0xtracer

Volo Vaults

Wed, 22 Apr 2026 00:00:00 +0000

Volo, a protocol in the Sui ecosystem, disclosed on X that Volo Vaults experienced a security vulnerability today, resulting in approximately $3.5 million in assets (WBTC, XAUm, and USDC) being stolen. Volo stated tha…

Curve Finance Reentrancy Deep Dive

Tue, 21 Apr 2026 00:00:00 +0000

Overview

On July 30, 2023, multiple Curve Finance pools were exploited due to a reentrancy vulnerability in Vyper compiler versions 0.2.15, 0.2.16, and 0.3.0.

Root Cause

The Vyper compiler’s @nonreentrant decorator was malfunctioning in affected versions. The reentrancy lock storage slot was being incorrectly mapped, causing the guard to not trigger on reentrant calls.

@external
@nonreentrant("lock")
def remove_liquidity(...):
# This should have been protected by reentrancy guard
# but the compiler bug allowed reentrant calls

Attack Flow

Attacker calls add_liquidity() on the vulnerable pool
During the callback (via raw_call), attacker reenters remove_liquidity()
The reentrancy guard fails to block the second call
Pool state is inconsistent — attacker withdraws more than deposited

Proof of Concept

interface ICurvePool {
 function add_liquidity(uint256[2] calldata amounts, uint256 min_mint_amount) external;
 function remove_liquidity(uint256 _amount, uint256[2] calldata min_amounts) external;
}

contract CurveExploit {
 ICurvePool pool;
 bool entered;

 function attack() external {
 pool.add_liquidity([1 ether, 0], 0);
 }

 receive() external payable {
 if (!entered) {
 entered = true;
 pool.remove_liquidity(pool.balanceOf(address(this)), [0, 0]);
 }
 }
}

Key Takeaway

This incident highlights the risk of relying on compiler-level security guarantees. The vulnerability existed not in the Solidity/Vyper source code but in the compiled bytecode. Auditing only the source code would not have caught this bug.

Euler Finance Flash Loan Attack Analysis

Mon, 20 Apr 2026 00:00:00 +0000

Overview

On March 13, 2023, Euler Finance was exploited for approximately $197M through a sophisticated flash loan attack that abused the protocol’s donation mechanism.

Root Cause

Euler’s donateToReserves() function allowed users to donate eTokens to the protocol reserves without a corresponding health check. This enabled attackers to manipulate their debt-to-collateral ratio.

Attack Flow

Flash loan large amount of DAI from Aave
Deposit into Euler → receive eDAI
Mint maximum dDAI (debt tokens) through leveraged borrowing
Call donateToReserves() with eDAI — reduces collateral without repaying debt
Account is now underwater → trigger self-liquidation at a profit
Repay flash loan, keep the difference

Vulnerable Code

function donateToReserves(uint subAccountId, uint amount) external {
 // Missing: health check after donation
 // The function reduces the sender's eToken balance
 // without verifying they remain solvent
 reserves += amount;
 balanceOf[sender] -= amount;
}

Key Takeaway

Any state-changing function that modifies a user’s collateral or debt position must include a health factor check afterward. The donateToReserves() function was audited but the edge case of self-donation leading to insolvency was missed.

Vercel

Sun, 19 Apr 2026 00:00:00 +0000

Vercel CEO Guillermo Rauch stated on X that the company is currently conducting a full investigation into a security incident. The incident originated from a compromise of Context.ai, an AI platform used by a Vercel e…

DNS registrar for eth.limo

Sat, 18 Apr 2026 00:00:00 +0000

Vitalik Buterin stated on X that the DNS registrar for eth.limo has been attacked. He advised users to temporarily avoid accessing vitalik.eth.limo or any other eth.limo-related pages until official confirmation is gi…

Kelp DAO's rsETH bridge

Sat, 18 Apr 2026 00:00:00 +0000

LayerZero issued a statement saying that on April 18, KelpDAO suffered an attack resulting in approximately $290 million in losses. The incident is initially assessed to have been carried out by a highly sophisticated…

Grinex

Thu, 16 Apr 2026 00:00:00 +0000

According to The Block, Grinex, an exchange registered in Kyrgyzstan with ties to the Russian crypto market, has suspended withdrawals and trading following a large-scale cyberattack. A statement on the exchange’s web…

