53 hack event(s)
Description of the event: Cybersecurity startup Unciphered has carried out an attack on encrypted hardware wallets made by OneKey. In a video on YouTube, Unciphered demonstrates a so-called "man-in-the-middle" wallet attack method that exploits a vulnerability to extract a mnemonic seed phrase, or private key, from a OneKey Mini hardware wallet. OneKey acknowledged the vulnerability in a statement and said that no one was affected as it had updated the security patch. OneKey said it has paid a bounty to Unciphered.
Amount of loss: - Attack method: "Man-in-the-middle" attack
Description of the event: Several users claimed that their funds were stolen in the official Telegarm group of BitKeep, a Web3 multi-chain wallet. BitKeep issued an announcement saying that after preliminary investigation by the team, it is suspected that some APK package downloads were hijacked by hackers, and the packages implanted by hackers were installed. At present, funds on multiple chains have been damaged, and only BNB Chain has lost more than 3 million US dollars.
Amount of loss: $ 9,000,000 Attack method: Unknown
Description of the event: Trust Wallet released an analysis report saying: "In November 2022, a vulnerability was discovered in the back-end module WebAssembly (WASM) at the core of the open source repository wallet. The vulnerability affected new wallets generated by browser extension versions 0.0.172 and 0.0.182, and only the private keys of a limited number of new wallets created in these versions were affected. Despite our best efforts, two breaches occurred, resulting in a combined loss of approximately $170,000 at the time of the attack. "
Amount of loss: $ 170,000 Attack method: Wallet Vulnerability
Description of the event: Aptos ecological wallet Petra tweeted that the Aptos Labs team discovered a vulnerability on Petra on October 20. The mnemonic is related to account creation in existing wallets, and the mnemonic displayed on the page may be inaccurate. To access the exact 12 mnemonic phrases, set up, manage your account, enter your password, and click Show Key Recovery Phrase. Currently, Petra has fixed the vulnerability.
Amount of loss: - Attack method: Mnemonic Vulnerability
Description of the event: According to the official news of the wallet BitKeep, BitKeep Swap was attacked by hackers, and the development team has carried out urgent processing. The hacker's attack has been stopped. The attack was concentrated on the BNB Chain, resulting in a loss of about 1 million US dollars. According to SlowMist MistTrack monitoring, Bitkeep Swap attackers have transferred 4,300 BNB (about $1.18 million) stolen funds to Tornado Cash in the form of 100 BNB each.
Amount of loss: $ 1,180,000 Attack method: Contract Vulnerability
Description of the event: According to the official announcement of TokenPocket, the official website tokenpocket.pro is currently attacked by abnormal traffic, and the technical team is carrying out emergency maintenance. During the technical maintenance period, the TokenPocket website will not be accessible normally, and the security of user assets will not be affected.
Amount of loss: - Attack method: Abnormal traffic attack
Description of the event: DeBank plug-in wallet Rabby tweeted that its Rabby Swap smart contract has a vulnerability, and users who have used it should revoke Rabby Swap approvals on all chains as soon as possible. According to the analysis of the SlowMist security team, the Rabby Swap contract was attacked, and the token exchange function in the contract was directly called externally through the functionCallWithValue function in the OpenZeppelin Address library. The parameters passed in by the user are not checked, resulting in any external call problems. Attackers exploit this issue to steal funds from users authorized by this contract.
Amount of loss: $ 190,000 Attack method: Contract Vulnerability
Description of the event: @alxlpsc disclosed on medium that MetaMask has serious privacy leaks. The vulnerability mainly uses MetaMask to automatically load NFT image URLs. Basic attack idea: the attacker can set the URI of the NFT to a server URL that he can control, and transfer the NFT to the target account; when the user logs in to MetaMask, MetaMask will automatically scan the NFT owned by the account, and initiate a pointer to The HTTP request to the attacker's server; the attacker can obtain the victim's IP information from the access log.
Amount of loss: - Attack method: Information Leakage
Description of the event: Dharma Wallet officially tweeted that there was a downtime. After Dharma updated Twitter, it said that it has returned to normal and all funds are safe.
Amount of loss: - Attack method: Downtime
Description of the event: Chivo Wallet is a national digital wallet issued by the government of El Salvador on September 7 for the implementation of the Bitcoin Act. To this end, El Salvador promised that users who download and authenticate the Chivo Wallet will receive a $30 bitcoin reward. This move allowed the official wallet of El Salvador to exceed 2 million users in one month. Between October 9th and October 14th, Cristosal, a human rights organization in El Salvador, received 755 notices about Salvadorans reporting that their Chivo wallet identity was stolen.
