1740 hack event(s)
Description of the event: The lending project Polter Finance on Fantom was attacked, resulting in a loss of approximately $8.7 million.
Amount of loss: $ 8,700,000 Attack method: Price Manipulation
Description of the event: Binance co-founder CZ confirmed on X that the official X account of his educational project, Giggle Academy, has been hacked.
Amount of loss: - Attack method: Account Compromise
Description of the event: The funds of multiple users of the on-chain trading terminal DEXX have been stolen. According to statistics from the SlowMist Security Team, the total losses from this incident have reached $21 million.
Amount of loss: $ 21,000,000 Attack method: Unknown
Description of the event: The X account of the meme project dogwifcoin (WIF) is suspected to have been hacked, posting multiple token contract messages. Users are advised to stay vigilant.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Aptos-based DeFi project Thala suffered a security breach as a result of an isolated vulnerability in the latest update to v1 farming contracts, allowing the exploiter to withdraw liquidity pool tokens totaling $25.5m. Thala has since paused all related contracts and frozen Thala token assets ($9m MOD and $2.5m THL). With the assistance of other organizations, the team identified the exploiter and negotiated a $300k bounty for a full recovery of user assets.
Amount of loss: $ 25,500,000 Attack method: Security Vulnerability
Description of the event: GMGN stated in the community, "The GMGN website has suffered a malicious attack, suspected to involve multiple methods, including common crawler attacks and flood attacks. The development team is currently working on emergency repairs, and the token details page, holdings collection feature, and transaction activity records have been restored."
Amount of loss: - Attack method: Unknown
Description of the event: The vETH token suffered an attack, resulting in approximately $450K in losses.
Amount of loss: $ 450,000 Attack method: Price Manipulation
Description of the event: The DeltaPrime DeFi protocol, was attacked on Avalanche and Arbitrum, with an initial estimated loss of $4.75 million.
Amount of loss: $ 4,750,000 Attack method: Contract Vulnerability
Description of the event: According to on-chain detective ZachXBT, the cryptocurrency gambling platform Metawin was reportedly attacked, resulting in the theft of over $4 million on the Ethereum and Solana blockchains.
Amount of loss: $ 4,000,000 Attack method: Unknown
Description of the event: According to on-chain investigator ZachXBT, American rapper Wiz Khalifa's X account was hacked, posting fake announcements about a WIZ token. The hacker responsible is reportedly the same person who compromised Andy Ayrey's (Truth Terminal founder) X account a few days earlier. Please exercise caution and stay aware of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: SUNRAY FINANCE experienced a private key compromise, allowing the exploiter to gain control of the SUN and ARC tokens and sell them off, draining the funds from DEX pairs. So far, the attacker has stolen approximately $2.855 million.
Amount of loss: $ 2,855,000 Attack method: Private Key Leakage
Description of the event: According to monitoring by Scam Sniffer, Lottie Player suffered a supply chain attack, impacting projects such as 1inch and Movement.
Amount of loss: - Attack method: Supply Chain Attack
Description of the event: According to on-chain detective ZachXBT on his personal channel, cryptocurrency exchange M2 was hacked, resulting in the theft of approximately $13 million from several on-chain hot wallets.
Amount of loss: $ 13,700,000 Attack method: Unknown
Description of the event: The official X account of the hardware wallet Keystone is suspected to have been hacked. Users are advised to remain vigilant and be cautious of potential risks.
Amount of loss: - Attack method: Account Compromise
Description of the event: Andy Ayrey, founder of the AI bot project Truth Terminal, announced the launch of a new token IB on X. It is suspected that his account may have been hacked.
Amount of loss: - Attack method: Account Compromise
Description of the event: Scroll ecosystem stablecoin project Essence Finance is suspected of rugpulled, its stablecoin CHI has fallen by more than 92% to $0.077 in the past 24h, more than $20 million of collateral is suspected to have been removed.
Amount of loss: $ 20,000,000 Attack method: Rug Pull
Description of the event: According to a MistTrack tweet, a suspicious outflow was detected from a wallet controlled by the U.S. government (0xc9E...34c): nearly $20 million was transferred to 0x3486ee700ccaf3e2f9c5ec9730a2e916a4740a9f, including: 5.4M USDC, 1.12M USDT, 13.7M aUSDC and 178 ETH. Most tokens were swapped into ETH. Approximately 19.3M worth of tokens were later returned to the U.S. government address.
Amount of loss: $ 20,000,000 Attack method: Unknown
Description of the event: Base chain detected a price manipulation attack targeting unverified lending contracts, where the attacker gained around $1 million in tokens through excessive borrowing.
Amount of loss: $ 1,000,000 Attack method: Price Manipulation
Description of the event: During a routine GM token burn, Aark Digital encountered a callback error due to a third-party contract modification. To resolve this, Aark Digital initiated a contract upgrade and GM delisting to adjust affected user balances. Users holding GM were required to convert GM to USDC. Aark Digital ran a script to process these conversions, receiving inputs like target user, amount, token address, and decimals from event data. While executing, a single user’s USD Value shifted erroneously from 0.498942 to 498,942 * (10 ^ 12), due to an incorrect balance update (not from a deployed contract error). Exploiting this security vulnerability, the attacker caused Aark Digital a loss of 1,499,841 USDC and 159.09 ETH.
Amount of loss: $ 1,900,000 Attack method: Incorrect Balance Update
Description of the event: The contract of Ramses Exchange on Arbitrum was attacked, resulting in a loss of approximately $93,000.
Amount of loss: $ 93,000 Attack method: Contract Vulnerability