Rhea Finance

Thu, 16 Apr 2026 00:00:00 +0000

According to CertiK, a security incident occurred in the NEAR ecosystem DeFi protocol Rhea Finance. The attacker created multiple fake token contracts and added liquidity to newly created pools, allegedly misleading t…

CowSwap

Tue, 14 Apr 2026 00:00:00 +0000

Blockchain security firm Blockaid reported that its system has detected a front-end attack on the decentralized exchange CoW Swap, and that cow.fi has been flagged as a malicious site. Blockaid warned that users who h…

dango

Mon, 13 Apr 2026 00:00:00 +0000

The DeFi project Dango released an update three hours after disclosing a security incident last night, stating that the white-hat hacker has fully returned the stolen funds and received a bug bounty. User funds were n…

Hyperbridge

Mon, 13 Apr 2026 00:00:00 +0000

Based on monitoring by CertiK Alert, the Hyperbridge gateway contract fell victim to an exploit. The attacker utilized forged messages to manipulate administrative permissions of the Polkadot token contract on the Eth…

Zerion

Sat, 11 Apr 2026 00:00:00 +0000

An employee device at Zerion was compromised through an AI-driven social engineering attack, allegedly linked to a DPRK-associated advanced persistent threat (APT) group. The attacker successfully obtained the employe…

Denaria

Sun, 05 Apr 2026 00:00:00 +0000

Decentralized perpetual futures trading platform Denaria announced on X that it suffered a smart contract attack yesterday, resulting in a loss of approximately $165,000. The team is currently working with Linea and a…

TMM

Sun, 05 Apr 2026 00:00:00 +0000

According to ExVul monitoring, a TMM/USDT reserve manipulation attack occurred on the BSC (BNB Chain), resulting in a loss of approximately 1.665 million USDT. The attacker utilized flash loans from Lista DAO Moolah,…

HypurrFi

Sat, 04 Apr 2026 00:00:00 +0000

DeFi lending protocol HypurrFi tweeted that the hypurr.fi domain has been hijacked. The team has migrated its infrastructure to hypurrfi .com. The protocol itself, user funds, and team infrastructure remain unaffected.

Adobe

Fri, 03 Apr 2026 00:00:00 +0000

GoPlus has issued a security alert regarding a suspected cyberattack on Adobe, involving the potential leak of approximately 13 million users’ data. Affected users may face heightened risks, including phishing emails…

Drift Protocol

Thu, 02 Apr 2026 00:00:00 +0000

According to The Block, the Solana-based decentralized exchange Drift Protocol has been hit by a major exploit, with losses totaling at least $200 million. Some estimates suggest the figure is closer to $270 million,…

Galaxy Digital

Thu, 02 Apr 2026 00:00:00 +0000

A spokesperson for Galaxy Digital disclosed that the company recently contained a cybersecurity incident. Unauthorized access was strictly limited to an isolated development and testing environment; production systems…

Trust Wallet

Thu, 02 Apr 2026 00:00:00 +0000

According to ZachXBT, the Trust Wallet Discord vanity URL (discord[.]gg/trustwallet) has been hijacked and currently directs users to a phishing server. Users are advised to avoid using links from official channels—in…

LML/USDT staking protocol

Wed, 01 Apr 2026 00:00:00 +0000

According to BlockSec monitoring, an unknown contract on the BSC (BNB Smart Chain)—suspected to be the LML/USDT staking protocol—has been exploited for approximately $950,000. Analysis indicates the vulnerability stem…

Arf's official X account, @arf_one

Tue, 31 Mar 2026 00:00:00 +0000

Huma Finance issued a warning on X stating that the official X account of its partner Arf, @arf_one, has been compromised. Please refrain from interacting with any posts from that account until it has been fully secured.

axios@1.14.1

Tue, 31 Mar 2026 00:00:00 +0000

Socket has detected an active supply chain attack targeting version 1.14.1 of the core npm package, axios. The attacker injected malicious code into axios by introducing a malicious dependency that first appeared toda…

