363 hack event(s)
Description of the event: On January 10, Sui Name Service, an eco-domain name service provider, posted a message on social media that its Discord server was attacked by a former employee today, and the attacker posed as an administrator. At present, the Sui Name Service is restoring role labels for users.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The Web3 Twitter marketing platform Twity tweeted that there was a security vulnerability in its system, the Telegram account of the technician was leaked, and the chat record contained project information and wallet private key, resulting in the disclosure of administrator account information. The team is currently holding an emergency meeting to study solutions. All user assets and NFT information will be snapped. The specific solution will be published separately after it is formulated.
Amount of loss: - Attack method: Telegram was hacked
Description of the event: Nikhil Gopalani, chief operating officer of Nike's encrypted fashion brand RTFKT, tweeted that he was attacked by a phisher and lost more than $173,000, including 19 CloneX NFTs, 18 RTKFT Space Pods, 11 CryptoKicks, etc. Gopalani believes the phishing attack may have been the result of accidentally providing confidential information to hackers posing as Apple representatives.
Amount of loss: $ 173,000 Attack method: Phishing attack
Description of the event: Luke Dashjr, one of the original Bitcoin Core developers, claimed on Twitter that attackers had managed to compromise multiple wallets, with more than 216 BTC (approximately $3.6 million) stolen. Dashjr initially blamed the attack on a leaked PGP key, but later said the PGP leak was just part of a broader hack in which the attacker also bypassed two-factor authentication and gained access to his wallet.
Amount of loss: 216 BTC Attack method: Private Key Leakage
Description of the event: The Twitter account of celebrity investor Kevin O’Leary was hacked on Thursday and used to promote a bitcoin and ethereum giveaway scam, Bitcoin.com reported. The hacker claims that Mr. Wonderful (Kevin O’Leary) is giving away 5,000 BTC and 15,000 ETH, and the tweet also provides a link so anyone can participate. The scam giveaway posts have now been removed by Twitter a few hours after they were posted.
Amount of loss: - Attack method: Account Compromise
Description of the event: Password management platform LastPass said a hacker accessed a cloud-based storage environment using information previously obtained in an incident they disclosed in August 2022, and some source codes and technical information were stolen and used to attack another employee , to obtain credentials and keys for accessing and decrypting certain storage in cloud-based storage services.
Amount of loss: - Attack method: Information Leakage
Description of the event: Quantitative trading company mgnr has deleted all tweets and quit some groups, leaving only 0.097 Ethereum in its wallet address. The address with the domain name mgnr.eth transferred 43.6 million USDC to Coinbase on November 14, and at the same time transferred 8 million USDC and 0.1 Ethereum to the Genesis Trading address.
Amount of loss: $ 52,000,000 Attack method: Rug Pull
Description of the event: Polynomial Protocol has a loophole in optimism's deposit contract. The problem stems from the swapAndDeposit() function, which has no restrictions on its input. Anyone can pass in an address and maliciously construct swapData to steal contract-approved tokens.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: 3Commas founder and CEO Yuriy Sorokin issued an investigative update on attacks on API keys and trading platforms after many users of Binance, OKX, FTX and some other trading platforms experienced unauthorized transactions via API keys . On December 29, CoinDesk reported that the US Federal Bureau of Investigation (FBI) is investigating the 3Commas data breach. Edmundo (Mundy) Pena, leader of the roughly 60-member 3Commas victims group that has previously been in contact with the U.S. Secret Service and other law enforcement agencies, told CoinDesk he calculated the group’s losses at more than $20 million.
Amount of loss: $20,000,000 Attack method: Information Leakage
Description of the event: According to reports, PayPal notified the United States Attorney General's Office of Maine (Maine), saying that they discovered that they had been hacked on December 20, 2022, and after investigation believed that the incident occurred between December 6 and 8. Credential stuffing attack, the total number of affected users is 34,942. PayPal pointed out that the attack may lead to the disclosure of customer information, including: name, address, security code, personal tax information, phone number and birthday. However, PayPal emphasized that no user personal information has been stolen. PayPal also mentioned that it has provided 24 months of credit theft monitoring services for affected users. PayPal added that this incident is not a PayPal system vulnerability, but that users repeatedly use the same set of account numbers and password combinations on different services or websites, allowing hackers to steal, purchase, or obtain user account numbers, passwords, etc. from other places, and then use a large number of Account and password combination, crack PayPal account.
Amount of loss: - Attack method: Credential stuffing attack
Description of the event: BIT Mining reports that its subsidiary, cryptocurrency mining pool BTC.com, suffered a “cyber attack” on Dec. 3, in which the attackers stole approximately $700,000 in customer assets and $2.3 million in company assets . However, they said some of the funds had been recovered.
