304 hack event(s)
Description of the event: According to Foresight News, the Foresight Ventures X account was hacked and is currently in the process of being recovered. Please do not click or trust any links or token information posted by this account.
Amount of loss: - Attack method: Account Compromise
Description of the event: The X account of Ryan Zarick, co-founder and CTO of LayerZero Labs, was briefly compromised and used to post a fraudulent airdrop claim along with a phishing link.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the blockchain AI project Aizel Network was hacked at noon on January 11 and is currently in the process of being recovered. The official reminder to users is to be cautious of the content posted by this account, do not trust any token information, and avoid clicking on any suspicious links or participating in any suspicious activities.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of Solv Protocol has been compromised. Users are advised not to click on any suspicious links.
Amount of loss: - Attack method: Account Compromise
Description of the event: lmk.fun (formerly Scopescan) issued an alert on the X platform, warning that the X account of the Web3 knowledge graph protocol 0xScope (@ScopeProtocol) has been hacked. Users are advised not to click on any links or trust any content posted by the account. An investigation and recovery are currently in progress.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the RWA lending protocol Centrifuge was compromised, and fake information was posted.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to monitoring by Scam Sniffer, the X account of Superchain Eco (@SuperchainEco) was compromised and used to post phishing links.
Amount of loss: - Attack method: Account Compromise
Description of the event: Animoca Brands tweeted that @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please do not engage with the account and stay vigilant.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to Scam Sniffer's monitoring, the privacy-preserving data verification protocol zkPass's X account was compromised and used to post phishing tweets.
Amount of loss: - Attack method: Account Compromise
Description of the event: Regarding rumors about the collaboration between DOGE and USUAL, Azoria CEO James Fishback clarified that he had contacted DOGE's head of department, Vivek Ramaswamy, whose account was compromised.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of AI startup Anthropic, backed by Amazon, appears to have been compromised, posting an unknown token contract address related to AI Agents.
Amount of loss: - Attack method: Account Compromise
Description of the event: Canadian rapper Drake's X account (with over 39 million followers) was allegedly compromised on Saturday evening, promoting a Solana meme coin based on his cartoon "alter ego" character. The coin's trading volume reached $5 million at one point, but it was later confirmed to be a scam, and the related posts have been deleted.
Amount of loss: - Attack method: Account Compromise
Description of the event: The algorithmic stablecoin protocol Haven Protocol has issued a warning about a hack exploiting a vulnerability in "range proof validation." This flaw allows attackers to mint illicit XHV undetected. According to reports from exchanges, the amount of XHV exceeds 500 million tokens, while audit data indicates a current supply of only 263 million tokens. The surplus is likely generated through this exploit. The team found a weakness in the "range proof validation", which was introduced after the Haven 3.2 rebase to Monero and has advised exchanges to halt trading on all pairs.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The Cardano Community posted on X, stating that the Cardano Foundation's X account has been compromised. They are currently addressing the issue and advised users to temporarily ignore all posts from the account.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Omnichain meta-yield aggregator MAAT tweeted that a security breach in the MAAT alpha version, resulting in unauthorized withdrawals of $240,000 USDT.
Amount of loss: $ 240,000 Attack method: Security Vulnerability
Description of the event: On-chain investigator ZachXBT stated on his personal Telegram channel that the wallet associated with crypto KOL JRNY appears to have been compromised, with approximately $4 million worth of crypto assets transferred and sold. This suggests that the wallet's private key may have been leaked.
Amount of loss: $ 4,000,000 Attack method: Private Key Leakage
Description of the event: Binance co-founder CZ confirmed on X that the official X account of his educational project, Giggle Academy, has been hacked.
Amount of loss: - Attack method: Account Compromise
Description of the event: The funds of multiple users of the on-chain trading terminal DEXX have been stolen. According to statistics from the SlowMist Security Team, the total losses from this incident have reached $21 million.
Amount of loss: $ 21,000,000 Attack method: Private Key Leakage
Description of the event: The Aptos-based DeFi project Thala suffered a security breach as a result of an isolated vulnerability in the latest update to v1 farming contracts, allowing the exploiter to withdraw liquidity pool tokens totaling $25.5m. Thala has since paused all related contracts and frozen Thala token assets ($9m MOD and $2.5m THL). With the assistance of other organizations, the team identified the exploiter and negotiated a $300k bounty for a full recovery of user assets.
Amount of loss: $ 25,500,000 Attack method: Contract Vulnerability
Description of the event: GMGN stated in the community, "The GMGN website has suffered a malicious attack, suspected to involve multiple methods, including common crawler attacks and flood attacks. The development team is currently working on emergency repairs, and the token details page, holdings collection feature, and transaction activity records have been restored."
Amount of loss: - Attack method: Unknown