Amount of loss: $ 22,650 Attack method: Wallet Stolen
Description of the event: DeFi insurance agreement Nexus Mutual stated on Twitter that the personal address of its founder Hugh Karp was attacked by a platform user, stolen 370,000 NXM and lost more than 8 million US dollars. The official said that this is a targeted attack, only the official name, Karp used a hardware wallet, the attacker obtained remote access to his computer, and modified the wallet plug-in MetaMask, deceived him to sign the transaction, the attacker Completed KYC 11 days ago, and then changed to a new address on December 3. , To transfer funds to the attacker’s own address.
Amount of loss: 370,000 NXM Attack method: Permission Stolen
Description of the event: On November 9th, a user named "aaron67" posted about his BSV theft experience, saying that please stop using the multisig accumulator multi-signature solution implemented by ElectrumSV immediately. The locking script of this scheme had serious bugs, so that 600 BSV was stolen on November 6th. After the incident, the user had contacted Roger Taylor, the author of ElectrumSV, for the first time, and the serious bug was subsequently confirmed. At the same time, the Note.SV developers stated that they had done an analysis for the first time to find the source of the bug, and notified the wallet author and community users.
Amount of loss: 600 BSV Attack method: Security Vulnerability
Description of the event: Phishing and scams targeting Ledger wallet owners are increasing, and one of the scam websites obtained more than 1,150,000 XRP from victims. This scam uses phishing emails to direct users to a fake Ledger website. On this fake website, the victim was tricked into downloading malware that pretended to be a security update, resulting in the theft of all Ledger wallet balances. According to the fraud identification website xrplorer operated by the community, the XRP obtained from the scam was sent to Bittrex through 5 deposits, but the exchange “cannot freeze XRP in time”.
Amount of loss: 1,150,000 XRP Attack method: Phishing attack
Description of the event: An investigation by ZDNet revealed that hackers stole $22 million from users of Bitcoin wallet Electrum by enticing users to install fake software updates. And this technique was highest in 2018. Since this attack was first discovered two years ago, the Electrum team has taken some measures to prevent this attack. But this attack still applies to users who use older versions of the application.
Amount of loss: $ 22,000,000 Attack method: Fake software updates
Description of the event: Encrypted wallet provider Ledger recently experienced database leaks and wallet vulnerabilities, putting users' bitcoins at risk. The chief technology officer of Ledger stated that in terms of database leakage, the attacker accessed part of our e-commerce and marketing database through a third-party misconfigured API key on our website, allowing unauthorized access to our customers’ contact information and Order data. Ledger fixed this issue on the same day and disabled the API key.
Amount of loss: - Attack method: Information Leakage
Description of the event: GitHub user "1400 BitcoinStolen" said that a huge amount of his Bitcoin money had disappeared in the hack. This user uses a bitcoin purse Electrum, the user has no security update the software, so when he transfers the currency, it prompts to update and fix potential problems, but when he according to tip operation, the software takes advantage of a vulnerability to connect the hacker server, 1400 bitcoins (worth $16 million) is placed into the hacker's wallet.
Amount of loss: $ 16,000,000 Attack method: Fake software update
Description of the event: A cryptocurrency trader tweeted that a hacker hacked into his Ledger crypto wallet and stole more than 100,000 ERC-20 tokens. In addition, the trader said his account was safe because he had just reset his password last week.
Amount of loss: 100,000 ERC-20 Attack method: Unknown
Description of the event: On July 25, 2020, there was unauthorized access to Ledger's database, resulting in data leakage. The leaked data includes e-commerce and marketing data, but payment information and encrypted assets are safe. Ledger’s announcement claimed that the API Key was used to achieve unauthorized access to the database. Currently, the API Key has become invalid.
Amount of loss: - Attack method: Information Leakage
Description of the event: Attacker creates malicious Ledger Chrome extensions and tricks users into downloading malicious Ledger Chrome extensions through Google search ad serving and other methods to steal users' cryptocurrency. So far, it is known that at least 1.4 million XRP are stolen.
Amount of loss: 1,400,000 XRP Attack method: Phishing attack
Description of the event: IOTA has shut down its entire network this week after hackers exploited a vulnerability in the official IOTA wallet app to steal user funds.Estimated loss of 850000 MIOTA (valued at us $2.3 million).
Amount of loss: 8,550,000 MIOTA Attack method: Application Vulnerability