Steakhouse Financial

Tue, 31 Mar 2026 00:00:00 +0000

Steakhouse Financial disclosed yesterday that it was targeted by a phone-based social engineering attack against its provider, OVH Cloud. The attacker modified the DNS A records of the main website and app subdomains…

unknown contract (Stake) on BSC

Fri, 27 Mar 2026 00:00:00 +0000

According to monitoring by BlockSec Phalcon, a suspicious transaction targeting an unknown contract (Stake) on the BSC chain has been detected, resulting in a loss of approximately $133,000. The attacker exploited a s…

Moonwell

Thu, 26 Mar 2026 00:00:00 +0000

According to The Block, DeFi lending protocol Moonwell is facing a governance attack on its Moonriver deployment, where an unknown attacker spent approximately $1,800 to acquire 40 million MFAM tokens and managed to b…

LiteLLM

Wed, 25 Mar 2026 00:00:00 +0000

SlowMist’s CISO 23pds warned on X: “A major supply chain attack has hit LiteLLM (97M monthly downloads) via PyPI. Simply executing pip install litellm allows attackers to steal sensitive data: SSH keys, cloud logins (…

Bitcoin Depot

Mon, 23 Mar 2026 00:00:00 +0000

According to Decrypt, Bitcoin ATM operator Bitcoin Depot disclosed in a filing with the U.S. Securities and Exchange Commission that it experienced a security breach on March 23. Approximately 50.9 BTC, valued at arou…

PancakeSwap BCE-USDT

Mon, 23 Mar 2026 00:00:00 +0000

According to BlockSec Phalcon’s monitoring, the BCE-USDT pool on PancakeSwap (BSC chain) was exploited a few hours ago, resulting in a loss of approximately $679,000. The root cause lies in a vulnerability within the…

Resolv Labs

Sun, 22 Mar 2026 00:00:00 +0000

PeckShield alerted on X that Resolv Labs’ stablecoin, $USR, has seen multiple suspicious large-scale minting events. A total of $80 billion worth of USR has been minted so far.

Neutrl

Thu, 19 Mar 2026 00:00:00 +0000

The DeFi protocol Neutrl announced on platform X that its frontend appears to have been compromised and that the team is conducting an urgent investigation. Out of an abundance of caution, the official advisory recomm…

dTRINITY

Wed, 18 Mar 2026 00:00:00 +0000

dTRINITY disclosed on X that yesterday, the dLEND deployment on Ethereum suffered its first deposit inflation attack. This incident drained the dUSD liquidity in the lending pool, resulting in approximately $257,000 i…

Venus Protocol

Sun, 15 Mar 2026 00:00:00 +0000

An attacker exploited a vulnerability in the Venus Protocol, utilizing flash loans to acquire a substantial amount of assets. In this attack, the attacker’s address (0x1a35…6231) successfully obtained 20 BTC, 1.5 mi…

AM/USDT pool

Thu, 12 Mar 2026 00:00:00 +0000

The AM/USDT pool on the BSC chain was exploited several hours ago, with estimated losses of approximately $131,000. The root cause lies in a vulnerability within the burn mechanism, which was exploited to manipulate t…

DBXen

Thu, 12 Mar 2026 00:00:00 +0000

According to monitoring by BlockSec Phalcon, the DBXen contract was attacked this morning, with estimated losses of approximately $150,000.The root cause lies in a sender identity inconsistency within the ERC-2771 met…

BONKfun

Wed, 11 Mar 2026 00:00:00 +0000

BONKfun announced on X that its official website fell victim to a malicious social engineering attack on March 11. The attacker hijacked the BONKfun domain via the Domain Name Service (DNS) provider and transferred it…

Gondi

Tue, 10 Mar 2026 00:00:00 +0000

The NFT platform Gondi recently suffered a smart contract vulnerability attack, resulting in the theft of approximately 78 NFTs, with losses of about $230,000. According to an official announcement from Gondi, the att…

MT-WBNB LP

Tue, 10 Mar 2026 00:00:00 +0000

According to BlockSec Phalcon’s monitoring, a suspicious transaction targeting the MT-WBNB liquidity pool on BSC was detected several hours ago, resulting in an estimated loss of approximately $242,000. The root cause…

Solv Protocol

Fri, 06 Mar 2026 00:00:00 +0000

The Bitcoin staking protocol Solv Protocol stated on X that its BRO Vault experienced a limited exploit. Fewer than 10 users were affected, with a loss of 38.0474 SolvBTC (approximately $2.7 million). Other vaults and…