Amount of loss: $ 3,000,000 Attack method: Cyber attack
Description of the event: Trust Wallet, a multi-chain non-custodial wallet, tweeted that Ahad Shams, the co-founder of the Web3 metaverse game engine Webverse, said that he did not disclose the mnemonic and was only stolen $4 million worth of cryptocurrency because he was photographed. Trust Wallet believes this is a security incident triggered by a social engineering attack involving an organized crime group from Rome, Italy, with known locations in Milan and Barcelona. It is reported that the theft of Ahad Shams’ funds occurred in November 2022. At that time, it hoped to complete a round of financing for the project. A scammer pretending to be an investor shared an NDA PDF file and KYC information (suspected to contain malware) to prove identity, then had Shams transfer funds to a new non-multisig wallet, and view Ahad Shams trust wallet balance, taking pictures in the process. While no private key or seed phrase was revealed, $4 million in cryptocurrency from the Trust wallet subsequently disappeared, and the crook has never been seen again.
Amount of loss: $ 4,000,000 Attack method: Social engineering scam
Description of the event: According to Cointelegraph, Skyward Finance, the NEAR on-chain asset issuance platform, suffered a vulnerability exploit and has lost 110 NEAR tokens (about $3 million). The Ref Finance and Skyward teams have been informed of the existence of the vulnerability. The attackers reportedly purchased large amounts of Skyward Tokens on Ref Finance, then redeemed them through the Treasury on Skyward Finance, and then earned more than the value of the Skyward Tokens originally invested.
Amount of loss: $ 3,000,000 Attack method: Contract Vulnerability
Description of the event: The ownership of the MEV infrastructure Eden Network deployer address was hacked and took control of the EDEN token contract. The attacker claims that a new token contract will be deployed, and Eden Network can redeem ownership after purchasing 200 ETH of NEDEN.
Amount of loss: - Attack method: Private Key Leakage
Description of the event: Several FTX users were hacked and stolen coins, which 3Commas said was due to phishing websites. In a collaborative investigation conducted by 3Commas and FTX, it was discovered that some API keys were associated with new 3Commas accounts, but the API keys were not obtained from 3Commas, but from outside the 3Commas platform. At the same time, FTX will provide a total of approximately $6 million in compensation to FTX accounts affected by the phishing incident.
Amount of loss: $ 6,000,000 Attack method: Phishing attack
Description of the event: On October 19, the Moola protocol on Celo was attacked, and the hackers made a profit of about $9 million. This attack is a price manipulation attack. The attackers returned about 93.1% of the proceeds to the Moola Market project, donating 500,000 CELO to the impact market. Left a total of 650,000 CELO as a bounty.
Amount of loss: $ 9,000,000 Attack method: Price Manipulation
Description of the event: A bot named 0xbadc0de made a windfall when traders tried to sell 1.8 million cUSDC (USDC on the Compound protocol) ($1.85 million in nominal value), but only got $500 of the asset due to low liquidity in return. However, the MEV bot made a profit of 800 ETH (~$1 million) from the sold carry trade. An hour later, a hacker exploited a bug in 0xbadc0de's badc code to withdraw all 1,101 ETH (~$1.5 million) in the contract.
Amount of loss: $ 1,500,000 Attack method: Contract Vulnerability
Description of the event: Actor and comedian Bill Murray's personal wallet was stolen, resulting in the loss of funds raised by the actor's charity NFT, hackers stole about 112.05 wETH (worth about $174,000), which was then converted into ETH and sent to 5 EOA, Eventually it was transferred to Binance. The transfer of stolen assets did not indicate any malicious behavior, indicating that a mnemonic phrase was most likely compromised.
Amount of loss: $ 174,000 Attack method: Mnemonic Leakage
Description of the event: A hacker compromised the wallet belonging to Steven Galanis, the CEO of Cameo, an app that allows people to pay various celebrities to record short messages for them. The hacker took 9,457 ApeCoin (~$69,000), 2.3 ETH (~$3,900), a Bored Ape NFT, three Otherside land plots, and other various NFTs. The hacker then flipped the Bored Ape for 77 ETH (~$131,000), and the other NFTs for a combined 16 ETH (~$27,000).
Amount of loss: $ 231,000 Attack method: Apple ID was hacked
Description of the event: CEO Michael Stollery of Titanium Blockchain Infrastructure Services (TBIS) pled guilty to securities fraud in connection to a $21 million cryptocurrency scam. The company promoted its BAR token during 2017–2018, and did not register with the SEC for its ICO. TBIS made false claims including that they had ties to companies including Apple, Boeing, and IBM, and offered various services that did not actually exist. At least 75 people participated in the ICO, giving TBIS a combined $21 million, some of which went directly to Stollery's bank account and personal expenses like a condo in Hawaii.
Amount of loss: $ 21,000,000 Attack method: Scam