SlowMist Zone | 中文

The total amount of money lost by blockchain hackers is about

$ 14,666,514,560.47

Total hack events 408

  • 2021-05-08

    Hacked target: Rari Capital

    Description of the event: DeFi robo-advisor agreement Rari Capital stated on Twitter that its ETH fund pool had a vulnerability caused by the integration of the Alpha Finance Lab protocol, which was attacked. The rebalancer has now removed all funds from Alpha. The team stated that it is still investigating and evaluating, and a full report will be released in the future. Data shows that about 14 million U.S. dollars of funds were transferred by the attackers. The Alpha Finance team stated that the funds on Alpha Homora are safe. In this attack, the address of Rari Capital had previously attacked Value DeFi on the Binance Smart Chain.

    Amount of loss: $ 14,000,000 Attack method: DeFi protocol compatibility

  • 2021-05-07

    Hacked target: Value DeFi

    Description of the event: DeFi protocol ValueDeFi is suspected of being hacked again after being hacked on the 5th. IRONFinance, a part of the collateralized stablecoin project on the Binance Smart Chain, stated that ValueDeFi was hacked on May 7th, and some of IRONFinance’s pools and products were attacked. The STEELLP tokens may be exhausted. However, the STEEL and STEEL pledged in Foundry (IronFinance) The DND pledged in Castle (DiamondHand) is not stored in ValueDeFi, so it is not affected. The affected machine gun pools are IRON-STEEL 60%-40% vFarm and STEEL-BUSD70%-30% vFarm. DeFi project Harvest Finance also stated that it seems that many vswapAMM pools have been exhausted.

    Amount of loss: 0 Attack method: Contract vulnerability

  • 2021-05-06

    Hacked target: Value DeFi

    Description of the event: Value DeFi stated that at 11:22 on May 5th, the attacker reinitialized the fund pool and set the operator role to himself, and _stakeToken was set to HACKEDMONEY. The attacker controlled the pool and called governmentRecoverUnsupported (), which was exhausted. The original pledge token (vBWAP/BUSD LP). Then, the attacker removes 10839.16 vBWAP/BUSD LP and liquidity, and obtains 7342.75 vBSWAP and 205659.22 BUSD. Subsequently, the attacker sells all 7342.75 vBSWAP at 1inch to obtain 8790.77 BNB, and buys BNB and BUSD renBTC through renBridge. Converted to BTC. The attacker made a total of 205,659.22 BUSD and 8,790.77 BNB. The 2802.75 vBSWAP currently in the reserve fund and the 205,659.22 BUSD of the ValueDeFi deployer will be used to compensate all users in the pool. The remaining 4540 vBSWAP can be compensated in the following two ways. The first option is to cast 4540 vBSWAP to immediately compensate all affected users, and the other option is to cast 2270 vBSWAP to immediately compensate, and the rest will be returned to the contract within 3 months. Value DeFi emphasized that only the vStake profit sharing pool of vBSWAP in bsc.valuedefi.io has received the impression, and other fund pools and funds are in a safe state.

    Amount of loss: $ 5,817,780 Attack method: Vulnerability

  • 2021-05-02

    Hacked target: Spartan Protocol

    Description of the event: According to the SlowMist Intelligence, the Binance smart chain project Spartan Protocol was hacked and the loss amounted to about 30 million U.S. dollars.

    Amount of loss: $ 30,000,000 Attack method: Use slippage correction mechanism

  • 2021-04-29

    Hacked target: Hotbit

    Description of the event: The official announcement of the cryptocurrency exchange Hotbit stated that Hotbit had suffered a serious network attack starting at 20:00 UTC on April 29, 2021, causing some basic services to be paralyzed and the exchange was no longer able to log in. At the same time, the attacker also tried to hack into Hotbit's wallet, which Hotbit claimed was identified and blocked by the risk control system. The Hotbit team decided to immediately shut down all services for inspection and recovery. The entire recovery period is expected to be no less than 7 days. Hotbit stated that all assets are safe.

    Amount of loss: 0 Attack method: Network attack

  • 2021-05-08

    Hacked target: Rari Capital

    Description of the event: DeFi robo-advisor agreement Rari Capital stated on Twitter that its ETH fund pool had a vulnerability caused by the integration of the Alpha Finance Lab protocol, which was attacked. The rebalancer has now removed all funds from Alpha. The team stated that it is still investigating and evaluating, and a full report will be released in the future. Data shows that about 14 million U.S. dollars of funds were transferred by the attackers. The Alpha Finance team stated that the funds on Alpha Homora are safe. In this attack, the address of Rari Capital had previously attacked Value DeFi on the Binance Smart Chain.

    Amount of loss: $ 14,000,000 Attack method: DeFi protocol compatibility

  • 2021-05-07

    Hacked target: Value DeFi

    Description of the event: DeFi protocol ValueDeFi is suspected of being hacked again after being hacked on the 5th. IRONFinance, a part of the collateralized stablecoin project on the Binance Smart Chain, stated that ValueDeFi was hacked on May 7th, and some of IRONFinance’s pools and products were attacked. The STEELLP tokens may be exhausted. However, the STEEL and STEEL pledged in Foundry (IronFinance) The DND pledged in Castle (DiamondHand) is not stored in ValueDeFi, so it is not affected. The affected machine gun pools are IRON-STEEL 60%-40% vFarm and STEEL-BUSD70%-30% vFarm. DeFi project Harvest Finance also stated that it seems that many vswapAMM pools have been exhausted.

    Amount of loss: 0 Attack method: Contract vulnerability

  • 2021-05-06

    Hacked target: Value DeFi

    Description of the event: Value DeFi stated that at 11:22 on May 5th, the attacker reinitialized the fund pool and set the operator role to himself, and _stakeToken was set to HACKEDMONEY. The attacker controlled the pool and called governmentRecoverUnsupported (), which was exhausted. The original pledge token (vBWAP/BUSD LP). Then, the attacker removes 10839.16 vBWAP/BUSD LP and liquidity, and obtains 7342.75 vBSWAP and 205659.22 BUSD. Subsequently, the attacker sells all 7342.75 vBSWAP at 1inch to obtain 8790.77 BNB, and buys BNB and BUSD renBTC through renBridge. Converted to BTC. The attacker made a total of 205,659.22 BUSD and 8,790.77 BNB. The 2802.75 vBSWAP currently in the reserve fund and the 205,659.22 BUSD of the ValueDeFi deployer will be used to compensate all users in the pool. The remaining 4540 vBSWAP can be compensated in the following two ways. The first option is to cast 4540 vBSWAP to immediately compensate all affected users, and the other option is to cast 2270 vBSWAP to immediately compensate, and the rest will be returned to the contract within 3 months. Value DeFi emphasized that only the vStake profit sharing pool of vBSWAP in bsc.valuedefi.io has received the impression, and other fund pools and funds are in a safe state.

    Amount of loss: $ 5,817,780 Attack method: Vulnerability

  • 2021-05-02

    Hacked target: Spartan Protocol

    Description of the event: According to the SlowMist Intelligence, the Binance smart chain project Spartan Protocol was hacked and the loss amounted to about 30 million U.S. dollars.

    Amount of loss: $ 30,000,000 Attack method: Use slippage correction mechanism

Submit Comments