Inverse Finance

Mon, 02 Mar 2026 00:00:00 +0000

According to BlockSec Phalcon’s monitoring, its system detected a suspicious transaction targeting an Inverse Finance contract on Ethereum several hours ago, resulting in a loss of approximately $240,000. The incident…

Bitrefill

Sun, 01 Mar 2026 00:00:00 +0000

Bitcoin payment service provider Bitrefill disclosed on X that it suffered a cyberattack on March 1, 2026, resulting in a customer data breach. The attack originated from a compromised employee laptop, which allowed t…

Stake Nova

Fri, 27 Feb 2026 00:00:00 +0000

Stake Nova suffered a loss of approximately $137,014, representing about 95% of user deposits. The root cause was an unchecked validation issue in the RedeemNovaSol() function, which led to a flash-loan exploit that d…

FOOMCASH

Thu, 26 Feb 2026 00:00:00 +0000

The privacy gaming platform FOOMCASH was attacked on Base and Ethereum, resulting in a loss of 24,283,773,519,600 $FOOM (approximately $2.26 million). The vulnerability was caused by a misconfiguration of the verifica…

Holdstation

Wed, 25 Feb 2026 00:00:00 +0000

The Holdstation team has confirmed on X that its DeFAI Smart Wallet product experienced a security incident. According to the latest update, the total loss has been confirmed at approximately 462,000 USDT. The team st…

WLFI

Mon, 23 Feb 2026 00:00:00 +0000

WLFI announced on X that USD1 experienced an organized attack this morning. The attackers reportedly compromised the accounts of several WLFI co-founders, paying influencers to spread FUD (Fear, Uncertainty, and Doubt…

IoTeX

Sat, 21 Feb 2026 00:00:00 +0000

The IoT-focused public chain IoTeX suffered a professional hacker attack caused by a private key compromise of the ioTube bridge’s Ethereum-side validator owner. This allowed the attacker to gain administrative privil…

Moonwell

Wed, 18 Feb 2026 00:00:00 +0000

According to Decrypt, the DeFi lending protocol Moonwell incurred approximately $1.78 million in bad debt due to an oracle configuration error.

Arbitrum Governance

Tue, 03 Feb 2026 00:00:00 +0000

Arbitrum has issued a security alert: The official X account for Arbitrum Governance (@arbitrumdao_gov) has been compromised. Do not click on any links posted by this account or engage with it. The team is working to…

CrossCurve

Mon, 02 Feb 2026 00:00:00 +0000

The cross-chain liquidity protocol CrossCurve (formerly EYWA) has confirmed that its cross-chain bridge protocol is under attack, due to a vulnerability in its smart contract that was exploited, resulting in the theft…

Step Finance

Sat, 31 Jan 2026 00:00:00 +0000

Step Finance has issued a statement on X regarding a recent exploit, disclosing that approximately $40 million was stolen from its treasury due to a compromise of an executive’s device. Upon detecting the vulnerabilit…

Solar

Tue, 27 Jan 2026 00:00:00 +0000

Solar, the official Solana Mandarin community, highly suspects its official X account (@Solana_zh) has been hacked. The team currently lacks access and is working urgently with X support to resolve the issue. Recovery…

unknown contract

Tue, 27 Jan 2026 00:00:00 +0000

According to BlockSec monitoring, an unknown contract on the BSC network was exploited. The attacker leveraged a design flaw in the “burn pair” mechanism to execute two reverse swaps, resulting in losses of approximat…

Aperture Finance

Mon, 26 Jan 2026 00:00:00 +0000

Aperture Finance posted on X stating that it has detected an exploit affecting Aperture V3/V4 contracts. To prevent new approvals, core functionalities have been suspended in the front-end application, and the team is…

SwapNet

Mon, 26 Jan 2026 00:00:00 +0000

According to PeckShield, Matcha Meta reported that SwapNet suffered a security breach, with losses reaching $16.8 million. The attacker swapped approximately 10.5 million USDC for around 3,655 ETH on Base, and has beg…

Scroll

Sun, 25 Jan 2026 00:00:00 +0000

Scroll alerted on X that the X account of co-founder @shenhaichen has been compromised. They are actively working to recover the account and advise users not to interact with any links or direct messages.

