1473 hack event(s)
Description of the event: The treasury of Remilia, the parent company of Milady, has been drained, with assets from multiple official Remilia wallets being transferred and sold.
Amount of loss: - Attack method: Unknown
Description of the event: According to blockchain detective ZachXBT, an account impersonating Ansem (@blknoiz06) profited over $2.6 million by phishing during the recent meme coin craze.
Amount of loss: $ 2,600,000 Attack method: Social Engineering
Description of the event: The AI-driven UGC platform NFP, aimed at the next generation of content creators, disclosed on Twitter that they have experienced a security breach. Hackers infiltrated several wallets, including the wallet of the NFP contract manager, and illegally gained control of some NFP treasury and ecosystem funds, as well as funds belonging to other victims.
Amount of loss: - Attack method: Unknown
Description of the event: The DeFi project Mozaic was exploited, who stole approximately $2 million from the project. According to Mozaic, this individual was a Mozaic developer who had illegally obtained the private keys of a security module by compromising the data of a core team member. They also stated that about 90% of the stolen funds have now been frozen on MEXC.
Amount of loss: $ 2,000,000 Attack method: Private Key Leakage
Description of the event: The DeFi protocol MOBOX was attacked due to a vulnerability in the borrow function, resulting in a loss of approximately $750,000.
Amount of loss: $ 750,000 Attack method: Contract Vulnerability
Description of the event: The AI service provider Cloud AI reported that both their deployer and treasury account have been compromised by hackers. The attackers acquired 58,900 CloudAI tokens and some ETH. All CloudAI tokens have been exchanged for ETH. The total loss is approximately $360,000.
Amount of loss: $ 360,000 Attack method: Unknown
Description of the event: The Twitter account of Web3 chat solution beoble has been compromised, with phishing links being posted. Please refrain from clicking on any links until further notice is provided by the official team.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The Polyhedra Network, a next-generation infrastructure for Web3 interoperability built on Zero-Knowledge Proof (ZKP) technology, has been targeted by hackers due to private key exposure, resulting in losses estimated at around $760,000 worth of THENA.
Amount of loss: $ 760,000 Attack method: Private Key Leakage
Description of the event: The Blast ecosystem's LaunchPad and yield aggregator BLASTOFF announced that its Future Yield Minter Vault has been hacked, resulting in the theft of approximately 150 ETH (approximately $600,000). The official team has disabled staking in the affected pool and is currently conducting a thorough investigation.
Amount of loss: $ 600,000 Attack method: Unknown
Description of the event: The Unizen defi platform lost around $2.1 million in the Tether stablecoin in an attack that took advantage of a vulnerability an external call from the project smart contract.
Amount of loss: $ 2,100,000 Attack method: Contract Vulnerability
Description of the event: HumanizedAi (HMZ) is suspected to have exited scam, with the project team profiting 173 ETH (approximately $665,000). The project's Twitter account and website have been shut down.
Amount of loss: $ 665,000 Attack method: Rug Pull
Description of the event: FLOKIAI (FLOKIAI) on the BNB Chain appears to have exit scammed. The address starting with 0xFe54 has exchanged 268,561,795,727,990.23 FLOKIAI tokens for approximately 316.4 BNB, valued at around $148,000.
Amount of loss: $ 148,000 Attack method: Rug Pull
Description of the event: ClosedAI (ClosedAI) appears to have exit scammed on the BNB Chain. The address starting with 0xFe54 has exchanged 277,635,327,881,198.25 ClosedAI tokens for approximately 307.3 BNB, valued at around $13,100.
Amount of loss: $ 131,000 Attack method: Rug Pull
Description of the event: The Twitter account of the security company @sherlockdefi was hacked, with the attackers using the account to post a tweet containing phishing links.
Amount of loss: - Attack method: Twitter was hacked
Description of the event: The sPMM algorithm that controls the pricing on WOOFi Swaps was exploited on Arbitrum. The exploit consisted of a sequence of flash loans that took advantage of low liquidity to manipulate the price of WOO in order to repay the flash loans at a cheaper price. The exploiter repeated this attack 3 times within a very short period of time, which netted about $8.75m in profits after returning the flash loans.
Amount of loss: $ 8,750,000 Attack method: Flash Loan Attack
Description of the event: The decentralized cross-chain protocol Shido Network on the Ethereum blockchain appears to be a rug pull. The owner of the SHIDO token staking contract first upgraded the staking contract, then withdrew a large amount of SHIDO tokens, and finally dumped a significant amount of SHIDO tokens at a price of 692 ETH (worth $2.1 million).
Amount of loss: $ 2,100,000 Attack method: Rug Pull
Description of the event: Capital Killer, an anti-capitalist hacker group, revealed on twitter that they have attacked the Grayscale official website, claiming it as a gift to the AVAV community in support of fairness and anti-capitalism. Currently, the Grayscale official website is inaccessible, but the page for Grayscale's Bitcoin ETF GBTC remains accessible.
Amount of loss: - Attack method: Unknown
Description of the event: Blockchain data storage protocol Serenity Shield tweeted that the MetaMask wallet associated with the project has been compromised. According to blockchain detective ZachXBT, Serenity Shield was robbed of 6.9 million SERSH tokens, valued at approximately $586,000.
Amount of loss: $ 586,000 Attack method: Unknown
Description of the event: On February 28th, a vulnerability was discovered in the contract of Seneca, an omnichain CDP protocol on the Ethereum network. Hackers exploited constructed calldata parameters to call transferfrom, transferring tokens authorized to the project contract to their address, ultimately exchanging them for ETH. Seneca was exploited by hackers for over 1900 ETH, valued at approximately $6.5 million. On February 29th, the hacker address of SenecaUSD returned 1537 ETH (approximately $5.3 million) to the deployer address of Seneca.
Amount of loss: $ 6,500,000 Attack method: Contract Vulnerability
Description of the event: Aleo, a blockchain project that advertises it's a place for "fully private applications" with "built-in privacy" has just emailed private identification documents — including selfies and photographs of government identification cards — to the wrong users. Aleo acknowledged their screw-up on social media, claiming that only ten individuals were impacted, and that it had happened thanks to a "copy/paste error in email metadata".
Amount of loss: - Attack method: Information Leakage