross-chain asset bridge ChainSwap attack”. DAFI Protocol requests the community to withdraw liquidity from Uniswap and LP plans until further notice. DAFI Protocol added that the DAFI token contract and Super Staking are safe.
Amount of loss: $ 200,000 Attack method: Contract Vulnerability
Description of the event: Circle Internet Financial, the issuer of the US dollar stable currency USDC, reported in a regulatory filing with the US Securities and Exchange Commission (SEC) that Circle Internet Financial lost US$2 million in email fraud last month. Circle stated that the email fraud incident did not affect customer funds and accounts, Circle's information system is still safe, and the US$2 million is the company's own funds.
Amount of loss: $ 2,000,000 Attack method: Scam
Description of the event: Lookout Threat Lab security researchers exposed more than 170 Android applications, and the number of deceived users exceeded 93,000. Among them, 25 applications managed to evade the Google Play Store detection and successfully launched, but this is mainly because they do not involve any malicious operations, and may even be purely to fool users. Lookout security researchers pointed out that these counterfeit applications belong to the BitScam and CouldScam series respectively, claiming to provide cloud-based cryptocurrency mining services that can aggregate the computing power of users' mobile devices and share mining revenue. These apps are not free, and various additional payment excuses such as subscriptions and upgrades will be made. Prices range from 12.99 to 259.99 US dollars, and cryptocurrencies such as BTC or ETH are accepted as payment methods. LookoutThreatLab estimates that these malware creators defrauded 300,000 U.S. dollars through illegal sales and 50,000 U.S. dollars in cryptocurrency through fake payments and upgrade services.
Amount of loss: $ 350,000 Attack method: Scam
Description of the event: Cobra, the anonymous creator and principal of Bitcoin.org, tweeted that the Bitcoin.org website is being subjected to an "absolutely large-scale" distributed denial of service (DDoS) attack, as well as a Bitcoin ransom demand. Currently Bitcoin.org is accessible.
Amount of loss: - Attack method: DDoS Attack
Description of the event: A blackmailer with an ID of ZeroX is suspected of using a 0day vulnerability attack to steal 1TB of Saudi Aramco's corporate data resources. According to the ID's post on the dark web forum, the data leaked this time involves the complete information of 14,254 employees, internal analysis reports, pricing tables, refinery locations, enterprise-related system project specifications, and the most important customer data, etc. Sensitive information, the earliest data range can be traced back to 1993, spanning 28 years. The blackmailer gave Saudi Aramco a validity period of 662 hours (approximately 28 days) and demanded to pay 50 million U.S. dollars in Monero or sell it for 5 million U.S. dollars. This has also become a large-scale data breach after Saudi Aramco was hacked in 2012, 35,000 computers were affected, and 75% of the company’s computer data was deleted.
Amount of loss: - Attack method: Information Leakage
Description of the event: Based on Monero’s privacy-centric DeFi protocol Haven Protocol (XHV), it released analysis reports and measures for three serious attacks related to it in late June. The chain rollback plan will be initiated and a hard fork will be implemented. Fix the known vulnerabilities in protocol minting. Regarding specific attacks, on June 24, 203,000 xUSD and 13.5 xBTC were minted in two attacks; on June 27, an unknown amount of XHV was minted due to a vulnerability in the conversion verification of xAsset; June 29 , The attacker exploited a vulnerability that allowed the minting of 9 million xUSD.
Amount of loss: $ 8,186,549 Attack method: Minting Attack
Description of the event: European Union legal body Europol has cracked down on the Belgian Ponzi scheme Vitae. Europol raided 17 locations associated with the site, which were advertised as social media sites with their own cryptocurrencies, confiscating German currency and luxury cars totalling over 1 million euros. The company operates in Switzerland under the name VITAE AG.
Amount of loss: $ 1,119,810 Attack method: Scam
Description of the event: According to Calcalist, the cryptocurrency company StakeHound has filed a lawsuit against the institutional security company Fireblocks, claiming that ETH worth 245.5 million Israeli new shekels (approximately US$75 million) was lost due to Fireblocks’ mistakes. StakeHound stated that as Fireblocks deleted the key for no reason without backing up the key, 38,178 ETH were lost.
Amount of loss: $ 75,000,000 Attack method: Operation error
Description of the event: JBS USA Holdings Inc. paid an $11 million ransom to cybercriminals last week that temporarily destroyed a plant that handles about a fifth of the nation's meat supply, the chief executive said. . Andre Nogueira, CEO of the U.S. division of Brazilian meat company JBS SA, said the bitcoin ransom was to protect the JBS meat plant from further damage and limit the potential impact on restaurants, grocery stores and farmers that depend on JBS.
