358 hack event(s)
Description of the event: Decentralized derivatives trading platform FutureSwap tweeted that an account with around 300,000 FST reward reserves (0.3% of supply) was compromised yesterday. The credentials for this account were compromised by human error, and the attacker was able to gain access on Arbitrum and transfer the available reward FST to himself.
Amount of loss: 300,000 FST Attack method: Private Key Leakage
Description of the event: A South Korean DeFi project, KLAYswap stated it was hacked and lost over 2.2 billion won, or about $1.83 million, in the incident. The hacker modified the third-party JavaScript link on the front end of KLAYswap, causing the user to download malicious malware when accessing the KLAYswap page. This enabled funds to be transferred to the hacker's wallet address when conducting token-related transactions . During this time, 407 suspicious transactions were found in 325 wallets linked to this incident.
Amount of loss: $ 1,830,000 Attack method: Malicious Code Injection Attack
Description of the event: The digital asset service provider StoboxCompany was attacked by hackers, and its official statement that the private key had been leaked, affected by this, the token fell by 96.93%. StoboxCompany officially stated that the address of the deployer of Stobox tokens was hacked. Since the address of the deployer of ETH and BSC is the same, all reserve funds have been stolen or liquidated. Remind users to stop buying/selling, and the official will restore the STBU snapshot to the last transaction before the hacker attack.
Amount of loss: - Attack method: Private Key Leakage
Description of the event: An attack occurred at Tinyman Pools on January 1 /2, algorand-based automated market maker (AMM) Tinyman tweeted. The attack exploits a previously unknown hole in the contract and allows the attacker to extract assets from a pool to which he has no access. So far, attacks have been executed on multiple pools, but not all of them have been attacked.
Amount of loss: $ 2,000,000 Attack method: Contract Vulnerability
Description of the event: The data on CoinMarketCap's website flashed bugs, and the quotes of multiple cryptocurrencies were wrong.
Amount of loss: - Attack method: Data error
Description of the event: 8ight Finance on the Harmony chain was hacked, and $1.75 million was stolen due to the leak of the private key due to google doc. The platform tweeted about the loss yesterday, and in its discord server provided an explanation for the loss of funds: "Two developers on the team have the keys and they were sent via Facebook group chat and google drive. This is our first project, so we have to admit that our opsec is low.”
Amount of loss: $ 1,750,000 Attack method: Private Key Leakage
Description of the event: According to a report from BleepingComputer on November 10, the electronic retail giant MediaMarkt suffered a ransomware attack. This attack affected many MediaMarkt retail stores throughout Europe, especially those in the Netherlands. The attacker initially asked for a ransom of 240 million US dollars. It was dropped to 50 million U.S. dollars and demanded to be paid in Bitcoin. According to the company later, customer data is "completely secure." The company's stores are now also reopening for exchanges, returns, and repair orders.
Amount of loss: - Attack method: Ransomware
Description of the event: Robinhood, a stock and cryptocurrency trading platform, stated that on the evening of November 3, an intruder entered the company’s system and stole the personal information of millions of users. The full names of the users, the names of about 310 users, the date of birth and postal code were leaked, and the more detailed account information of about 10 users was leaked. The intruder demanded blackmail for payment. The company notified law enforcement and continued to investigate the incident with the help of the external security company Mandiant. Robinhood stated that the attack had been contained. Robinhood believed that it did not expose social security numbers, bank account numbers or debit card numbers, and did not cause any economic losses to customers due to the incident.
Amount of loss: - Attack method: Information Leakage
Description of the event: According to Etherscan data, the OHM imitation project AnubisDAO, which was launched at Copper Launch, withdrew its liquidity pool one day after it went online. It is suspected that the volume of money went off the road. A total of more than 13,556 ETH were transferred to the address @0x9fc, worth about 58.3 million U.S. dollars. Jayson, the founding partner of PFR Capital, pointed out that AnubisDAO is just a Twitter account that was only registered a few days ago. There is no website, white paper, medium, and no products.
Amount of loss: 13,556 ETH Attack method: Rug Pull
Description of the event: According to Cointelegraph reports, some Youtube channels were hacked and seized control. The original content and information of these channels were destroyed by hackers. Hackers pretended to be large technology companies or cryptocurrency exchanges to commit fraud. These channels were also used by hackers for $3 to $4,000. Sold at varying prices. The Google Threat Analysis Team (TAG) stated that the hackers who attacked the Youtube channel came from a Russian-speaking forum. In addition, Google has shared the findings with the FBI for further investigation.
Amount of loss: - Attack method: YouTube was hacked
Description of the event: The IDO project SaturnBeam of MoonSwap, a decentralized exchange on the Moonriver chain, ran away, and MoonSwap tweeted a warning that SaturnBeam would refund the money within 24 hours.
Amount of loss: $ 12,000,000 Attack method: Rug Pull
Description of the event: Email addresses belonging to 3.1 million CoinMarketCap users were leaked last week, according to Have I Been Pwned.Have I Been Pwned says that the website’s database was breached on Oct. 12, 2021. Exactly 3,117,548 email addresses, not including passwords, were stolen in the security breach.
