85 hack event(s)
Description of the event: Justcows, the hosting platform on the BSC chain, is suspected of running away and siphoned off $5 million in user funds. The project party distributed a large amount of BUSD to at least tens of thousands of addresses in the form of mixed currency, some of which were transferred to hunterswap, and some of them were transferred to the exchange. It is reported that the platform issued an announcement a month ago to stop user withdrawals.
Amount of loss: $ 5,000,000 Attack method: Scam
Description of the event: The LV PLUS (Token LVP) project has been identified as a Rug Pull project. So far, the project has resulted in losses of about $1.5 million. LV PLUS claims to be affiliated with the "LV Metaverse", and the main reason for the loss, which is defined as a Rug Pull, is that the LV PLUS contract deployer sent tokens to certain wallets - these wallet addresses subsequently sold the project's tokens, causing the project's market to crash .
Amount of loss: $ 1,500,000 Attack method: Scam
Description of the event: On June 12, the price of the HEGE token plummeted by more than 97%. The current loss amount is approximately $429,000.
Amount of loss: $ 429,000 Attack method: Scam
Description of the event: On June 11, the SHELL token price fell by more than 56%. The project owner minted 150 million tokens at one address, then transferred them and sold some of them in 12 transactions for about $180,000.
Amount of loss: $ 180,000 Attack method: Scam
Description of the event: GYM NETWORK Hacked, Lost $2.1M, Stolen Funds Moved to Tornado Cash. According to the official Twitter account, the attack was caused by an attack on the Claim & Pool function, which resulted in a significant price drop.
Amount of loss: $ 2,100,000 Attack method: Function vulnerability
Description of the event: The Baby Elon project on BNBChain had a rug pull on June 8, and they took 623 BNB (~$179,000) and quickly moved the funds to Tornado Cash.
Amount of loss: 623 BNB Attack method: Scam
Description of the event: DeFi project Novo is suspected of being attacked, and hackers have transferred 280 BNB (about $89,600) to Tornado.cash.
Amount of loss: 200 BNB Attack method: Contract vulnerabilities
Description of the event: DecentraWorld’s DEWO token price plummeted, the founding team of DecentraWorld drained the project’s funds and stole 3,127 BNB (about $1 million), and the project’s official website and Twitter account were deleted.
Amount of loss: 3,127 BNB Attack method: Scam
Description of the event: The first algorithmic stablecoin project on Binance Smart Chain, bDollar, suffered a price manipulation attack, and the attacker made a profit of 2,381 WBNB (worth about $730,000). This attack mainly exploits the design loophole of the claimAndReinvestFromPancakePool function in the DAO fund proxy contract CommunityFund when adding liquidity. It does not fully consider that after the price is maliciously raised, the project party will passively use the funds in its own contract when adding liquidity. The situation of high-level connection.
Amount of loss: 2381 WBNB Attack method: price manipulation
Description of the event: The Feminist Metaverse project on BNB Chain was attacked. The attackers have transferred 1838 BNB to Tornado.cash, about $540,000.
Amount of loss: 1,838 BNB Attack method: Flash loan attack
Description of the event: The multi-chain DeFi protocol FEG was suspected of being attacked, and a total of 143 Ethereum and 32,747 BNB were lost, about $1.3 million.
Amount of loss: $ 1,300,000 Attack method: Flash loan attack
Description of the event: Venus Protocol issued a statement saying that Chainlink’s suspension of LUNA price updates after extreme volatility in LUNA prices caused the price of LUNA on the Venus lending market to remain at $0.107, while the market price of LUNA had dropped to $0.01 at that time. After the price update was suspended, two addresses lent about $13.5 million in assets by staking 230 million LUNA (worth about $2.3 million at the time), resulting in a loss of about $11.2 million to the protocol. At present, the LUNA lending market has been suspended, and this loss will be made up by the risk fund.
Amount of loss: $ 11,200,000 Attack method: Price update question
Description of the event: Fortress Protocol, a lending protocol on BNB Chain, was suspected of being attacked. Token FTS fell by 42% in a short time. Currently, 1,048 Ethereum and 400,000 DAI have been transferred to Tornado.cash.
Amount of loss: $ 3,050,000 Attack method: Flash loan attack
Description of the event: Cashera is a project that claims to offer a "banking revolution" through its CSR crypto token. The project does a number of things to try to appear legitimate, including linking to government records showing a company named after it is registered in the UK and conducting a smart contract audit courtesy of AuditRateTech. Their website boasts "partners" including VISA, PayPal, Netflix and Spotify. Still, project deployers suddenly minted 23 million CSR tokens, which they exchanged for nearly $90,000 in other assets, plummeting the token value by about 70% in the process. The development team also took the project website offline.
Amount of loss: $ 90,000 Attack method: Scam
Description of the event: The DeFi project Hunter has been rug pull, and currently Telegram, Discord, and the website cannot be opened.
Amount of loss: $ 1,200,000 Attack method: Scam
Description of the event: The Wiener DOGE project was exploited maliciously, causing $30,000 in damages. Attackers exploited the inconsistency between WDODGE's charging mechanism and swap pools to launch the attack. The root cause of the incident is that the sender's LP pair is not excluded from the transfer fee through the tightened token contract. As a result, the attacker is able to drain the deflationary tokens in the LP pair, which in turn causes the pair price to become unbalanced.
Amount of loss: $ 30,000 Attack method: Flash loan attack
Description of the event: The Last Kilometer project was exploited in a flash loan attack, resulting in a loss of $26,495.
Amount of loss: $ 26,495 Attack method: Flash loan attack
Description of the event: The Medamon project was exploited in a flash loan attack, resulting in a loss of $3,159.
Amount of loss: $ 3,159 Attack method: Flash loan attack
Description of the event: The PI-DAO project was exploited in a flash loan attack, resulting in a loss of $6,445.
Amount of loss: $ 6,445 Attack method: Flash loan attack
Description of the event: The DeFi ecological protocol ZEED was attacked and lost about $1 million. At present, the attacker's gains are all in the attack contract.
Amount of loss: $ 1,000,000 Attack method: Reward distribution vulnerability