326 hack event(s)
Description of the event: The Education Grants Council (UGC) of India was hacked, the hackers used the Twitter account to post a fake Azuki NFT airdrop link and changed the profile to the Azuki NFT co-creator, replacing the avatar with an Azuki-related image. The agency recovered the account after it was held hostage for six hours.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Starstream Finance and Agora DeFi projects under attack. Attackers exploited a vulnerability in Starstream to siphon tokens from the protocol, then used the tokens as collateral to obtain large loans from Agora. The Starstream hack was achieved through an unprotected execute function in its DistributorTreasury contract, which is marked as an external function and can be used to call external functions. In total, the attackers borrowed about $8.2 million worth of tokens from Agora.
Amount of loss: $ 4,000,000 Attack method: Contract Vulnerability
Description of the event: Ola Finance on the Fuse chain published a blog post on the hacking incident, stating that the attack lost approximately $4.67 million, including 216,964.18 USDC, 507,216.68 BUSD, 200,000 fUSD, 550.45 WETH, 26.25 WBTC, and 1,240,000.00 FUSE. The attack uses a reentrancy vulnerability in the ERC677 token standard.
Amount of loss: $ 4,670,000 Attack method: Reentrancy Attack
Description of the event: Twitter user cr0ss.eth said Defiance Capital founder Arthur's hot wallet was suspected to have been stolen. OpenSea data shows that in Arthur's wallet address 0x4C53c32980ccE49aaA4bCc53Eef3f143Bc27E0aF, 60 NFTs including 17 azuki and 5 cloneX were transferred on the chain, totaling about 310 ETH.
Amount of loss: 310 ETH Attack method: Private Key Leakage
Description of the event: Crypto lender BlockFi has confirmed a data breach at Hubspot, one of its third-party vendors, Cointelegragh reported. Hubspot stores BlockFi's user data, including names, email addresses, and phone numbers. According to the announcement, hackers stole BlockFi’s customer data on March 18. Hubspot has confirmed that an unauthorized third party obtained certain BlockFi customer data deposited on its platform. BlockFi is currently cooperating with Hubspot's investigation to clarify the overall impact of the data breach. While the exact details of the stolen data have yet to be identified and disclosed, BlockFi emphasized that data such as passwords, government-issued IDs, and Social Security numbers were never stored on Hubspot.
Amount of loss: - Attack method: Information Leakage
Description of the event: Hundred Finance, the Compound fork project on the Gnosis chain, tweeted that it suffered a hacker attack and lost more than $6 million.
Amount of loss: $ 6,000,000 Attack method: Flash loan attack
Description of the event: The Agave contract on Gnosis Chain was attacked due to an untrusted external call. The attacker calls the liquidateCall function to liquidate himself without any debt. During the liquidation process, the liquidation contract called the attacker contract. During the process, the attack contract deposited 2728 WETH obtained through the flash loan and minted 2728 aWETH. And use this as collateral to lend out all available assets in the Agave project. After the external call ends, the liquidateCall function directly liquidates the 2728 aWETH previously deposited by the attacker and transfers it to the liquidator.
Amount of loss: $ 5,400,000 Attack method: Flash loan attack
Description of the event: ActiveCampaign (AC), an external email marketing provider used by Unchained, was hacked last week, according to Joe Kelly, CEO of Bitcoin financial services firm Unchained Capital. Information shared with AC, including customer email addresses, usernames, account status, whether customers have active multi-signature vaults or loans using Unchained Capital, and possibly IP addresses may have flowed out without authorization. Kelly said no systems on Unchained were affected, meaning customer profile information that was never shared with AC was not leaked. Kelly added that while customer Bitcoin custody is protected by multi-signature cold storage, customers should still be aware of what's going on and be wary of phishing attacks.
Amount of loss: - Attack method: Information Leakage
Description of the event: Decentralized derivatives trading platform FutureSwap tweeted that an account with around 300,000 FST reward reserves (0.3% of supply) was compromised yesterday. The credentials for this account were compromised by human error, and the attacker was able to gain access on Arbitrum and transfer the available reward FST to himself.
Amount of loss: 300,000 FST Attack method: Private Key Leakage
Description of the event: A South Korean DeFi project, KLAYswap stated it was hacked and lost over 2.2 billion won, or about $1.83 million, in the incident. The hacker modified the third-party JavaScript link on the front end of KLAYswap, causing the user to download malicious malware when accessing the KLAYswap page. This enabled funds to be transferred to the hacker's wallet address when conducting token-related transactions . During this time, 407 suspicious transactions were found in 325 wallets linked to this incident.