Amount of loss: - Attack method: Information Leakage
Description of the event: Glide Finance, a DeFi protocol built on the Elastos ecosystem, tweeted that a contract loophole was exploited to siphon money out of the matching contract for a loss of approximately $300,000 because the team changed the fee parameters after an audit but did not update the number on the contract from 1,000 to 10,000. The team is now contacting the exchange to block the transfer of funds and reminding users who have money in Glide's liquidity pool to withdraw funds.
Amount of loss: $300,000 Attack method: Contract Vulnerability
Description of the event: The report released by Sophos stated that the crypto fraud application CryptoRom stole 1.4 million U.S. dollars through the use of "super signature service" and Apple's developer enterprise plan. It is reported that fraudsters gain the trust of victims through Facebook and dating platforms (such as Tinder, Grindr, Bumble, etc.), and then lure them to install a fake cryptocurrency application CryptoRom and invest. The victim installs apps, invests, makes a profit, and is allowed to withdraw funds. After being encouraged, they were forced to invest more, but once they deposited a larger amount, they could no longer withdraw cash. To date, Bitcoin addresses related to the scam have sent more than 1.39 million U.S. dollars, and there may be more addresses related to the scam. According to the report, most of the victims are iPhone users. The report stated that CryptoRom bypassed all security checks in the App Store and remained active every day. The report also stated that Apple “should warn users about installing apps through temporary distribution or through the enterprise configuration system that these apps have not been reviewed by Apple.”
Amount of loss: $ 1,400,000 Attack method: Scam
Description of the event: Quantitative trading company mgnr stated on Twitter that StarkWare has an urgent security issue, but did not disclose the specific details. Louis Guthmann, the head of ecology of the StarkWare team, confirmed that there is indeed a problem. “This is not a security vulnerability on dYdX. ) Is only related to a specific user." mgnr said he has contacted the StarkWare and Solana teams.
Amount of loss: - Attack method: Unknown
Description of the event: The Bitcoin.org website has activities to give back to the community, and it is suspected that the website has been hacked. The homepage of the website shows a Bitcoin address and states that any first 10,000 users who pay to this address will receive double the amount in return. Cobra, the co-owner of the Bitcoin.org website, tweeted that Bitcoin.org has been hacked and is investigating how hackers set up fraud patterns on the website. It is expected that operations will be suspended for a few days. According to reports, the attackers stole more than 17,000 U.S. dollars.
Amount of loss: $ 17,000 Attack method: Malicious Code Injection Attack
Description of the event: Klondike Finance was attacked by hackers, with a total loss of approximately 35,281.71 KXUSD (6.5629 WETH).
Amount of loss: 35,281.71 KXUSD Attack method: Flash loan attack
Description of the event: OpenZeppelin released a bug fix analysis. Whitehat Zb3 submitted a serious reentrant vulnerability in OpenZeppelin's TimelockController contract on August 21, 2021, which affected a project hosted on the Immunefi vulnerability bounty platform. The project chose to remain anonymous and has paid an undisclosed amount (including an anonymous bonus) to White Hat. OpenZeppelin paid White Hat a bonus of $25,000 to recognize their contribution to community security and released a patch. As far as it knows, this is the only serious vulnerability that OpenZeppelin has in its open source smart contract library. The vulnerability has been patched in the affected projects, and OpenZeppelin has released an updated contract version to fix the vulnerability. All projects that use TimelockController should be migrated.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: In May of this year, the SEC filed a lawsuit against five people suspected of promoting BitConnect. The SEC believes that BitConnect is an unregistered digital asset securities product, and the program has raised more than $2 billion from retail investors through the promoter network. BitConnect is a cryptocurrency investment plan with the characteristics of a Ponzi scheme launched in 2017. Its token BCC was one of the 20 most valuable cryptocurrencies at the time, with a market value of more than 2.6 billion U.S. dollars. In September, the founder of BitConnect, Glenn Arcaro, admitted to participating in a fraud scheme, which was allegedly amounting to US$2 billion.
Amount of loss: $ 2,000,000,000 Attack method: Scam
Description of the event: Sentinel, a Cosmos ecological dVPN project, stated on Twitter that the $40 million DVPN tokens were stolen due to the leak of the mnemonic phrase on the HitBTC exchange. Sentinel stated that the user's own DVPN was safe, and HitBTC had the problem. They reported the hacking incident to Sentinel one hour after the incident. So Sentinel hopes that HitBTC will take action to return DVPN to users. HitBTC responded that Sentinel was trying to shirk responsibility for its technical defects and deceive everyone. HitBTC believes that Sentinel’s technology has vulnerabilities that can easily cause user mnemonics to be publicly disclosed. Such vulnerabilities are common in the Sentinel network, and the blockchain and software have not been thoroughly tested, and the company has not invested enough Time and resources to protect users. Therefore, HitBTC recommended that Sentinel fix the security vulnerabilities in the software, conduct more tests, and restart the current centralized system.
Amount of loss: $ 40,000,000 Attack method: Affected by the HitBTC event