6 hack event(s)
Description of the event: Kannagi Finance has rug pulled, making away with up to $2.13 million in investor funds. The platform runs o the zkSync Era, which is in the race for the best Ethereum Layer 2 network. The network has deleted its official website, including social media and communication accounts.
Amount of loss: $ 2,130,000 Attack method: Rug Pull
Description of the event: On July 25th, according to reports from several users, Eralend, the lending protocol on Zksync, was attacked by lightning loans, and it is currently unable to borrow, but it can be proposed temporarily. On July 26, EraLend released the progress of the attack. EraLend stated that the attacker manipulated the price of the oracle machine, resulting in the USDC mining pool being used for about 2.76 million US dollars. All other pools remain safe and unaffected. The attackers used multiple bridges to spread the exploited funds across multiple wallets on various chains.
Amount of loss: $ 2,760,000 Attack method: Flash Loan Attack
Description of the event: ZK Rollup Order Book DEX Protocol ZigZag tweeted, "Our Discord has been hacked, please note that there is no airdrop activity at ZigZag at this time, please do not click on phishing links. We are working to resolve this issue and will provide an update when control is regained."
Amount of loss: - Attack method: Discord was hacked
Description of the event: Bobie, the founder of 0xScope, the Web3 knowledge graph protocol, tweeted that the liquidity of the zkSync ecological DEX Merlin was exhausted, and hackers stole $1.82 million in funds and bridged to Ethereum. According to analysis, this is an internal Rug Pull, and Merlin internal members maliciously used the privileges of the owner's wallet.
Amount of loss: $ 1,820,000 Attack method: Rug Pull
Description of the event: On April 9th, a rug pull occurred on the ZkSync ecological project CoreHunter, and the scammers made a profit of about 510,000 US dollars.
Amount of loss: $ 510,000 Attack method: Rug Pull
Description of the event: The ZKSwap token ZKS, a decentralized exchange based on ZK Rollup, has problems due to Uniswap adding liquidity. ZKSwap officially stated that the reason for this phenomenon was that someone used scripts to brush transactions, resulting in a higher price for first adding liquidity. The project party can only sell a part of ZKS to return the price to normal levels. All the USDT obtained from selling ZKS has been injected into the liquidity pool and will not be withdrawn in the next 3 months
Amount of loss: - Attack method: Malicious Code Injection Attack