1679 hack event(s)
Description of the event: The Render Network posted on X, stating that the X account of its founder and CEO, Jules Urbach, was hacked and used to post fake airdrop information. Please do not click any links from the account, and carefully verify all information through official sources.
Amount of loss: - Attack method: Account Compromise
Description of the event: The Ethereum modular execution layer Fuel posted on X, stating that their official Discord had been attacked. Users are advised not to click on any suspicious links or provide any personal information.
Amount of loss: - Attack method: Account Compromise
Description of the event: NEAR's official account posted on X, stating that the official X account of NEAR Protocol had been hijacked. The hacker posted a series of messages attacking the Crypto ecosystem.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: NBA star Jaylen Brown's X account was hacked, and a large amount of fake token information was posted. Users are advised to be cautious and avoid interacting with fraudulent contracts.
Amount of loss: - Attack method: Account Compromise
Description of the event: The decentralized liquidity yield project Penpie was attacked, resulting in nearly $30 million in losses. According to the analysis by the SlowMist security team, the core issue of this incident lies in Penpie’s erroneous assumption that all markets created by Pendle Finance are legitimate when registering new Pendle markets. However, Pendle Finance’s market creation process is open, allowing anyone to create a market with customizable key parameters such as the SY contract address. Exploiting this, the attacker created a market contract with a malicious SY contract. They leveraged Penpie’s mechanism, which required calls to external SY contracts to claim rewards, and used flash loans to inject a large amount of liquidity into the market and pool, artificially inflating the rewards and profiting from it.
Amount of loss: $ 30,000,000 Attack method: Contract Vulnerability
Description of the event: The official ChainLink Discord has been hacked. Please do not click on any links until the situation is resolved.
Amount of loss: - Attack method: Contract Vulnerability
Description of the event: The decentralized algorithmic stablecoin protocol Pythia was attacked due to a vulnerability in its staking contract, resulting in a loss of 21 ETH (approximately $53,000).
Amount of loss: $ 53,000 Attack method: Contract Vulnerability
Description of the event: Sei's official Discord has been suspected of being hacked. The hacker has posted a fake phishing link. Please do not interact with it.
Amount of loss: - Attack method: Account Compromise
Description of the event: The stablecoin protocol Usual posted on X to alert users that its official Discord server has been hacked. Please do not click on any links.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official Witness Chain Discord has been hacked. Please do not click on any links until the situation is resolved.
Amount of loss: - Attack method: Account Compromise
Description of the event: Australian blockchain energy technology company Powerledger posted on X that its Telegram channel has been hacked. They advise users not to engage with or share any information as they are currently working to resolve the issue.
Amount of loss: - Attack method: Account Compromise
Description of the event: French football star Kylian Mbappe's X account was hacked, and a token called MBAPPE was posted. The tweet has since been deleted. The MBAPPE token's market value skyrocketed to tens of millions of dollars within minutes, only to quickly plummet to zero.
Amount of loss: - Attack method: Account Compromise
Description of the event: Ahmad Shadid, former CEO of the decentralized GPU network io.net, posted on X that the official io.net Discord has been hacked. He has informed the IO team and advised not to click on any shared links.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to an official tweet from Web3 liquidity provider Orderly Network, their Discord server has been compromised. The official team advises users not to click on any links until the situation is fully resolved to avoid potential losses.
Amount of loss: - Attack method: Account Compromise
Description of the event: According to monitoring by the SlowMist security team, the official 1inch Discord appears to have been hacked, and phishing links have been posted. Please be cautious with your funds.
Amount of loss: - Attack method: Account Compromise
Description of the event: The DeFi lending platform Aave was attacked due to a contract vulnerability. The attack occurred in a smart contract outside of Aave's core protocol, which is used to allow users to repay loans using existing collateral. The attacker exploited an arbitrary call error, successfully stealing around $56,000 from these various contracts. Aave representatives emphasized that the attack posed no risk to user funds and did not affect the security of the core Aave protocol.
Amount of loss: $ 56,000 Attack method: Contract Vulnerability
Description of the event: According to an official tweet from Avalanche, their Discord server has been compromised. The official team advises users not to click on any links until the situation is fully resolved.
Amount of loss: - Attack method: Account Compromise
Description of the event: ZkSync's official Discord has been compromised, and hackers have posted a malicious link promoting a fake "second round airdrop" plan, falsely promising users free ZK tokens.
Amount of loss: - Attack method: Account Compromise
Description of the event: The official X account of the crypto venture capital firm Aquarius was hacked. The attacker has already changed the username, associated email, and phone number. Additionally, the previous username has been taken over by another spam account controlled by the attacker.
Amount of loss: - Attack method: Account Compromise
Description of the event: Mudit Gupta, the Chief Information Security Officer of Polygon, stated on the X platform that the Polygon Community Discord has been compromised. He advised users not to click on any links within the server as the team is working to regain control.
Amount of loss: - Attack method: Account Compromise