ETH DApp : 19 hack event(s)

• 2020-07-01

  Hacked target: VETH

  Description of the event: Coingecko researcher Daryllautk tweeted that VETH suffered a hacker attack on the decentralized exchange Uniswap. The hacker stole 919,299 VETH (worth $900,000) using only 0.9ETH. After the attack, VETH officially stated that the contract was used by the UX improvement it placed in transferForm(), which was their fault. They will redeploy vether4 and will compensate all affected Uniswap pledgers.

  Amount of loss: $ 900,000 Attack method: Unknown

• 2020-06-30

  Hacked target: Balancer

  Description of the event: According to DeBank Twitter, hackers once again used dYdX's lightning loan to attack the COMP trading pair in Balancer's part of the liquidity pool, and took away the unreceived COMP rewards from the pool to make a profit of 10.8 ETH, which is about $2408.

  Amount of loss: $ 2408 Attack method: Unknown

• 2020-06-29

  Hacked target: Balancer

  Description of the event: The Balancer liquidity pool was attacked by Lightning Loan and lost $500,000. The two losses suffered by Balacer are STA and STONK. At present, the liquidity of these two token pools has been exhausted. Both STA and STONK tokens are deflation tokens, which means that this attack only affects the liquidity pool of deflation tokens.

  Amount of loss: $ 500,000 Attack method: Unknown

• 2020-06-25

  Hacked target: Web3 DeFi

  Description of the event: The malicious Web3 applications "phishing dapps" were discovered in a recent study, they pretend to be legitimate applications or services to steal cryptocurrencies. For example, since MakerDAO officially closed the single-mortgage Sai system, such phishing tools have begun to appear, and they pretended to need a new tool to help users migrate from SAI to DAI. For example, a domain name provides a simple interface to start the migration from SAI to the new DAI at a 1:1 ratio, it seems like an official channel. However, the actual transaction to be signed simply sends the SAI to an address owned by the attacker. SAI, which has been traced to more than US$100,000, was transferred to the attacker's account.

  Amount of loss: $ 100,000 Attack method: phishing attack

• 2020-06-24

  Hacked target: Atomic Loans

  Description of the event: Atomic Loans, issued a decision on vulnerability disclosure and suspension of new loan requests. The decision shows that the security researcher samczsun privately disclosed two vulnerabilities in the currently deployed contracts and lender agents.oth vulnerabilities would've allowed a malicious borrower to unlock part/ all of their BTC collateral without repaying their loan in specific circumstances. Up to now, neither of these vulnerabilities were exploited by any users, and there were no funds impacted on the platform. Additionally the platform has disabled the ability for any borrower or lender to participate in new loans until they launch v2.

  Amount of loss: 0 Attack method: Unknown

• 2020-06-23

  Hacked target: DDM

  Description of the event: The official DeFi money market agreement DMM Twitter said that during $DMG public sale today, its telegram was unfortunately brigaded by malicious actors who impersonated the DMM Foundation with sole the intent of stealing funds. After digging through the on-chain transactions to find those affected, the official sent a total of $40k worth of DMG to those affected at an exchange rate of $0.40 per DMG, hoping to make sure everyone who lost funds were made whole.

  Amount of loss: $ 4,0000 Attack method: Unknown

• 2020-06-18

  Hacked target: Bancor

  Description of the event: Due to the unverified safeTransferFrom () function in the new Bancor network contract, user funds are about to be depleted. The Bancor team stated: 1. A security vulnerability was discovered in the new Bancor Network v0.6 contract released two days ago; 2. After the vulnerability was discovered, the team conducted a white hat attack to transfer funds to a secure address; 3. The audit of the smart contract has been completed.But there are still $135,229 preemptively traded by two unknown arbitrage robots.

  Amount of loss: $ 135,229 Attack method: Unknown

• 2020-05-18

  Hacked target: tBTC

  Description of the event: The tBTC team suspected it had found a major contract vulnerability, and it suspended the recharge service and re-audited it urgently. tBTC is an ERC-20 token that does not require trust and is guaranteed by redeemable BTC.

  Amount of loss: - Attack method: Unknown

• 2020-04-25

  Hacked target: Hegic

  Description of the event: Hegic: There are 152.2 ETH (about 28,537 USD) permanently locked in the contract pool of unexercised put / call options. Out of the 19 contracts, 16 are put options (DAI is locked) and 3 are call options (ETH is locked). Hegic said it will process a 100% refund for all involved users.

  Amount of loss: $28,537 Attack method: Unknown

• 2020-04-19

  Hacked target: Lendf.Me

  Description of the event: DeFi lending protocol Lendf.Me was hacked.

  Amount of loss: $24,696,616 Attack method: ERC777 Reentrancy Rick

• 2020-04-18

  Hacked target: Uniswap

  Description of the event: Uniswap was hacked and lost 1278 ETH.

  Amount of loss: $220,000 Attack method: ERC777 Reentrancy Rick

• 2020-02-18

  Hacked target: bZx

  Description of the event: bZx was attacked again with an estimated loss of $645,000 of ETH

  Amount of loss: $645,000 Attack method: The defect of risk control in economic model

• 2020-02-15

  Hacked target: bZx

  Description of the event: DeFi lending protocol bZx exploited, may lose up to $350,000.

  Amount of loss: $350,000 Attack method: The defect of risk control in economic model

• 2018-10-09

  Hacked target: SpankChain

  Description of the event: The attacker created a malicious contract masquerading as an ERC20 token, and the "transfer" function re-invokes the payment channel contract repeatedly, each time exhausting some ETH.

  Amount of loss: 165.38 ETH Attack method: reentrancy-attack-on-smart-contract

• 2018-08-01

  Hacked target: Fomo 3D

  Description of the event: Ethereum Fomo 3D was hacked and hacker used special attack techniques to take the bonus.

  Amount of loss: 10,469.66 ETH Attack method: Transaction Congestion Attack

• 2018-07-31

  Hacked target: Fomo 3D

  Description of the event: Ethereum Fomo 3D was hacked, Fomo 3D website 24-hour access reduced 21.95 percent, 24-hour flow decreased 38.32%

  Amount of loss: - Attack method: DDoS

• 2018-07-10

  Hacked target: Bancor

  Description of the event: The Bancor platform theft was related to the BancorConverter contract, and the attacker (hacker/mole) is very likely to get the private key of the 0x009bb5e9fcf28e5e601b7d0e9e821da6365d0a9c.

  Amount of loss: 24,984 ETH，3,236,967 BNT，229,356,645 NPXS， Attack method: Suspected private key stolen

• 2017-07-20

  Hacked target: Parity

  Description of the event: As reported by the startup, the issue is the result of a bug in a specific multi-signature contract known as wallet.sol., the attacker can take over the wallet immediately and absorb all the funds

  Amount of loss: ~30,000,000 USD Attack method: Unauthorized operation

• 2016-06-17

  Hacked target: The DAO

  Description of the event: The DAO smart contract running on the Ethereum suffered a reentrancy-attack-on-smart-contract.

  Amount of loss: ~60,000,000 USD Attack method: reentrancy-attack-on-smart-contract