Amount of loss: $ 1,830,000 Attack method: Malicious Code Injection Attack
Description of the event: The digital asset service provider StoboxCompany was attacked by hackers, and its official statement that the private key had been leaked, affected by this, the token fell by 96.93%. StoboxCompany officially stated that the address of the deployer of Stobox tokens was hacked. Since the address of the deployer of ETH and BSC is the same, all reserve funds have been stolen or liquidated. Remind users to stop buying/selling, and the official will restore the STBU snapshot to the last transaction before the hacker attack.
Amount of loss: - Attack method: Private Key Leakage
Description of the event: An attack occurred at Tinyman Pools on January 1 /2, algorand-based automated market maker (AMM) Tinyman tweeted. The attack exploits a previously unknown hole in the contract and allows the attacker to extract assets from a pool to which he has no access. So far, attacks have been executed on multiple pools, but not all of them have been attacked.
Amount of loss: $ 2,000,000 Attack method: Contract Vulnerability
Description of the event: The data on CoinMarketCap's website flashed bugs, and the quotes of multiple cryptocurrencies were wrong.
Amount of loss: - Attack method: Data error
Description of the event: 8ight Finance on the Harmony chain was hacked, and $1.75 million was stolen due to the leak of the private key due to google doc. The platform tweeted about the loss yesterday, and in its discord server provided an explanation for the loss of funds: "Two developers on the team have the keys and they were sent via Facebook group chat and google drive. This is our first project, so we have to admit that our opsec is low.”
Amount of loss: $ 1,750,000 Attack method: Private Key Leakage
Description of the event: According to a report from BleepingComputer on November 10, the electronic retail giant MediaMarkt suffered a ransomware attack. This attack affected many MediaMarkt retail stores throughout Europe, especially those in the Netherlands. The attacker initially asked for a ransom of 240 million US dollars. It was dropped to 50 million U.S. dollars and demanded to be paid in Bitcoin. According to the company later, customer data is "completely secure." The company's stores are now also reopening for exchanges, returns, and repair orders.
Amount of loss: - Attack method: Ransomware
Description of the event: Robinhood, a stock and cryptocurrency trading platform, stated that on the evening of November 3, an intruder entered the company’s system and stole the personal information of millions of users. The full names of the users, the names of about 310 users, the date of birth and postal code were leaked, and the more detailed account information of about 10 users was leaked. The intruder demanded blackmail for payment. The company notified law enforcement and continued to investigate the incident with the help of the external security company Mandiant. Robinhood stated that the attack had been contained. Robinhood believed that it did not expose social security numbers, bank account numbers or debit card numbers, and did not cause any economic losses to customers due to the incident.
Amount of loss: - Attack method: Information Leakage
Description of the event: According to Etherscan data, the OHM imitation project AnubisDAO, which was launched at Copper Launch, withdrew its liquidity pool one day after it went online. It is suspected that the volume of money went off the road. A total of more than 13,556 ETH were transferred to the address @0x9fc, worth about 58.3 million U.S. dollars. Jayson, the founding partner of PFR Capital, pointed out that AnubisDAO is just a Twitter account that was only registered a few days ago. There is no website, white paper, medium, and no products.
Amount of loss: 13,556 ETH Attack method: Rug Pull
Description of the event: According to Cointelegraph reports, some Youtube channels were hacked and seized control. The original content and information of these channels were destroyed by hackers. Hackers pretended to be large technology companies or cryptocurrency exchanges to commit fraud. These channels were also used by hackers for $3 to $4,000. Sold at varying prices. The Google Threat Analysis Team (TAG) stated that the hackers who attacked the Youtube channel came from a Russian-speaking forum. In addition, Google has shared the findings with the FBI for further investigation.
Amount of loss: - Attack method: YouTube was hacked
Description of the event: The IDO project SaturnBeam of MoonSwap, a decentralized exchange on the Moonriver chain, ran away, and MoonSwap tweeted a warning that SaturnBeam would refund the money within 24 hours.
Amount of loss: $ 12,000,000 Attack method: Rug Pull
Description of the event: Email addresses belonging to 3.1 million CoinMarketCap users were leaked last week, according to Have I Been Pwned.Have I Been Pwned says that the website’s database was breached on Oct. 12, 2021. Exactly 3,117,548 email addresses, not including passwords, were stolen in the security breach.
Amount of loss: - Attack method: Information Leakage