102 hack event(s)
Description of the event: Some Crypto.com accounts appear to have been hacked, losing around $15M and at least 4.6K ETH, half of which is currently being laundered via TornadoCash.
Amount of loss: $ 15,000,000 Attack method: Unknown
Description of the event: LCX tweeted that there had been a security incident, that it was investigating the situation and had stopped its withdrawal function. The majority of the assets are being sold as ETH and are being transferred through TornadoCash with a cumulative damage value of over US $6 million.
Amount of loss: $ 6,000,000 Attack method: Stolen hot wallet
Description of the event: According to the official announcement, at 6 o’clock on December 12th, Beijing time, the internal security audit report of AscendEX found that some ERC-20, BSC and Polygon tokens were abnormally transferred out of the exchange’s hot wallet, and the AscendEX cold wallet was not affected by this incident. . It is estimated that Pinnacle AscendEX’s losses totaled US$77.7 million (of which US$60 million was on Ethereum, US$9.2 million was on BSC, and US$8.5 million was on Polygon).
Amount of loss: $ 77,700,000 Attack method: Stolen hot wallet
Description of the event: The payment system of ONUS, the largest cryptocurrency trading platform in Vietnam, running a vulnerable version of Log4j suffered a cyber attack. Cyclos notified ONUS to repair the system on December 13, but it was too late. Although ONUS has fixed the security loopholes in the Cyclos instance, the window of loopholes allowed attackers to successfully steal data from sensitive databases. The stolen database contained nearly 2 million user data, including KYC (Know Your Customer) data, hashed passwords, etc. Subsequently, the attacker asked ONUS to pay a ransom of 5 million, otherwise the stolen data would be made public. On December 25, because ONUS did not pay the full ransom, the attackers sold customer data on the dark web data exchange market.
Amount of loss: $ 5,000,000 Attack method: Blackmail
Description of the event: BitMart founder and CEO Sheldon Xia tweeted to admit that a large-scale security breach occurred on the platform, and hackers were able to extract assets worth about US$150 million. The affected ETH hot wallet and BSC hot wallet carry a small amount of assets on BitMart, and the other wallets are safe and undamaged. Currently, BitMart has suspended withdrawals.
Amount of loss: $ 150,000,000 Attack method: Stolen hot wallet
Description of the event: According to a notification letter submitted by Coinbase to the California Attorney General’s Office to affected customers, a vulnerability that allows hackers to bypass Coinbase’s multi-factor authentication SMS option has affected at least 6,000 Coinbase users between March and May 2021. During the 20th day, hackers took advantage of this omission to access the accounts of affected users and transfer user funds from Coinbase. After Coinbase learned of this issue, it immediately updated its SMS account recovery agreement to prevent hackers from further bypassing the authentication process. In addition, Coinbase will deposit funds of the same value into the accounts of affected users. Coinbase has also been working closely with law enforcement agencies and is conducting an internal investigation into the incident.
Amount of loss: - Attack method: Vulnerability that allows bypassing Coinbase's multi-factor authentication SMS option
Description of the event: The non-custodial exchange DeversiFi released a post-mortem analysis report for the previous gas transaction that included 7676.62 ETH, saying that the potential problems in the EthereumJS library are combined with the gas fee changes related to the EIP-1559 upgrade in some cases, and the Ledger hardware wallet may exist The display problem of, may lead to extremely high transaction fees. When this happens, only wallets with very large funds will be affected, and other users will display transaction failures during transactions. In addition, after Bitfinex negotiated with the miners, the miners had returned 7,626 ETH, and the remaining 50 ETH was provided to the miners as a refund fee. It was previously reported that a major wallet on the Bitfinex exchange made a $100,000 USDT transfer with a total of 7676.62 ETH (approximately US$23.54 million) in Gas fees. The final recipient was a non-custodial spin-off from Bitfinex in 2019. Exchange DeversiFi.
Amount of loss: 50.62 ETH Attack method: Handle inventory defects with fixed precision and extended value range
Description of the event: The Bilaxy exchange tweeted that the hot wallet was hacked and lost approximately 296 tokens (including ETH). Users, please do not send any more funds to the Bilaxy account.
Amount of loss: $ 21,709,378 Attack method: Hot wallet was stolen
Description of the event: Liquid, a Japanese-based cryptocurrency exchange, said its hot wallet was attacked and it was transferring assets to cold wallets. It is currently investigating and has suspended its deposit and withdrawal services.
Amount of loss: $ 91,350,000 Attack method: Stolen hot wallet
Description of the event: According to Bloomberg News, the founder of the cryptocurrency investment platform Africrypt lost contact and 69,000 bitcoins (currently valued at approximately US$2.3 billion) on the platform were transferred. At 4 o'clock, Ameer Cajee, chief operating officer of Africrypt, told the client that the platform was hacked and asked them not to report the lost funds to the authorities. The investor has since hired a lawyer to conduct an investigation, but the lawyer has not been able to contact the founder of the company and has notified the South African Criminal Investigation Department. In addition, the lawyer found that funds on the Africrypt platform were transferred from their accounts and customer wallets, and made it untraceable through the Bitcoin mixer.
