247 hack event(s)
Description of the event: The official Twitter account of Ethereum expansion solution Metis was stolen. According to officials, team members fell victim to a Sim Swap attack, resulting in malicious actors being able to take over the account for approximately 30 hours.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: An admin on the Fetch discord server showing the username "Atari_buzz1kLL" has had their @discord account compromised. Please do not interact with any posts on our Discord until the issue has been resolved. There is no Fetch airdrop happening right now.
Amount of loss: - Attack method: Discord was hacked
Description of the event: The Twitter account of Blockchain Capital, an encryption venture capital organization, was stolen this morning, and multiple tweets were posted to promote token claim scams. At present, the relevant fraudulent tweets have been deleted, and the Twitter account has now been restored.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Legal authorities in the Indian state of Odisha have successfully busted a $120 million (Rs 1,000 crore) cryptocurrency Ponzi scheme. Two central figures in the fraudulent operation have been arrested. The project in question is called The Solar Techno Alliance (STA), using terms like green energy and solar technology. The investigation found that STA, with the assistance of online members, used various persuasive tactics and promises of profits in a short period of time to attract people to participate in the scheme, with more than 10,000 participants in Odisha alone. The investigation revealed that STA was not authorized by RBI, RBI or other regulators to accumulate deposits.
Amount of loss: $ 120,000,000 Attack method: Scam
Description of the event: The Twitter account of Tim Beiko, the core developer of Ethereum, was suspected of being stolen. He posted two tweets about "ETH airdrop" within half an hour with a phishing link(ether.fo). Users are asked not to click on suspicious links to prevent funds from being stolen. According to the analysis of SlowMist, the mastermind behind the scenes is PinkDrainer.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: A serious flaw in Pond0x, the Pepe the Frog-branded MEME coin launched by Pauly0x, caused traders to lose at least $2.2 million after it was discovered that anyone could transfer tokens belonging to someone else. People quickly started scrambling to steal money from each other. Pauly0x responded by blaming traders who were buying and selling tokens, with various Twitter posts the next day saying he was teaching people a lesson that it wasn’t his fault that people lost money. He wrote to angry traders accusing him of rug pulling. He added a message to the website: "GREED KILLS".
Amount of loss: $ 2,200,000 Attack method: Contract Vulnerability
Description of the event: Cryptocurrency payment service provider Alphapo's hot wallet stolen, $23 million lost. Alphapo client HypeDrop has disabled withdrawals. The stolen funds were first exchanged for ETH on Ethereum and then cross-chained to the Avalanche and BTC networks. Alphapo processes payments for many gaming services such as HypeDrop, Bovada, and Ignition. It is unclear how many bitcoins were stolen from Alphapo. On July 25, on-chain analyst ZachXBT tweeted that in the Alphapo hot wallet theft incident, an additional $37 million stolen on TRON and BTC due to this hack has been found. Now the total stolen from Alphapo has increased to $60 million. The hack was likely carried out by Lazarus.
Amount of loss: $ 60,000,000 Attack method: Wallet Stolen
Description of the event: Recently, Estonian encrypted payment service provider CoinsPaid said it suffered a cyber attack and $37.3 million worth of cryptocurrency was stolen. Although the attack caused significant financial losses to the company and had many adverse effects on the usability of the payment platform, the company stated that customer funds are still safe and the incident will not have a significant impact on the company's business. CoinsPaid said the attack was initiated by the Lazarus hacking group, and their goal was to obtain higher cash. On July 26, SlowMist tweeted that CoinsPaid, Atomic and Alphapo attackers may all be the North Korean hacker organization Lazarus Group.
Amount of loss: $ 37,300,000 Attack method: Unknown
Description of the event: The Twitter account of Uniswap founder Hayden Adams was hacked, and the account sent multiple tweets containing links to scam websites. "Hayden's account has been hacked," the Uniswap Foundation said in a tweet. "Do not click on this link, or one that may appear in similar tweets."
