1987 hack event(s)
Description of the event: Around $126 million worth of tokens have been withdrawn from the Multichain bridge on the Fantom network. 7,200 WETH (approximately $13.7 million) and $4 million in stablecoin DAI (the above four tokens are worth more than $100 million), which also includes other tokens such as Chainlink, YFI, Wootrade Network, and UniDex’s total supply nearly a quarter. Assets also appear to be moving on Multichain’s Moonriver bridge, including 4.8 million USDC and 1 million USDT. Dogechain also experienced abnormal fund flows, and at least 660,000 USDC were sent to the same wallet as Moonriver's fund flows. Multichain tweeted that the “team is unsure of what happened and is currently investigating” and advised users to stop using the service and withdraw contract approval.
Amount of loss: $ 126,000,000 Attack method: Unknown
Description of the event: The Aptos Foundation Twitter account (@Aptos_Network) has been hacked, with hackers directing people to a fraudulent website claiming to participate in a bogus airdrop. Aptos Labs also posted a warning on Twitter, reminding users not to interact with links to fake websites.
Amount of loss: - Attack method: Account Compromise
Description of the event: An attacker has successfully compromised the Twitter accounts of popular NFT project Gutter Cat Gang and its co-founders, and used them to post phishing website airdrops claiming to be new NFTs. Instead of receiving the promised tokens, those who authorized contracted their wallets to be emptied. One victim lost 36 NFTs, including a Bored Ape NFT they bought for about $130,000. In total, the attackers managed to steal between $750,000 and $900,000 worth of NFTs, depending on how the resale value was estimated. The next day, the Gutter Cat Gang announced that they had regained control of the Twitter account and deleted the malicious tweet. They said they were cooperating with law enforcement investigating the theft but, to the dismay of some victims, did not describe any plans to compensate those whose assets were lost.
Amount of loss: $ 800,000 Attack method: Account Compromise
Description of the event: The cross-chain interoperability protocol LayerZero officially tweeted that its CEO Bryan Pellegrino's Twitter account (@PrimordialAA) was stolen, reminding users not to click on any suspicious links or participate in suspicious activities.
Amount of loss: - Attack method: Account Compromise
Description of the event: Mike Wazowski Monsters Inc $MIKE and Sid Ice Age $SID on the Ethereum chain have been rugged via a backdoor function that allows unlimited minting of tokens. The scammer has profited 87.9 $ETH, equivalent to about $171,000.
Amount of loss: $ 171,000 Attack method: Contract Vulnerability
Description of the event: After spending nearly $40 million on a new set of Azuki NFTs, the Azuki community was outraged that they were "diluting" a near-replica of the original Azuki collection. To counter what Azuki’s creators called a “blatant scam,” holders who claim to have collectively spent millions of dollars on the Azuki project formed AzukiDAO. The DAO created a governance token, $BEAN, which is distributed to Azuki NFT owners. The DAO then began voting to hire lawyers to sue the creators of Azuki and demand a return of the 20,000 ETH (approximately $38 million) that the Elementals NFTs had spent in total. However, governance tokens were exploited shortly after the DAO was created. Attackers were able to exploit a flaw in the smart contract, and two exploiters stole approximately 35 ETH (approximately $69,000), mainly because the variable signatureClaimed in the contract was not checked properly, resulting in a replay attack. The DAO suspended the contract to prevent further theft.
Amount of loss: $ 69,000 Attack method: Replay Attack
Description of the event: NFT Trader, a P2P digital asset trading protocol, said on Twitter that the website has been attacked, and users are asked to monitor their accounts and beware of phishing attacks. The NFT Trader website will be closed until further notice. Currently, the team is still investigating and the platform has been taken offline to avoid any further issues. NFT Trader stated that this is not a problem with the protocol. It is suspected that someone outside the team inserted a malicious code at the front end. The team will continue to investigate.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: Encryption project Encryption AI (0XENCRYPT) crashed 99% as the developers behind it performed a retreat. Losing a total of $2 million, the developer released a message citing his online gambling addiction.
Amount of loss: $ 2,000,000 Attack method: Rug Pull
Description of the event: The Poly Network, a cross-chain interoperability protocol, was attacked again. This attack affected 58 assets on 11 blockchains. According to SlowMist analysis, Poly Network hackers have profited over $10 million worth of mainstream assets. The attackers implanted a Trojan virus into the program compilation environment, allowing them to acquire the consensus keys of Poly Network’s Relay Chain. Subsequently, they utilized these keys to forge cross-chain transactions. The hackers implanted a Trojan horse code block during the program compilation process, obtaining and uploading consensus keys during program startup. They then employed these keys to sign the block header of the forged Poly Network’s Relay Chain, ultimately submitting the forged cross-chain transactions and block header to the target chain to execute the cross-chain exploit.