Amount of loss: $ 2,300,000,000 Attack method: Scam
Description of the event: Hotbit said that it suffered a serious cyber attack on April 29th, which caused a large number of basic services to be paralyzed. At the same time, the attacker tried to hack into Hotbit's wallet, but this behavior was identified and blocked by the risk control system. Since the attacker could not access any cryptocurrency assets, he deleted Hotbit's database. Hotbit is currently checking the authenticity and security of the backup data, and will restore servers and services later. At the same time, Hotbit claimed that the attackers obtained plaintext customer information stored in the database, including mobile phone numbers, email addresses, and encrypted currency asset data. Therefore, it is recommended that users pay attention to prevent phishing attacks.
Amount of loss: - Attack method: Network attacks
Description of the event: At 00:35 on April 24th, SBF, the co-founder of the FTX exchange, tweeted that the website suffered a small DDOS attack. User funds and core systems will not be affected, only the throughput of API and GUI will be affected.
Amount of loss: - Attack method: DDos attack
Description of the event: The Turkish court stated that six brothers and sisters of the executives and CEO of the Turkish exchange Thodex were formally arrested. In the past week, 83 suspects involved in this matter have been detained, most of which have now been released. It was previously reported that the founder of Thodex was suspected of "running off the road" and may have fled the country by flight from Istanbul. The user filed a lawsuit for failing to withdraw the investment amount of encrypted assets, accusing Thodex of fraud, and his lawyer said that the relevant amount may amount to hundreds of millions. Dollar.
Amount of loss: $ 2,600,000,000 Attack method: Scam
Description of the event: According to BSC news, Turtle.dex has run away, taking away about 9,000 BNB, worth more than 2 million U.S. dollars, and the website and telegram group have been deleted. BSC news refers to this as a well-thought-out and planned running behavior. At present, part of the funds have been converted into ETH to enter the Binance Exchange, and investors are urging Binance to freeze related accounts. On March 15th, in response to the question of whether it would run away, Turtle officially stated: No, because the turtles have short hands. Note: Turtle means sea turtle.
Amount of loss: 9,000 BNB Attack method: Scam
Description of the event: According to Stuff.co.nz, hackers took approximately 62,000 New Zealand dollars (45,000 USD) worth of cryptocurrency from the troubled exchange. The investigation revealed that the hacker accessed a dormant wallet that belongs to the US-based blockchain company Stakenet and is controlled by Grant Thornton, the liquidator of Cryptopia. According to the survey results, the dormant wallet holds XSN worth approximately US$1.96 million, which is the native token of Stakenet.
Amount of loss: $ 45,000 Attack method: Unknown
Description of the event: User information of BuyUCoin, an Indian cryptocurrency exchange, was leaked, and personal data of more than 325,000 people appeared in the database of the hacker organization. According to Indian news media Inc42, a hacker group called ShinyHunters placed a database containing the names, phone numbers, email addresses, tax identification numbers and bank account information of more than 325,000 BuyUCoin users.
Amount of loss: - Attack method: Data leak
Description of the event: The Altilly Exchange platform was attacked by legally authorized access. According to the official weighing, the attacker gained access to 30 BTC and 12,000 USDT and stole them while controlling the server.
Amount of loss: 30 BTC + 12,000 USDT Attack method: Unauthorized access
Description of the event: According to sources, the Russian cryptocurrency exchange Livecoin previously stated that it was attacked and lost control of its server. Later, Livecoin announced its closure on Twitter and provided a link to its new domain name "Livecoin.news".
Amount of loss: - Attack method: Server compromised
Description of the event: A major security breach in the British cryptocurrency exchange Exmo has caused the platform to freeze all withdrawals. Since EXMO has a separate server for each cryptocurrency, the hacking only affected six cryptocurrencies, BTC, XRP, ZEC, USDT, ETC, and ETH, and the affected assets were equivalent to 6% of the company's total assets. According to The Block research analyst Igor Igamberdiev, EXMO seems to have lost $10.5 million in funds. The exchange provided a list of stolen coins and their addresses, and analysis showed that most of the funds had been sent to Poloniex. The lost coins include Bitcoin (BTC), Ethereum (ETH), XRP, Ethereum Classic (ETC), Tether (USDT) and Zcash (ZEC).It was reported on December 25 that the hackers who attacked Exmo had withdrawn $4 million of stolen funds through Poloniex.
Amount of loss: $ 10,500,000 Attack method: Stolen hot wallet
Description of the event: The cryptocurrency exchange Poloniex issued an announcement stating that since December 5th at 6:30 UTC (14:30 Beijing time), its service was interrupted due to a distributed denial of service (DDoS) attack. At present, Poloniex has resumed normal trading, and user funds have not suffered any loss.
Amount of loss: - Attack method: DDoS attack