Amount of loss: $ 11,000,000 Attack method: Ransomware
Description of the event: Ishii, an employee of Tokyo Sony Life Insurance Company ("Sony Life"), allegedly misappropriated US$154 million when attempting to transfer funds between the company’s financial accounts. According to court documents, Ishii changed the transfer address of a Sony Life transaction to Silvergate bank account that you control. Ishii later converted funds into more than 3879 bitcoins through Coinbase. The Coinbase set up to automatically transfer all added funds to an offline cryptocurrency cold wallet with the bitcoin address bc1q7rhc02dvhmlfu8smywr9mayhdph85jlpf6paqu. However, on December 1, after cooperating with Japanese law enforcement agencies, the FBI seized 3789.16242937 BTC in Ishii's wallet after obtaining the private key. The Tokyo Metropolitan Police Department arrested the 32-year-old Ishii on the same day and alleged In mid-May, he was charged with a fraudulent remittance of 154 million U.S. dollars.
Amount of loss: - Attack method: Insider Manipulation
Description of the event: On May 7, 2021, Colonial Pipeline, the largest oil and gas pipeline operator in the United States, was targeted by a ransomware attack. The ransomware attack involved national critical infrastructure, which caused global shock and widespread concern. Was blackmailed to pay 5 million U.S. dollars worth of Bitcoin. Court documents show that the government recovered 63.7 bitcoins ($2.3 million).
Amount of loss: $ 2,700,000 Attack method: Ransomware
Description of the event: In response to users reporting that the official website of Hpool could not be opened, Hpool officially responded that the front end of the official website was attacked by DDOS.
Amount of loss: - Attack method: DDoS Attack
Description of the event: The Mask Network official stated that the contract address of the second round of ITO was attacked by robots, and the address has been officially blacklisted.
Amount of loss: - Attack method: Robot attack
Description of the event: Encrypted lending service Celsius has discovered a data breach in one of its third-party service providers, which has exposed the personal information of its customers. According to the email, the hacker gained access to the "third-party email distribution system" used by Celsius. Hackers use this information to send fraudulent emails and text messages to trick them into revealing the private keys of their funds. On April 14, Celsius users started reporting a fraudulent website claiming to be the official Celsius platform. Some users also receive text messages and emails claiming to be Celsius official, can link to the website, and prompt the recipient to enter sensitive information. It is reported that Celsius' competitor BlockFi suffered a similar data breach last spring.
Amount of loss: - Attack method: Information Leakage
Description of the event: Renowned computer maker Acer has been hit by a ransomware gang, REvil, demanding up to $50 million in XMR to decrypt the company's computers and not leak data on the dark web. The ransomware gang announced on their data breach website that they had compromised Acer and shared as evidence some images of allegedly stolen files for files containing financial spreadsheets, bank balances and bank communications .
Amount of loss: - Attack method: Ransomware
Description of the event: The community token platform TryRoll was suspected of being attacked, and the tokens issued based on it were sold in a large amount on Uniswap. Among them, WHALE lost 1,362 ETH, FWB lost 797 ETH, KARMA lost 155 ETH, JULIEN lost 115 ETH, hackers made a total of 2998 ETH, and 700 ETH was deposited in the mixed currency platform Tornado.Cash. In addition, Roll announced that it has raised $500,000 in funding for creators affected by this.
Amount of loss: 2,998 ETH Attack method: Private Key Leakage
Description of the event: CNA, one of the largest insurance companies in the United States, paid a ransom of US$40 million (approximately 257 million yuan) after being attacked by ransomware in March to regain control of its network. The company has confirmed that an organization named Phoenix is the perpetrator of this attack.
Amount of loss: $ 40,000,000 Attack method: Ransomware
Description of the event: Tether officially tweeted that forged documents allegedly "between Tether personnel and representatives of Deltec Bank & Trust and other institutions" are circulating online. In addition, Tether officially received a ransom request for sending 500 BTC to bc1qa9f60pved3w3w0p7snpxlnh5t4uj95vxn797a7 today. The sender stated that unless they receive Bitcoin before tomorrow, they will leak documents to the public in order to "destroy the Bitcoin ecosystem." Tether said it will not pay the ransom. And remind customers, employees, and the encryption community to stay vigilant and ensure operational safety. Tether stated that it has reported falsified communications and related ransom demands to law enforcement.
Amount of loss: - Attack method: Ransomware