1936 hack event(s)
Description of the event: The hacker at the beginning of the TFNsSk address initiated a transaction rollback attack on the Tron Lounge DApp contract beginning with TRON TR3n2D through a self-created contract, and has made a profit of 54,653 TRX so far.
Amount of loss: 54,653 TRX Attack method: Roll back attack
Description of the event: The chief maintainer of Vertcoin James Lovejoy revealed in an attack report on December 2 that a malicious entity targeted the cryptocurrency exchange Bittrex to manipulate the Vertcoin blockchain. The hacker paid at least $440 to attack VTC, but fortunately Vertcoin was not affected.
Amount of loss: - Attack method: 51% attack
Description of the event: South Korean exchange Upbit 342,000 ETH worth about $50 million was stolen. The exchange’s alleged theft occurred while assets were being transferred between hot and cold storage wallets, leading some to speculate that the incident may have been an internal job rather than an external breach. On January 14, 2025, the United States, Japan, and South Korea mentioned in a joint statement that the Upbit theft was attributed to DPRK.
Amount of loss: 342,000 ETH Attack method: Wallet Stolen
Description of the event: The hackers launched a trade rollback attack on TRON's Dice contracts through self-created contracts, and have gained 18,808 TRX to date.
Amount of loss: 18,808 TRX Attack method: Roll back attack
Description of the event: Gatehub Crypto Wallet Data Breach Compromises Passwords of 1.4M Users.
Amount of loss: - Attack method: Information Leakage
Description of the event: Vietnamese cryptocurrency exchange VinDAX has been hacked, losing at least $500,000 in cryptocurrency.
Amount of loss: $ 500,000 Attack method: Wallet Stolen
Description of the event: BetHash's betting game mechanism allows players to guess the ratio of the number between 0-100 and the random number given by the system to win the bonus of the corresponding odds. The smaller the bet number, the greater the odds. Every time a player makes a bet, the dicereceipt() function of the BetHash smart contract will be called to notify the player's account. At this point, the hacker can control the malicious program to hijack the notification and embed the inline operation to implement the attack. Although the attacker also needs to pay a certain amount of bet for every attack, as long as it keeps 0.1 EOS and is conservative
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: BitMEX Compromises User Data in Email Gaffe.
Amount of loss: - Attack method: Information Leakage
Description of the event: Hackers launched a "fake EOS" attack on BitDice, a guessing game, earning more than 4,000 EOS and transferring it to EXMO, ChangeNOW and other exchanges.
Amount of loss: 4,000 EOS Attack method: Fake EOS Vulnerability Attack
Description of the event: ZenGo co-founder Ouriel Ohayon reported on Twitter that the wallet extension SAFU Wallet apparently steals large amounts of money by injecting malicious code into users. A white hat hacker said that by inspecting the SAFU code, he found that they dynamically injected this script https://safuwallet.tk/inside.js in every page being loaded. At the same time, they use obfuscation tools to make it hard to see. Nonetheless, the white hat hackers explained that they targeted MEW, Index and Binance, using background scripts to send information to 4 different endpoints on the same domain. Therefore, the created wallet is automatically shared with them. Currently, the SAFU Wallet Google Chrome website is not available after a community request to remove the extension.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: WOTOKEN, involved in a cryptocurrency pyramid selling case involving more than 7.7 billion yuan, has opened court and completed the trail in public and at Binhai County People's Court in Yancheng City, in which six major defendants were tried separately for organizing and leading pyramid selling activity; covering up and concealing income; harboring.
Amount of loss: $ 1,109,800,000 Attack method: Ponzi
Description of the event: Fusion released According to an official announcement, the Fusion transaction wallet (0x8e6bDa71f3f0F49dDD29969De79aFCFac4457379) was attacked on September 28, resulting in the theft of 10 million native FSN and 3.5 million ERC20 FSN tokens, worth about 5.57 million U.S. dollars. It is reported that the wallet was attacked because the private key was stolen. In response to the theft, Fusion Foundation officials have also transferred all remaining funds to the cold wallet. At the same time, Fusion officials are also tracking abnormal transactions, and uncertain evidence indicates that the theft may be caused by Fusion Foundation personnel.
Amount of loss: 10,000,000 FSN + 3,500,000 ERC20 FSN Attack method: Private Key Leakage
Description of the event: Coinhouse Suffers Phishing Attack, User Names and Emails Accessed.
Amount of loss: - Attack method: Phishing attack
Description of the event: "skreosladder" has been attacked again by hackers, who have earned thousands of EOS. The hacker has attacked the game several times and has been blacklisted by the project side, but the hacker still used the trumpet to circumvent the restrictions.
Amount of loss: - Attack method: Unknown
Description of the event: The cold wallet of the CoinTiger exchange was stolen, and the 400 million PTT of the Proton chain disappeared. According to the exchange announcement, they discovered that the cold wallet storing PTT was hacked during their regular cold wallet verification work recently, resulting in the theft of 401,981,748 PTT from the wallet.
Amount of loss: 401,981,748 PTT Attack method: Wallet Stolen
Description of the event: SKR EOS games have again been attacked by hackers, who have now earned about 4,000 EOS. After analysis, hackers still use the transaction congestion attack, operating multiple trumpet attacks on the game in turn.
Amount of loss: 4,000 EOS Attack method: Transaction congestion attack
Description of the event: There is a vulnerability in Bitstamp, which can be used by attackers to view a large number of sensitive information such as user IDs and bank CARDS, seriously threatening the information security of users.
Amount of loss: - Attack method: Information Leakage
Description of the event: The skreosladder game has been attacked by hackers again, and hackers have now profited thousands of EOS. After preliminary analysis, hackers still use transaction crowding attacks, but the difference is that hackers control a large number of accounts to place bets at the same time, and then multiple accounts are used to push blocks due to the large number of accounts participating in the attack. The connection between accounts is not obvious, and the attack is highly concealed.
Amount of loss: - Attack method: Transaction congestion attack
Description of the event: EOS Royale has been attacked by hackers, who have gained around 18,000 EOS.
Amount of loss: 18,000 EOS Attack method: Unknown
Description of the event: Multiple hackers have launched a series of attacks on the EOS game LuckyClover, earning thousands of EOS.
Amount of loss: - Attack method: Hard_fail attack