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Nansen CEO Alex Svanevik tweeted that the Twitter account of PleasrDAO, a decentralized autonomous organization composed of DeFi leaders, early NFT collectors, and digital artists, has been stolen, reminding users not to interact with it. PleasrDAO’s official Twitter account tweeted about the claim of the fake token PLEASR.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The Aptos Foundation Twitter account (@Aptos_Network) has been hacked, with hackers directing people to a fraudulent website claiming to participate in a bogus airdrop. Aptos Labs also posted a warning on Twitter, reminding users not to interact with links to fake websites.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The cross-chain interoperability protocol LayerZero officially tweeted that its CEO Bryan Pellegrino's Twitter account (@PrimordialAA) was stolen, reminding users not to click on any suspicious links or participate in suspicious activities.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The Aave fork project on the Pulse chain suffered a governance attack. The hacker first purchased a large number of Aave tokens to obtain the governance authority of the Aave fork project, and then created multiple contracts. The hacker seemed to want to use the governance authority to modify the implementation of the proxy contract Address, using the user's authorization to the contract that has not been canceled, to transfer the user's funds away. Such as WBTC, YFI, BAL, AAVE, UNI and other tokens. Finally, the hacker converted the stolen funds into ETH through the cross-chain bridge protocol, and sent it to the 0xA30190b96FaEe0080144aA0B7645081Fcbf49E6F address of Ethereum. The attacker made a profit of 483 ETH (approximately $930,000).
Amount of loss: $ 930,000 Attack method: Governance Attack
Description of the event: ‘Blockchain for dog nose wrinkles’ Ponzi makes off with $127m. A South Korean company lured investors with its new technology: a blockchain app that can identify dogs by their nose wrinkles.The investigation found that what the company promoted to be its dog nose wrinkle reader was fake.The South Korean police say investors have lost more than $100 million in what it describes as a “typical Ponzi.”
Amount of loss: $ 127,000,000 Attack method: Scam
Description of the event: The U.S. Commodity Futures Trading Commission (CFTC) recently filed a lawsuit in the U.S. District Court for the Northern District of California against William Koo Ichioka, an alleged digital asset and foreign exchange Ponzi scheme, alleging that he mishandled more than $21 million in investor assets and used new customer funds to create the illusion of profits in his Ponzi scheme.William Koo Ichioka raised money from William Koo Ichioka raised funds from more than 100 individuals and entities, promising to trade forex through the operation of a commodity interest pool called Ichioka Ventures. He advertised the service on his website claiming that the promised returns matched the performance of his investments, as he himself was a white knuckle investor who had made millions of dollars. According to his trading strategy, Ichioka promised a 10% return every 30 business days to those who participated in his program. However, his trades suffered huge losses. To hide the losses, he provided false documents to inflate the amount of money in his commodity interest pool accounts and provided participants with false account statements. Ichioka also used other participants' funds to pay for the alleged gains. Although Ichioka claimed that he was investing for his clients, he actually used client funds for personal expenses. He commingled participants' assets with his own and used them to purchase luxury items such as jewelry, cars, and watches.
Amount of loss: $ 21,000,000 Attack method: Scam
Description of the event: The Twitter account of decentralized exchange Slingshot has been compromised by scammer Pink Drainer, who posted links to fake websites and claimed that users could claim airdrop tokens. Users are advised to be aware of the risks and not to click on the links.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: Recently, a security firm discovered a stack overflow vulnerability in the Move VM that does not limit the depth of recursive calls, which can cause a total network shutdown, prevent new validator nodes from joining the network, and potentially even cause a hard fork. mainnet_v1.2.1, Aptos mainnet_v1.4.3 and earlier are all affected by this vulnerability. Suimainnet_v1.2.1, Aptosmainnet_v1.4.3, and Move-language versions after June 10, 2023 fix this vulnerability.
Amount of loss: - Attack method: Overflow Vulnerability
Description of the event: ZenGo CEO Ouriel Ohayon tweeted that BitBoy Crypto founder Ben Armstrong's Twitter account was hacked and used to promote a crypto scam to steal users' NFT assets, the same scam that hit garry tan, peter schiff and others, asking users to be aware of the risks involved.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: NFT giant whale Franklin is suspected to have posted a warning on his Twitter handle @ElectionDayMad1 with text and video that his Twitter account @franklinisbored was stolen, please do not send any cryptocurrency or click on any links, and that none of the tweets from the early morning of June 9 were posted by him.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: According to a tweet from MistTrack, the Twitter account of Cole, co-founder of the NFT project Pudgy Penguins, appears to have been attacked, seemingly by the PinkDrainer hacker group. Please do not click on suspicious links.
Amount of loss: - Attack method: Twitter was hacked