Mithril

Wed, 21 Jan 2026 00:00:00 +0000

According to an announcement from Paradex, the internal systems of the Mithril trading bot were compromised by an attacker, resulting in the exposure of approximately 57 user subkeys. While these subkeys do not allow…

SagaEVM

Wed, 21 Jan 2026 00:00:00 +0000

According to an official announcement from Saga, the SagaEVM chain has suffered an attack involving a series of malicious contract deployments, cross-chain operations, and liquidity withdrawals. The attacker transferr…

Makinafi

Tue, 20 Jan 2026 00:00:00 +0000

According to PeckShieldAlert monitoring, the Makinafi protocol was exploited by hackers, resulting in a loss of approximately 1,299 ETH (about $4.13 million). The stolen funds are currently held in two addresses: 0xbe…

SynapLogic

Tue, 20 Jan 2026 00:00:00 +0000

According to a BlockSec alert, the SynapLogic contract lacked critical parameter validation in the swapExactTokensForETHSupportingFeeOnTransferTokens function, allowing attackers to manipulate the whitelist logic and…

FutureSwap

Wed, 14 Jan 2026 00:00:00 +0000

The FutureSwap protocol deployed on Arbitrum was exploited again via a reentrancy vulnerability, following its first attack four days ago, resulting in a loss of approximately $74,000. The attacker had previously abus…

Truebit

Fri, 09 Jan 2026 00:00:00 +0000

The blockchain verification protocol Truebit was suspected to have been hacked, losing 8,535 ETH, valued at approximately $26.44 million.

Darren Lau

Thu, 08 Jan 2026 00:00:00 +0000

CertiK Alert tweeted that the X account of Darren Lau, founder of The Daily Ape, has been compromised by hackers. The CertiK security team warns users not to click any links or approve any transactions before control…

Polycule

Thu, 08 Jan 2026 00:00:00 +0000

The Polymarket-based trading bot project Polycule has been hacked. The Polycule team stated that approximately $230,000 in user funds were affected in this incident. The related bots have been taken offline, and patch…

IPOR USDC Fusion Optimizer

Tue, 06 Jan 2026 00:00:00 +0000

Fusion has released a security update stating that its IPOR USDC Fusion Optimizer contains a vulnerability in the Arbitrum Vault. The IPOR team was notified and confirmed on January 6 that the vulnerability had result…

TMX

Tue, 06 Jan 2026 00:00:00 +0000

According to CertiK Alert, a vulnerability involving a contract related to TMX on Arbitrum has been detected, with estimated losses of around $1.4 million. During the exploit loop, the attacker minted and staked TMX L…

Arbitrum

Mon, 05 Jan 2026 00:00:00 +0000

Multiple suspicious transactions involving proxy contracts were detected on Arbitrum (ARB), with estimated losses of approximately $1.5 million. Preliminary analysis indicates that the sole deployer of the USDGambit a…

Bitlight Labs

Mon, 05 Jan 2026 00:00:00 +0000

The X (formerly Twitter) account of Bitlight Labs, a Bitcoin RGB protocol and Lightning Network stablecoin payment infrastructure provider, was suspected of being compromised and posted content related to a meme token.

OLY token holders

Mon, 05 Jan 2026 00:00:00 +0000

According to TenArmorAlert, a sandwich attack involving OLY has been detected on BSC, causing estimated losses of around $63,400.

HitBTC

Sun, 04 Jan 2026 00:00:00 +0000

SlowMist team has issued a security advisory stating that it has identified a potentially critical vulnerability on the HitBTC exchange platform. The issue has been responsibly disclosed to HitBTC in advance via priva…

Unleash Protocol

Tue, 30 Dec 2025 00:00:00 +0000

The Unleash Protocol project deployed on Story Protocol suffered an unauthorized contract upgrade, followed by the malicious transfer of user assets. The attacker manipulated the project’s multisig governance privileg…

MSCST

Mon, 29 Dec 2025 00:00:00 +0000

On the BSC network, an unknown smart contract MSCST suffered a flash loan attack, resulting in an estimated loss of approximately $130,000. The root cause of the exploit lies in the lack of access control (ACL) within…

