2041 hack event(s)
Description of the event: Mina Protocol on BNB Chain has dropped 100%. 0x0920…a44A has swapped 1,000,000,000,000,000 $MINA for ~474.26 $BNB (worth ~$106.7K).
Amount of loss: $ 106,730 Attack method: Rug Pull
Description of the event: On October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Amount of loss: $ 4,400,000 Attack method: Information Leakage
Description of the event: Safereum has conducted an exit scam for ~$1.3m. Contract Address: 0xb504035a11E672e12a099F32B1672b9C4a78b22f.
Amount of loss: $ 1,300,000 Attack method: Rug Pull
Description of the event: Julia (JULIA) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 73,000 Attack method: Rug Pull
Description of the event: Fake Celestia (TIA) on BNB Chain is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 162,837 Attack method: Rug Pull
Description of the event: Token SOMESING (SSX) on BNB Chain is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.
Amount of loss: $ 169,000 Attack method: Rug Pull
Description of the event: Philippine exchange Coins.ph lost 12 million $XRP ($6 million) in a hack.
Amount of loss: $ 6,000,000 Attack method: Private Key Leakage
Description of the event: MicDao suffered from a flash loan attack. The attacker gained $12,263. Contract address: 0xf6876f6AB2637774804b85aECC17b434a2B57168.
Amount of loss: $ 12,263 Attack method: Flash Loan Attack
Description of the event: A project named The Honest Venture is a confirmed investment scam with losses of approximately ~$58k.
Amount of loss: $ 58,000 Attack method: Rug Pull
Description of the event: On October 19, Synthetify Protocol experienced a security incident. The smart contract and the entire platform are currently frozen.
Amount of loss: $ 230,000 Attack method: Governance Attack
Description of the event: On October 18, 2023, , the HopeLend protocol fell victim to a hacker attack. The attack resulted in a loss of approximately 528 ETH, out of which 263.91 ETH were bribed by the frontrunner to a Validator (managed by Lido). The exploit frontrunner eventually profited by 264.08 ETH. On October 20, Hope.money tweeted that a frontrunner from Armor Team voluntarily returned the acquired assets.
Amount of loss: $ 818,747 Attack method: Contract Vulnerability
Description of the event: Blockchain network Everscale said that a large number of EVER tokens have been stolen and they are working closely with exchanges where EVER is listed in order to stop any further outflow of tokens. To halt the actions of those responsible, they have temporarily disconnected Octus Bridge.
Amount of loss: - Attack method: Unknown
Description of the event: On October 17, Fantom Foundation Telegram Community Administrator Jane stated that some of Fantom Foundation's hot wallet assets were drained due to a zero-day vulnerability on Google Chrome. According to SlowMist's analysis of on-chain transmission methods and previous emergency response experience, this should be a case of private key theft, which may be the result of the Foundation or its employees being attacked by phishing, social engineering, and running malicious Trojan files, leading to the theft of some wallet private keys.
Amount of loss: $ 657,000 Attack method: Private Key Leakage
Description of the event: Project Ivy on BSC Suspected of Exit Scam. Contract Address: 0xf99f2Aec50adFde23cc67aB6240168B0a59f1D30 which dropped >94%. EOA 0x5c30 removed $1.58m liquidity which caused the drop.
Amount of loss: $ 1,580,000 Attack method: Rug Pull
Description of the event: The Beluga Protocol on Arbitrum fell victim to a flashloan attack. The attacker made a profit of approximately $175,000 by manipulating the USDT-USDC.e balance, allowing for the withdrawal of extra tokens.
Amount of loss: $ 175,000 Attack method: Flash Loan Attack
Description of the event: On October 12th, the stablecoin trading project Platypus Finance appeared to have been hit by a suspected hacker attack, with total losses of around $2.2 million. Platypus Finance tweeted, "Due to suspicious activities in our protocol, we have taken the proactive measure of temporarily suspending all pools. Further updates will be communicated to the community in a timely manner." On October 13, Platypus Finance tweeted that it had recovered around 50k sAVAX and 7k AVAX from one of the exploiters successfully. On October 17, Platypus Finance announced that 90% of the stolen funds have been returned and that the net loss has been reduced to approximately 18,000 AVAX.
Amount of loss: $ 2,200,000 Attack method: Unknown
Description of the event: BH Token (BlackHole token) suffered an attack. The exploiter (0xFDb) gained 1.2 M USDT. Funds are being swapped for BNB and deposited into Tornado Cash. Contract Address: 0xCC61CC9F2632314c9d452acA79104DDf680952b5. Exploiter Address: 0xFDbfcEEa1de360364084a6F37C9cdb7AaeA63464.
Amount of loss: $ 1,200,000 Attack method: Price Manipulation
Description of the event: Attacker posted a phishing link in the announcements channel of Wall Street Meme's Discord server.
Amount of loss: - Attack method: Account Compromise
Description of the event: The CST deployer sold tokens, resulting in a roughly 99% drop in the token price. Contract address: 0x0a92285241b0ea93Eff4195Db4530AF1a4bcfE0c. Deployer address: 0xabE6BC5Ca4Ae76251F0cB647F9817E3566EC3D0b.
Amount of loss: - Attack method: Rug Pull
Description of the event: There is a fake collab land verification in the Loozr Discord. The verification will take you to a phishing site that connects to a wallet drainer
Amount of loss: - Attack method: Account Compromise