9 hack event(s)
Description of the event: The Polkadot ecological project Acala caused an additional issuance of aUSD due to an error on the chain, allowing attackers to mint aUSD. The vulnerability caused aUSD to lose its peg to the US dollar, initially falling to $0.60 and hovering around $0.90. Acala suspended the protocol shortly after the attack and disabled the transfer of the stolen aUSD and the attackers exchanging Acala tokens for some of the aUSD.
Amount of loss: $ 52,000,000 Attack method: On-chain setup error
Description of the event: The Tableland Discord server was compromised by malicious actors, successfully impersonating moderators on the channel and leading community members to a fake Tableland domain that funneled targeted assets from member ETH wallets. The perpetrators utilized a fakemint scheme, which lured community members using a pretense of an exclusive, limited mint. Instead, target victims were taken to a malicious website that tricked some of them into granting specific wallet permissions. Once granted, the perpetrators were able to siphon away Tableland Rigs and other NFTs
Amount of loss: $ 45,819 Attack method: Discord server hacked
Description of the event: Polkadot Eco DeFi revenue aggregator Dot.Finance suffered a lightning loan attack. Dot.Finance's token PINK plummeted 35% in a short time, from 0.77 USD to approximately 0.5 USD. The attacker made a profit of 900.89 BNB (approximately $429,724 in total).
Amount of loss: $429,724 Attack method: Flash loan attack
Description of the event: The digital collectibles market platform Bondly Finance released an analysis report on the previous attack. Bondly Finance believes that the attacker obtained access to the password account belonging to Bondly CEO Brandon Smith through a carefully planned strategy. The password account contains the assistance of his hardware wallet. Recalling the phrase to restore the phrase, after copying, allowed the attacker to access the BONDLY smart contract, and the company wallet that was also leaked, resulting in the minting of 373 million BONDLY tokens.
Amount of loss: 373,000,000 BONDLY Attack method: Control access to password accounts
Description of the event: According to official news, Polkadot's ecological oracle and prediction protocol OptionRoom stated that it was affected by the "cross-chain asset bridge ChainSwap attack", and many projects including OptionRoom were affected by the hacker attack. Hackers can obtain 2.3 million ROOM tokens on Ethereum and 10 million ROOM tokens on BSC. OptionRoom noticed the hacking before the hackers sold any tokens and decided to remove liquidity from Uniswap and Pancakeswap to protect token holders and liquidity providers from being sold to the liquidity pool by hackers. By selling the deployer's tokens to the Uniswap pool, OptionRoom was able to recover $342,117. In this way, OptionRoom successfully extracted liquidity on behalf of the liquidity provider of the project. The recovered amount will be allocated according to the share of the liquidity provider.
Amount of loss: 12,300,000 ROOM Attack method: Contract vulnerability
Description of the event: According to official sources, Dora Factory, a multi-chain service infrastructure based on Polkadot, suffered a contract vulnerability in the cross-chain asset bridge ChainSwap. The 7,872 DORA locked in the ChainSwap cross-chain bridge contract was taken out by hackers and sold through Uniswap.
Amount of loss: $ 42,373 Attack method: Contract vulnerabilities
Description of the event: RAI Finance, a cross-chain transaction protocol based on the Polkadot blockchain, issued a post stating that due to the vulnerability of the ChainSwap smart contract, the RAI access and payment permission addresses connected to it were also hacked and stolen. The total amount of stolen RAI in the account reached 2.9 million. On July 5, Rai Finance tweeted that after investigation by the team, hackers had returned 2.2 million RAIs to ChainSwap Deployer. The total loss caused by this incident was reduced to 670,000 RAI.
Amount of loss: $ 414,013 Attack method: RAI access and payment authority addresses were attacked
Description of the event: Polkatrain, an ecological IDO platform of Polkadot, had an accident this morning. According to SlowMist analysis, the contract in question is the POLT_LBP contract of the Polkatrain project. This contract has a swap function and a rebate mechanism. When users purchase through the swap function When the PLOT token is used, a certain amount of rebate will be obtained, and the rebate will be forwarded to the user in the form of calling transferFrom by the _update function in the contract. Since the _update function does not set the maximum amount of rebates for a pool, nor does it determine whether the total rebates have been used up when rebates are made, malicious arbitrageurs can continuously call the swap function to exchange tokens to get the contract. Rebate reward. The SlowMist security team reminds DApp project parties to fully consider the business scenario and economic model of the project when designing the AMM exchange mechanism to prevent unexpected situations.
Amount of loss: $ 3,000,000 Attack method: Rebate arbitrage
Description of the event: Hackers took advantage of the storage asset verification flaws in the Akropolis project of the Polkadot ecosystem to launch multiple consecutive reentry attacks on the contract, causing the Akropolis contract to issue a large number of pooltokens out of thin air without new asset injection, and then reuse these pooltokens. Withdrawing DAI from the YCurve and sUSD pools resulted in the loss of 2.03 million DAI in the project contract.
Amount of loss: $ 2,030,000 Attack method: Reentrancy attack