30 hack event(s)
Description of the event: The X account of the meme project dogwifcoin (WIF) is suspected to have been hacked, posting multiple token contract messages. Users are advised to stay vigilant.
Amount of loss: - Attack method: Account Compromise
Description of the event: A dog-themed memecoin project called SHARPEI abruptly cashed out $3.4 million, tanking the token price by more than 96% in seconds. The project had been promoted by crypto influencers, but hit a snag when a pitch deck for the project leaked. The deck contained multiple lies, including claims to have hired multiple "KOLs" who later denied involvement, and false claims of partnerships with various platforms and projects. As the token price stuttered along with these revelations, insiders apparently decided to quit while they were ahead, and cashed out in a quick and coordinated sale.
Amount of loss: $ 3,400,000 Attack method: Rug Pull
Description of the event: Ahmad Shadid, former CEO of the decentralized GPU network io.net, posted on X that the official io.net Discord has been hacked. He has informed the IO team and advised not to click on any shared links.
Amount of loss: - Attack method: Account Compromise
Description of the event: The website frontend of Solana ecosystem real estate trading protocol Parcl has been hacked, extracting tokens from users' Solana wallets and displaying fake transaction results in Phantom. Parcl’s official X account also appears to have been compromised, posting information related to PARCL rewards.
Amount of loss: - Attack method: Frontend Attack
Description of the event: pump.fun is a Solana-based memecoin generator. On May 16th, the project suffered a $1.9 million exploit by an attacker who then began airdropping the money to somewhat random wallets. pump.fun stated on Twitter that the attack was due to a former employee exploiting their privileges within the company to illegally obtain withdrawal permissions and using a lending protocol to carry out flash loan attacks.
Amount of loss: $ 1,900,000 Attack method: Flash Loan Attack
Description of the event: io.net founder and CEO Ahmad Shadid announced on social media that io.net's metadata APIs recently experienced a security incident. A malicious party exploited accessible mappings of User IDs to Device IDs, leading to unauthorized metadata updates. This breach did not compromise GPU access but did affect the metadata displayed to users on the frontend.
Amount of loss: - Attack method: Security Vulnerability
Description of the event: Jupiter, a trading aggregator in the Solana ecosystem, tweeted that they noticed a large number of spam bots hitting our RPCs and limited them. Users are advised to try their operations again. The team is working super hard on helping users in this new congested environment and dealing with extraordinary volume.
Amount of loss: - Attack method: Spam bots
Description of the event: CondomSOL on Solana has exited, and its Twitter account is no longer accessible. The wallet associated with CondomSOL raised 4,965 SOL, equivalent to approximately $922,000.
Amount of loss: $ 922,000 Attack method: Rug Pull
Description of the event: The Solana ecosystem is grappling with a spate of drained wallets. A cause has yet to be definitively determined, but some of the thefts were linked to the use of trading bots like Solareum. According to security researcher Plum, the Solareum Telegram trading bot vulnerability resulted in a loss of assets worth approximately $1 million.
Amount of loss: $ 1,000,000 Attack method: Unknown
Description of the event: Solana validator operator Laine tweeted, "Solana Mainnet-Beta is experiencing a performance degradatation, block progression is currently halted, core engineers & validators are actively investigating." According to SolanaFM data, the last block appears to have been processed at UTC time 09:52. Solana Status tweeted, "Block production on Solana mainnet beta resumed at 14:57 UTC, following a successful upgrade to v1.17.20 and a restart of the cluster by validator operators. Engineers will continue to monitor performance as network operations are restored.The outage began at approximately 09:53 UTC, lasting 5 hours. Core contributors are working on a root cause report, which will be made available once complete."
Amount of loss: - Attack method: Downtime
Description of the event: The MangoFarm project is suspected of a rug pull. The official Twitter account of the MangoFarm is no longer accessible.
Amount of loss: $ 2,000,000 Attack method: Rug Pull
Description of the event: MegabotETH is suspected of a rug pull. Approximately 742k has been stolen.
Amount of loss: $ 742,000 Attack method: Rug Pull
Description of the event: On October 19, Synthetify Protocol experienced a security incident. The smart contract and the entire platform are currently frozen.
Amount of loss: $ 230,000 Attack method: Governance Attack
Description of the event: SaberDAO tweeted that their Discord was hacked.
Amount of loss: - Attack method: Account Compromise
Description of the event: SVT tokens were attacked by flash loans, and the economic model loopholes of SVT transaction contracts were exploited. The attackers made approximately $400,000 in profit from repeated buying and selling operations. According to MistTrack analysis, the attacker’s initial funds came from SwftSwap, and 1070 BNB has been transferred to Tornado Cash.
Amount of loss: $ 400,000 Attack method: Flash Loan Attack
Description of the event: In response to an attack, Raydium tweeted that a patch has been put in place so far to prevent further attacks. This attack has nothing to do with the escalated privileges of the program itself. The vulnerability seems to stem from a Trojan horse attack and the leakage of the private key of the liquidity pool owner account. The attacker gained access to the pool owner account and was then able to call the withdraw pnl function, which is used to collect transaction/protocol fees earned on swaps in the pool. The affected pools include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, RAY-SOL, stSOL-USDC, ZBC-USDC, UXP-USDC, and whETH-USDC, with a total loss of approximately $4.395 million.
Amount of loss: $ 4,395,000 Attack method: Private Key Leakage
Description of the event: Solend, a lending protocol on Solana, tweeted that an oracle attack against USDH affecting Stable, Coin98, and Kamino’s isolated pools was detected, resulting in $1.26 million in bad debt. Additionally, Solend claims that all other pools, including the Main pool, are safe.
Amount of loss: $ 1,260,000 Attack method: Oracle attack
Description of the event: The total amount of funds affected by the Solana ecological algorithm stablecoin protocol UXD Protocol in the Mango attack is $19,986,134.9037. UXD Protocol stated: “Our insurance fund is sufficient to cover losses. UXD is fully secured and will be redeemable by users once Mango Markets recovers from the exploit. The total insurance fund is $53,527,304.7757. UXD Protocol has suspended UXD minting for Risk minimization. Minting will be re-enabled once we confirm the issue with Mango Markets has been resolved.”
Amount of loss: $ 20,000,000 Attack method: Affected by the Mango attack
Description of the event: Tulip Protocol, a Solana ecological income aggregator and leveraged income farming platform, stated that its exposure to the Mango attack was limited to a portion of the USDC/RAY strategic treasury, namely 2,465,841.497167 USDC and 66,721.925355 RAY, and the funds affected by the Mango attack were about $2.5 million.
Amount of loss: $ 2,500,000 Attack method: Affected by the Mango attack
Description of the event: Mango, the Solana ecological decentralized financial platform, tweeted: “A hacker is currently investigating an incident in which a hacker extracted funds from Mango through price manipulation through oracle machines.” According to a detailed report, the protocol was encountered at approximately 6:00 on October 12, Beijing time. Attack, 2 accounts funded by USDC held excessive positions in MNGO-ERP, the underlying price of MNGO/USD on various exchanges (FTX, Ascendex) saw a 5-10 times price increase within a few minutes, Caused Switchboard and Pyth oracles to update their MNGO benchmark prices above $0.15, further causing unrealized profits to increase account value to market long MNGO-ERP, allowing accounts to borrow and withdraw BTC from the Mango protocol (sollet) , USDT, SOL, mSOL, USDC, which made the loan amount of the equivalent deposit of USD 190 million on the platform reached the maximum value, and the net value withdrawn from the account at that time was about USD 100 million.
Amount of loss: $ 100,000,000 Attack method: Flash Loan Attack