Debot

Sat, 27 Dec 2025 00:00:00 +0000

SlowMist founder Cos stated on the X platform that the team is currently following up on the DeBot incident and monitoring on-chain activity. According to him, users’ private keys associated with DeBot have been compr…

Flow

Sat, 27 Dec 2025 00:00:00 +0000

The Flow Foundation announced that an attacker exploited a vulnerability in the Flow execution layer, transferring approximately $3.9 million in assets off the network before validators were able to coordinate and hal…

Trust Wallet

Fri, 26 Dec 2025 00:00:00 +0000

Trust Wallet has issued an official notice confirming that version 2.68 of its browser extension contains a security vulnerability, and advised all users running version 2.68 to immediately disable it and upgrade to v…

Futureswap

Wed, 17 Dec 2025 00:00:00 +0000

According to monitoring by SlowMist’s MistEye security monitoring system, potential suspicious activities related to @futureswapx have been detected. Further analysis indicates that the root cause lies in an attacker…

ICRYPEX Global

Wed, 17 Dec 2025 00:00:00 +0000

SlowMist has issued a security alert to the cryptocurrency exchange ICRYPEX Global, stating that a potentially critical vulnerability has been identified.

Yearn Finance V1

Wed, 17 Dec 2025 00:00:00 +0000

According to monitoring by Paidun, Yearn Finance V1 suffered a hacker attack, resulting in a total loss of approximately USD 300,000. The attacker has converted the stolen funds into 103 ETH, which are currently held…

Azbitm

Tue, 16 Dec 2025 00:00:00 +0000

SlowMist sent a security alert to the cryptocurrency exchange Azbitm, stating that a potential vulnerability has been detected.

Aevo

Sun, 14 Dec 2025 00:00:00 +0000

On December 14, Aevo announced that a vulnerability introduced during a smart contract upgrade led to an attack on the legacy Ribbon DOV vault on December 12, resulting in losses of approximately $2.7 million.

ZEROBASE

Fri, 12 Dec 2025 00:00:00 +0000

According to SlowMist founder Yu Cos and ZEROBASE officials, a malicious contract on the BSC chain, “Vault” (0x0dd2…2396), impersonated the ZEROBASE frontend to trick users into authorizing USDT. The incident is suspe…

0G Foundation

Thu, 11 Dec 2025 00:00:00 +0000

The 0G Foundation posted on X that a targeted attack on December 11 resulted in a breach of their reward contract. The attacker exploited the emergency withdrawal function of the 0G reward contract, which is used for…

Almanak

Thu, 11 Dec 2025 00:00:00 +0000

According to an announcement by Almanak, during today’s airdrop, operational errors and a DDoS attack caused delays in claims and failures in wallet deployment. The claim function was originally scheduled to open at 1…

PEPE

Thu, 04 Dec 2025 00:00:00 +0000

According to cybersecurity firm Blockaid, the official website of the meme coin PEPE was compromised by attackers, who modified the website’s front-end code, causing users visiting the site to be redirected to a malic…

USPD

Thu, 04 Dec 2025 00:00:00 +0000

According to PeckShieldAlert, the stablecoin project USPD has suffered a major security breach, resulting in approximately $1 million in losses. The USPD team later confirmed that the protocol had been exploited, with…

React

Wed, 03 Dec 2025 00:00:00 +0000

According to Finance Feeds, hackers exploited a vulnerability in the React JavaScript library to inject code into websites that steals funds from cryptocurrency wallets, primarily targeting cryptocurrency platforms. O…

Goldfinch

Tue, 02 Dec 2025 00:00:00 +0000

The on-chain private fund Goldfinch’s old contract on Ethereum (0x0689) contained a vulnerability. Because the user deltatiger.eth did not revoke the authorization in time, they were exploited and lost approximately U…

Yearn Finance

Sun, 30 Nov 2025 00:00:00 +0000

According to PeckShieldAlert on X, Yearn Finance suffered an attack in which the hacker drained the liquidity pool by infinitely minting yETH, causing losses of roughly $9 million. Approximately 1,000 ETH (about $3 mi…

Upbit

Thu, 27 Nov 2025 00:00:00 +0000

Upbit CEO Woo Kyung-sik issued a public statement regarding the recent security breach and apologized to users, noting that the incident resulted from shortcomings in Upbit’s internal security management. On the morni…