Amount of loss: $ 10,000,000 Attack method: Trojan horse virus
Description of the event: The Aave fork project on the Pulse chain suffered a governance attack. The hacker first purchased a large number of Aave tokens to obtain the governance authority of the Aave fork project, and then created multiple contracts. The hacker seemed to want to use the governance authority to modify the implementation of the proxy contract Address, using the user's authorization to the contract that has not been canceled, to transfer the user's funds away. Such as WBTC, YFI, BAL, AAVE, UNI and other tokens. Finally, the hacker converted the stolen funds into ETH through the cross-chain bridge protocol, and sent it to the 0xA30190b96FaEe0080144aA0B7645081Fcbf49E6F address of Ethereum. The attacker made a profit of 483 ETH (approximately $930,000).
Amount of loss: $ 930,000 Attack method: Governance Attack
Description of the event: BiSwap, a BSC cross-chain trading platform, said: "The team detected and resolved the Migrator contract vulnerability. The assets on the Biswap V2 and V3 AMM protocols are safe. The team prevents access to the migration process through the website, because the Migrator contract has been exploited, do not try to access directly This contract, if you have not already done so, please withdraw your approval of these contracts. The results of this vulnerability are being reviewed in more detail and a report will be issued later. User funds are safe and the above vulnerability has nothing to do with AMM V2 and V3 funds.” This time The attack has caused approximately $710,000 in damage.
Amount of loss: $ 710,000 Attack method: Contract Vulnerability
Description of the event: The Smurfs Coin project is an exit scam, and the contract deployer sold the tokens on June 13 and removed a total of 227 ETH (approximately $423,000) of liquidity. The contract address is ETH: 0x5F250ed62CF3E5cF25F4F370d35D04782b0678a3, not to be confused with a project with a similar name.
Amount of loss: $ 423,000 Attack method: Rug Pull
Description of the event: Themis, a cryptographic lending protocol, has been subject to a prophecy machine manipulation attack, and the attackers have stolen approximately $370,000. The hack is due to a flawed oracle, exploited to inflate the B-wstETH-WETH-Stable-gauge price. Specifically, the deposit of 54.6 B-wstETH-WETH-Stable-gauge (obtained by joining the balancer pool w/ 55 WETH) is able to borrow 317 WETH, basically draining the lending funds.
Amount of loss: $ 370,000 Attack method: Oracle Attack
Description of the event: The Twitter account of Manta Network, a Poca eco-privacy project, which was previously stolen and posted false airdrops, has been restored.
Amount of loss: - Attack method: Account Compromise
Description of the event: A suspected Rug Pull occurred on the Chibi Finance project on Arbitrum, and $1 million worth of cryptocurrency was drained. The stolen funds have been converted into approximately 555 ETH and transferred to Tornado Cash after bridging from Arbitrum to Ethereum.
Amount of loss: $ 1,000,000 Attack method: Rug Pull
Description of the event: ZK Rollup Order Book DEX Protocol ZigZag tweeted, "Our Discord has been hacked, please note that there is no airdrop activity at ZigZag at this time, please do not click on phishing links. We are working to resolve this issue and will provide an update when control is regained."
Amount of loss: - Attack method: Account Compromise
Description of the event: On June 27th, Entangle Protocol's Discord was hacked.
Amount of loss: - Attack method: Account Compromise
Description of the event: ‘Blockchain for dog nose wrinkles’ Ponzi makes off with $127m. A South Korean company lured investors with its new technology: a blockchain app that can identify dogs by their nose wrinkles.The investigation found that what the company promoted to be its dog nose wrinkle reader was fake.The South Korean police say investors have lost more than $100 million in what it describes as a “typical Ponzi.”
Amount of loss: $ 127,000,000 Attack method: Scam
Description of the event: Shido has been exploited for ~976 $BNB (~$238.5K). The exploiter transferred 1 $BNB to Tornado Cash and bridged the stolen funds to Ethereum, subsequently transferring 125 $ETH to Tornado Cash.
Amount of loss: $ 238,500 Attack method: Contract Vulnerability
Description of the event: The U.S. Commodity Futures Trading Commission (CFTC) recently filed a lawsuit in the U.S. District Court for the Northern District of California against William Koo Ichioka, an alleged digital asset and foreign exchange Ponzi scheme, alleging that he mishandled more than $21 million in investor assets and used new customer funds to create the illusion of profits in his Ponzi scheme.William Koo Ichioka raised money from William Koo Ichioka raised funds from more than 100 individuals and entities, promising to trade forex through the operation of a commodity interest pool called Ichioka Ventures. He advertised the service on his website claiming that the promised returns matched the performance of his investments, as he himself was a white knuckle investor who had made millions of dollars. According to his trading strategy, Ichioka promised a 10% return every 30 business days to those who participated in his program. However, his trades suffered huge losses. To hide the losses, he provided false documents to inflate the amount of money in his commodity interest pool accounts and provided participants with false account statements. Ichioka also used other participants' funds to pay for the alleged gains. Although Ichioka claimed that he was investing for his clients, he actually used client funds for personal expenses. He commingled participants' assets with his own and used them to purchase luxury items such as jewelry, cars, and watches.
Amount of loss: $ 21,000,000 Attack method: Scam