1987 hack event(s)
Description of the event: Fake MEMEPAD (MEMEPAD) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 80,134 Attack method: Rug Pull
Description of the event: Fake TITANX (TITANX) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 82,385 Attack method: Rug Pull
Description of the event: The Ethereum liquidity restaking pool Astrid was attacked due to a vulnerability in the withdrawal function, resulting in a loss of approximately $228,000. The parameters of the `withdraw()` function, specifically the token address and token amount, were exploitable. On October 29, the hackers returned 80% of the stolen funds (102 ETH).
Amount of loss: $ 228,000 Attack method: Contract Vulnerability
Description of the event: STIMMY on Ethereum pulled liquidity to the tune of 43.8 ETH (~$78.8K) and deleted its social platforms.
Amount of loss: $ 78,800 Attack method: Rug Pull
Description of the event: A fake Linea token is suspected of a rug pull for ~$1.3m. ~$743k has been deposited into Tornado Cash. Contract Address: 0x00000000fEB6A772307C6aA88AB9D57b209aCb18.
Amount of loss: $ 1,300,000 Attack method: Rug Pull
Description of the event: Maestro Router was compromised and approximately $ 510,000 was stolen.
Amount of loss: $ 510,000 Attack method: Contract Vulnerability
Description of the event: Mina Protocol on BNB Chain has dropped 100%. 0x0920…a44A has swapped 1,000,000,000,000,000 $MINA for ~474.26 $BNB (worth ~$106.7K).
Amount of loss: $ 106,730 Attack method: Rug Pull
Description of the event: On October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Amount of loss: $ 4,400,000 Attack method: Information Leakage
Description of the event: Safereum has conducted an exit scam for ~$1.3m. Contract Address: 0xb504035a11E672e12a099F32B1672b9C4a78b22f.
Amount of loss: $ 1,300,000 Attack method: Rug Pull
Description of the event: Julia (JULIA) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 73,000 Attack method: Rug Pull
Description of the event: Fake Celestia (TIA) on BNB Chain is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 162,837 Attack method: Rug Pull
Description of the event: Token SOMESING (SSX) on BNB Chain is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 169,000 Attack method: Rug Pull
Description of the event: Philippine exchange Coins.ph lost 12 million $XRP ($6 million) in a hack.
Amount of loss: $ 6,000,000 Attack method: Private Key Leakage
Description of the event: MicDao suffered from a flash loan attack. The attacker gained $12,263. Contract address: 0xf6876f6AB2637774804b85aECC17b434a2B57168.
Amount of loss: $ 12,263 Attack method: Flash Loan Attack
Description of the event: A project named The Honest Venture is a confirmed investment scam with losses of approximately ~$58k.
Amount of loss: $ 58,000 Attack method: Rug Pull
Description of the event: On October 19, Synthetify Protocol experienced a security incident. The smart contract and the entire platform are currently frozen.
Amount of loss: $ 230,000 Attack method: Governance Attack
Description of the event: On October 18, 2023, , the HopeLend protocol fell victim to a hacker attack. The attack resulted in a loss of approximately 528 ETH, out of which 263.91 ETH were bribed by the frontrunner to a Validator (managed by Lido). The exploit frontrunner eventually profited by 264.08 ETH. On October 20, Hope.money tweeted that a frontrunner from Armor Team voluntarily returned the acquired assets.
Amount of loss: $ 818,747 Attack method: Contract Vulnerability
Description of the event: Blockchain network Everscale said that a large number of EVER tokens have been stolen and they are working closely with exchanges where EVER is listed in order to stop any further outflow of tokens. To halt the actions of those responsible, they have temporarily disconnected Octus Bridge.
Amount of loss: - Attack method: Unknown
Description of the event: On October 17, Fantom Foundation Telegram Community Administrator Jane stated that some of Fantom Foundation's hot wallet assets were drained due to a zero-day vulnerability on Google Chrome. According to SlowMist's analysis of on-chain transmission methods and previous emergency response experience, this should be a case of private key theft, which may be the result of the Foundation or its employees being attacked by phishing, social engineering, and running malicious Trojan files, leading to the theft of some wallet private keys.
Amount of loss: $ 657,000 Attack method: Private Key Leakage
Description of the event: Project Ivy on BSC Suspected of Exit Scam. Contract Address: 0xf99f2Aec50adFde23cc67aB6240168B0a59f1D30 which dropped >94%. EOA 0x5c30 removed $1.58m liquidity which caused the drop.
Amount of loss: $ 1,580,000 Attack method: Rug Pull