Agentic FoF

Mon, 24 Nov 2025 00:00:00 +0000

BasisOS disclosed on X: “Due to a security breach, the Agentic FoF was compromised, resulting in approximately USD 531,000 in leaked funds. All vaults have now been suspended, and withdrawals from the Agentic FoF have…

Port3 Network

Sun, 23 Nov 2025 00:00:00 +0000

The decentralized AI data network Port3 Network disclosed on X that its token PORT3 was maliciously minted by a hacker exploiting a cross-chain bridge vulnerability. According to on-chain analyst Yujin, the attacker u…

Aerodrome

Fri, 21 Nov 2025 00:00:00 +0000

Aerodrome, a DEX built on Base, posted on X that the centralized domains of Velodrome and Aerodrome were hijacked on November 21 due to an internal security vulnerability at NameSilo, resulting in redirection to malic…

DMT 空投(@dexmaxai)

Thu, 20 Nov 2025 00:00:00 +0000

GoPlus has issued a security alert: Users who claimed the DMT airdrop from @dexmaxai are advised to revoke approvals immediately or transfer their assets to a secure wallet. Multiple victims reported today that they w…

GANA Payment

Thu, 20 Nov 2025 00:00:00 +0000

According to on-chain security analyst ZachXBT, the payment project GANA Payment on the BSC chain was attacked a few hours ago, resulting in an estimated loss of $3.1 million. The attacker has deposited 1,140 BNB (aro…

WLFI

Thu, 20 Nov 2025 00:00:00 +0000

According to a WLFI announcement, prior to the platform’s official launch, some user wallets were compromised due to phishing attacks or mnemonic phrase leaks. WLFI emphasized that the incident was not caused by any p…

Nofx AI

Mon, 17 Nov 2025 00:00:00 +0000

SlowMist founder Cos reminded users of the NOFX AI open-source automated trading system to be aware of potential security risks. Although the NOFX AI open-source work has shown good intentions, real theft incidents ha…

Aftermath

Fri, 14 Nov 2025 00:00:00 +0000

Sui’s official X account issued a reminder stating that the X account of Aftermath, a liquid staking protocol in the Sui ecosystem, has been compromised. Users are advised not to interact with the account until the te…

Hyperliquid

Thu, 13 Nov 2025 00:00:00 +0000

According to Arkham’s monitoring, an attacker allegedly carried out a deliberate exploit against HLP (Hyperliquidity Provider) on Hyperliquid. The attacker used 19 wallets and $3 million in principal to open a leverag…

Polymarket

Tue, 11 Nov 2025 00:00:00 +0000

According to a post by crypto trader @25usdc, hackers are exploiting the comment section of Polymarket to carry out scam activities, resulting in losses exceeding $500,000. The attackers post links to their phishing w…

Moonwell

Tue, 04 Nov 2025 00:00:00 +0000

According to CertiK’s monitoring, the Moonwell lending contract suffered multiple attack transactions. The attacker exploited an incorrect oracle price for wrst (around USD 5.8 million). By using a flash loan of only…

Balancer V2

Mon, 03 Nov 2025 00:00:00 +0000

The DeFi protocol Balancer V2 suffered a vulnerability exploit that affected its Composable Stable Pools. The root cause of the incident was an incorrect rounding direction in the Stable Pool’s “exact-out” swap path….

Berachain

Mon, 03 Nov 2025 00:00:00 +0000

Berachain announced that approximately USD 12.8 million in funds lost due to the BEX/Balancer v2 vulnerability have been fully returned to the Berachain Foundation’s deployer address, and the blockchain has now resume…

Garden Finance

Fri, 31 Oct 2025 00:00:00 +0000

According to CertiK Alert, the Garden attacker has transferred 501 BNB and 1,910 ETH (worth approximately $6.65 million) to Tornado Cash.The address starting with 0x98BC still holds around $910,000 in assets.It is rep…

402Bridge

Tue, 28 Oct 2025 00:00:00 +0000

402Bridge posted on X to alert users that a token theft incident had occurred. The technical team is investigating the entire process and advised all users to immediately revoke existing authorizations and transfer th…

GMGN

Tue, 28 Oct 2025 00:00:00 +0000

GMGN co-founder Haze posted on X (Twitter):“We have noticed a deliberate external phishing attack targeting GMGN. The attacker induced users to click by forging a third-party token website, triggering unauthorized tra…

GMGN

Sat, 25 Oct 2025 00:00:00 +0000

On October 27, GMGN Co-founder Haze posted on X, stating that the team has completed compensation payments to users affected by the MEV attack. He noted that 48 hours earlier, GMGN had suffered an MEV attack involving…

Noble

Thu, 23 Oct 2025 00:00:00 +0000

According to monitoring by Scam Sniffer, the official X account of Noble was compromised, and the attacker used it to post phishing tweets.

