2029 hack event(s)
Description of the event: There was a flash loan exploit on Kub/Kub-split. The attacker gained ~$78.4k via pool manipulation. Contract: 0xc98E183D2e975F0567115CB13AF893F0E3c0d0bD.
Amount of loss: $ 78,400 Attack method: Flash Loan Attack
Description of the event: On September 23, the Mixin Network cloud service provider database was attacked, the amount of funds involved was ~$200M.
Amount of loss: $ 200,000,000 Attack method: Unknown
Description of the event: There was a large liquidity removal on DUO. The Deployer removed $352.6K WBNB of LP in 3 transactions over a 4 day period. BSC: 0x1ED990bdcAEf4B13b01F4996dDe59EcD04F1343A .
Amount of loss: $ 352,698 Attack method: Rug Pull
Description of the event: The token Cat Nation is suspected to be a rug pull. Transaction pool address (ETH): 0xC9C1776802216e074eF7A19555cE70bB473B25c0.
Amount of loss: $ 29,700 Attack method: Rug Pull
Description of the event: BEDU announced that a team member in their Discord server has been compromised.
Amount of loss: - Attack method: Account Compromise
Description of the event: Synthtopia Discord server was compromised.
Amount of loss: - Attack method: Account Compromise
Description of the event: There was a large liquidity removal on Unleashed Beast (BEAST). Deployer removed ~$55.3k from the LP. BSC:0x626b596dd10467ea969179235123f884e133074a.
Amount of loss: $ 55,300 Attack method: Rug Pull
Description of the event: On September 21st, the Linear stable coin $LUSD appears to be under an exploit attack. While the team investigates, do not buy LUSD, do not trade $LUSD. Liquidations are paused and users accounts are not at risk.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: On September 21st, a large liquidity of YZER was removed. Deployer profited ~$28.6k from this liquidity removal.
Amount of loss: $ 28,600 Attack method: Rug Pull
Description of the event: A phishing link has been posted in the announcements channel of timesoul Discord server.
Amount of loss: - Attack method: Account Compromise
Description of the event: There was a large liquidity removal on BNBpay. Deployer profited ~$114k from this liquidity removal. BSC: 0xaDD62696db2c2fb7DE8e0f07F422e03BF69646A2.
Amount of loss: $ 114,000 Attack method: Rug Pull
Description of the event: There is a 70% slippage on PEPEP. ETH: 0xD33830FcC5E434dBb4efF9D5348d74Ee2cbd505F. Drop caused by EOA 0x4af2 who dumped tokens for ~$45k.
Amount of loss: $ 45,000 Attack method: Rug Pull
Description of the event: On September 20th, the DeFi liquidity protocol Balancer fell victim to a DNS hijacking attack. Funds have been directed to an address starting with 0x6457, resulting in a total loss of approximately $350,000. The attacker’s fee came from the phishing group AngelDrainer. The attacker may be related to Russia.
Amount of loss: $ 350,000 Attack method: DNS Hijacking Attack
Description of the event: On September 20th, SlowMist tweeted that Coinbase Wallet recently integrated the Web3 messaging network protocol (http://xmtp.org). As long as the user's wallet address opens the messaging network, it may receive any information sent by the messaging protocol. Many attackers used this feature to send messages with phishing links to wallet users. Relevant wallet users need to be vigilant and not click on unknown links.
Amount of loss: - Attack method: Phishing Attack
Description of the event: There is a slippage on Baka Casino (BAKAC) caused by EOA 0x9e5C8 who dumped tokens for ~$57k. The price has dropped 80%. BSC:0x0e9c0f8fcc8e60f8daeb569448a41514eb321471
Amount of loss: $ 57,000 Attack method: Rug Pull
Description of the event: On September 17th, ThalaLabs' Twitter account was compromised, and a phishing website was posted, which is linked to a known wallet drainer.
Amount of loss: - Attack method: Account Compromise
Description of the event: On September 17th, the NFT solution -- One Mint's Discord account was compromised. The attacker posted malicious links and shut down channels like support.
Amount of loss: - Attack method: Account Compromise
Description of the event: Mark Cuban, a billionaire entrepreneur and owner of the Dallas Mavericks, fell victim to a hack on September 16th. Altogether, he was set back by around $870,000 across 10 cryptocurrencies. He said he moved his remaining funds to Coinbase custody.
Amount of loss: $ 870,000 Attack method: Wallet Stolen
Description of the event: A fake BitGo token on BSC rugged for ~$194.3k WBNB from the honeypot and has moved 909.2 BNB through TornadoCash. BSC: 0xddd00e04cd2e26221cc3c2c7f4781a87e4c79818. Deployer Address: 0xaf85ef92dc34593e2a1d6c65c2a857ad36f1a4d6。
Amount of loss: $ 194,300 Attack method: Rug Pull
Description of the event: The FriendChipsTech token on ETH was suspected to be a rug pull, resulting in a loss of ~$77.5K. The exploiter created a malicious contract (0x1dB0B6012D64452ED6aa98e87F7c308DB0281E40) to mint tokens and dump them for ~$77.5K which has already been deposited to Tornado Cash.
Amount of loss: $ 77,500 Attack method: Rug Pull