1918 hack event(s)
Description of the event: On July 23, an attacker exploited a misconfiguration to gain access to $1 million from 13 different Prime accounts. This misconfiguration allowed the attacker to illegitimately transfer ownership of the Prime accounts to their own address, enabling them to repay loans and withdraw collateral. On July 24, the attacker returned $900,000.
Amount of loss: $ 1,000,000 Attack method: Contract Vulnerability
Description of the event: The liquidity restaking protocol Renzo tweeted that the Renzo Discord server has been compromised by malicious attackers. Please do not click on any links posted in the server.
Amount of loss: - Attack method: Account Compromise
Description of the event: On July 22, 2024, Kelp's DApp began displaying malicious wallet activity transactions aimed at draining funds. Kelp's engineering team evaluated the situation and identified the root cause to be faulty nameservers routing users to different application code that was attempting to trick the users into phishing. The attackers gained access to Kelp’s domain registrar account impersonating Kelp team and successfully convinced GoDaddy’s customer support that they were the legitimate owners of the account bypassing the 2-FA that was in place.
Amount of loss: - Attack method: DNS Attack
Description of the event: UPS on BNBChain was attacked again, losing about $521K. On April 8th, UPS was previously attacked on BNBChain, losing about $30K.
Amount of loss: $ 521,000 Attack method: Unknown
Description of the event: ETHTrustFund conducted a rugpull and stole approximately $2 million worth of cryptocurrencies on Base.
Amount of loss: $ 2,000,000 Attack method: Rug Pull
Description of the event: The arbitrum.com website appears to have been hacked and is being redirected to the official website of the Meme project MOG. Please stay vigilant and ensure the safety of your assets.
Amount of loss: - Attack method: DNS Attack
Description of the event: A misconfiguration in the Rho Markets lending protocol allowed an MEV bot operator to take $7.6 million from the project's users across multiple chains. The MEV bot operator sent an on-chain message indicating their willingness to return all the funds. Subsequently, the MEV bot operator returned the funds as planned.
Amount of loss: $ 7,600,000 Attack method: Oracle Misconfiguration
Description of the event: The cryptocurrency exchange WazirX posted preliminary investigation results of the cyber attack on Twitter, stating that one of its multisig wallets was compromised, resulting in a loss of over $230 million.
Amount of loss: $ 230,000,000 Attack method: Wallet Stolen
Description of the event: According to the monitoring by the SlowMist security team, the cross-chain bridge aggregation protocol LI.FI has experienced suspicious transactions, resulting in user losses of over $10 million. Please revoke approvals to the related contracts.
Amount of loss: $ 11,600,000 Attack method: Contract Vulnerability
Description of the event: On BNB Chain, the MALOU (NEVER) token experienced over 99% slippage. The address 0xd7c358b8337d3116f5765060f48C1C71B9908B84 used a backdoor to sell NEVER tokens, obtaining 428 BNB (approximately $240,000), which were then transferred into Tornado.
Amount of loss: $ 240,000 Attack method: Rug Pull
Description of the event: According to Fuzzland co-founder Chaofan Shou, the cross-chain lending protocol Minterest was attacked. The attacker used a flash loan attack, resulting in a loss of approximately $1.4 million for the protocol.
Amount of loss: $ 1,400,000 Attack method: Flash Loan Attack
Description of the event: According to on-chain sleuth ZachXBT, the Ethena Discord server has been hacked. Do not click on any links for the time being.
Amount of loss: - Attack method: Account Compromise
Description of the event: Dough Finance was attacked due to a contract vulnerability. Some unauthorized funds were extracted by hackers, resulting in a loss of approximately $2.1 million. Around 76 ETH (approximately $260,000) has been returned by white hat hackers.
Amount of loss: $ 2,100,000 Attack method: Contract Vulnerability
Description of the event: Web3 domain provider Unstoppable Domains stated on Twitter that Unstoppabledomains.com was attacked. Until further notice, please do not open any emails from @unstoppabledomains.com or use the website.
Amount of loss: - Attack method: Unknown
Description of the event: Compound DAO security advisor Michael Lewellen tweeted that the Compound Finance official website (http://compound.finance) has been compromised and is currently hosting a phishing site. Do not interact with the site until further notice.
Amount of loss: - Attack method: DNS Attack
Description of the event: The Smart Bank Token (SBT) contract on BNBChain was attacked, resulting in a loss of approximately $56,000.
Amount of loss: $ 56,000 Attack method: Unknown
Description of the event: The OpSec staking contract was maliciously upgraded, allowing the attacker to withdraw and sell OPSEC tokens worth approximately 59 ETH (around $182,000).
Amount of loss: $ 182,000 Attack method: Security Vulnerability
Description of the event: According to a message posted by Wasabi Wallet on Twitter, users have reported that a coordinator named WasabiCoordinator is gradually stealing user funds through a complex attack. Wasabi Wallet advises all users connected to this coordinator to immediately stop CoinJoin operations and announces that a new version will be released soon to prevent such attacks. Subsequently, Wasabi Wallet tweeted that there were three types of attacks in this incident: attacks on free coordinators, supply chain (GitHub) compromise, user-targeted attacks.
Amount of loss: - Attack method: Security Vulnerability
Description of the event: According to monitoring by the SlowMist security team, Linking The World (LW) was attacked on BNBChain due to a contract vulnerability, losing approximately $80,000.
Amount of loss: $ 80,000 Attack method: Contract Vulnerability
Description of the event: On July 8, rapper Doja Cat's Twitter account was hacked to promote a memecoin. Doja Cat quickly posted on her Instagram account, stating that her Twitter account had been compromised.
Amount of loss: - Attack method: Account Compromise