1785 hack event(s)
Description of the event: Standing on Bizness (BIZNESS) appears to have been subjected to a reentrancy attack on Base, resulting in an estimated loss of $15,700.
Amount of loss: $ 15,700 Attack method: 重入攻击
Description of the event: Animoca Brands tweeted that @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please do not engage with the account and stay vigilant.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Moonhacker contract suffered a flash loan attack, resulting in a loss of approximately $320,000.
Amount of loss: $ 320,000 Attack method: Flash Loan Attack
Description of the event: According to Scam Sniffer's monitoring, the privacy-preserving data verification protocol zkPass's X account was compromised and used to post phishing tweets.
Amount of loss: - Attack method: Account Compromise
Description of the event: Regarding rumors about the collaboration between DOGE and USUAL, Azoria CEO James Fishback clarified that he had contacted DOGE's head of department, Vivek Ramaswamy, whose account was compromised.
Amount of loss: - Attack method: Account Compromise
Description of the event: Slurpycoin on BSC suffered a flash loan attack. The attacker exploited the buyback mechanism to manipulate the token price and profited ~$3K from sandwich arbitrage.
Amount of loss: $ 3,000 Attack method: Flash Loan Attack
Description of the event: A series of exploiting transactions on Ethereum targeting the liquidity pool of the HarryPotterObamaSonic10Inu 2.0 token. The attacker profited approximately $243K and deposited the funds into Tornado.
Amount of loss: $ 243,000 Attack method: Price Manipulation
Description of the event: The official X account of AI startup Anthropic, backed by Amazon, appears to have been compromised, posting an unknown token contract address related to AI Agents.
Amount of loss: - Attack method: Account Compromise
Description of the event: BTC24H (BTC24H) is suspected to have been attacked on Polygon, with an estimated loss of $85,700.
Amount of loss: $ 85,700 Attack method: Contract Vulnerability
Description of the event: Decentralized Finance (DCF) was attacked on the BSC chain, resulting in a loss of approximately $8,800.
Amount of loss: $ 8,800 Attack method: Flash Loan Attack
Description of the event: Canadian rapper Drake's X account (with over 39 million followers) was allegedly compromised on Saturday evening, promoting a Solana meme coin based on his cartoon "alter ego" character. The coin's trading volume reached $5 million at one point, but it was later confirmed to be a scam, and the related posts have been deleted.
Amount of loss: - Attack method: Account Compromise
Description of the event: A suspicious attack involving JHY (JHY) occurred on the BSC chain, resulting in a loss of approximately $11,200.
Amount of loss: $ 11,200 Attack method: Contract Vulnerability
Description of the event: A suspicious reentrancy attack involving bnbs (bnbs) occurred on the BSC chain, resulting in a loss of approximately $20,300.
Amount of loss: $ 20,300 Attack method: Reentrancy Attack
Description of the event: Clober DEX liquidity vault on Base Network was exploited resulting in a loss of 133.7 ETH (~$501k). The root cause of the attack was a reentrancy vulnerability in the _burn() function of the Rebalancer contract.
Amount of loss: $ 501,000 Attack method: Contract Vulnerability
Description of the event: The algorithmic stablecoin protocol Haven Protocol has issued a warning about a hack exploiting a vulnerability in "range proof validation." This flaw allows attackers to mint illicit XHV undetected. According to reports from exchanges, the amount of XHV exceeds 500 million tokens, while audit data indicates a current supply of only 263 million tokens. The surplus is likely generated through this exploit. The team found a weakness in the "range proof validation", which was introduced after the Haven 3.2 rebase to Monero and has advised exchanges to halt trading on all pairs.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: A suspicious attack involving LABUBU (LABUBU) occurred on the BSC chain, resulting in a loss of approximately $11,900.
Amount of loss: $ 11,900 Attack method: Contract Vulnerability
Description of the event: The Cardano Community posted on X, stating that the Cardano Foundation's X account has been compromised. They are currently addressing the issue and advised users to temporarily ignore all posts from the account.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Omnichain meta-yield aggregator MAAT tweeted that a security breach in the MAAT alpha version, resulting in unauthorized withdrawals of $240,000 USDT.
Amount of loss: $ 240,000 Attack method: Security Vulnerability
Description of the event: Arata tweeted that the Arata ecosystem and CEX wallet have been exploited. The hacker managed to sell a significant portion of the tokens.
Amount of loss: - Attack method: Unknown
Description of the event: Vestra DAO tweeted that a hacker exploited a vulnerability in the locked staking contract, manipulating the reward mechanism to claim rewards exceeding their entitlement. As a result, a total of 73,720,000 VSTR tokens were stolen. The stolen tokens were gradually sold on Uniswap, causing approximately $500,000 in ETH liquidity losses.
Amount of loss: $ 500,000 Attack method: Contract Vulnerability