DoodiPals

Tue, 21 Oct 2025 00:00:00 +0000

The Solana-based mini entertainment project DoodiPals suffered a private key leak. The attacker sold tokens from dozens of wallets and exchanged them for SOL, making a total profit of about 917 SOL (approximately $171…

Sharwa.Finance

Mon, 20 Oct 2025 00:00:00 +0000

According to a BlockSec Phalcon alert, Sharwa.Finance disclosed that it had suffered an attack and subsequently suspended operations. However, several hours later, multiple suspicious transactions occurred again, sugg…

Astra Nova

Sun, 19 Oct 2025 00:00:00 +0000

Astra Nova announced on X that its third-party managed account was compromised, allowing the attacker to take control and liquidate assets. The team stated that they are taking necessary measures and will involve law…

Typus Finance

Wed, 15 Oct 2025 00:00:00 +0000

According to Typus Finance’s post-incident analysis report, on October 15, 2025, an attacker exploited a critical vulnerability in the project’s oracle module to drain funds from the TLP contract. The stolen assets in…

Watt Protocol

Thu, 09 Oct 2025 00:00:00 +0000

According to monitoring by Scam Sniffer, the official X account of Watt Protocol was compromised, and the attacker used it to post phishing tweets.

MIN Spell

Sat, 04 Oct 2025 00:00:00 +0000

MIN Spell posted on X that the team discovered a security vulnerability affecting some deprecated V4 Cauldrons on the Ethereum mainnet. During the attack, the attacker minted 1.79 million MIM. Shortly afterward, the D…

BNB Chain

Wed, 01 Oct 2025 00:00:00 +0000

On October 1, BNB Chain officially announced that its English Twitter account had been compromised and was under emergency recovery, warning users not to click on any links.Subsequent investigation revealed that the i…

dTRINITY

Sun, 28 Sep 2025 00:00:00 +0000

The DeFi protocol dTRINITY suffered an exploit targeting its swap adapter contracts, resulting in the loss of approximately $56,000 belonging to core team members.

Hyperdrive

Sat, 27 Sep 2025 00:00:00 +0000

The DeFi protocol Hyperdrive, built on the Hyperliquid chain, was exploited. The attacker repeatedly abused an arbitrary call vulnerability in the router, resulting in a loss of approximately $782,000.

HyperVault

Fri, 26 Sep 2025 00:00:00 +0000

The DeFi protocol HyperVault, built on the Hyperliquid chain, has executed a rug pull, making off with approximately $3.61 million.

GriffinAI

Wed, 24 Sep 2025 00:00:00 +0000

The attackers exploited a misconfigured LayerZero bridge along with a compromised private key for the GAIN BSC contract. By setting a malicious peer contract on Ethereum, they bypassed validation checks and minted 5 b…

SBI Crypto

Wed, 24 Sep 2025 00:00:00 +0000

According to on-chain investigator ZachXBT, Japan’s financial giant SBI Group may have experienced a security breach involving its cryptocurrency mining subsidiary, SBI Crypto. Wallet addresses associated with the com…

Corepound

Tue, 23 Sep 2025 00:00:00 +0000

The DeFi project Corepound, built on the Core DAO blockchain, has carried out a rug pull, making off with approximately $400,000.

Seedify

Tue, 23 Sep 2025 00:00:00 +0000

Meta Alchemist, founder of the Web3 incubator and launchpad platform Seedify, announced on X that one of its SFUND bridges was recently hacked. According to Seedify’s official account, a DPRK-affiliated group known fo…

UXLINK

Mon, 22 Sep 2025 00:00:00 +0000

AI-driven Web3 social platform UXLINK suffered an attack affecting platform-related assets, resulting in losses exceeding USD 11 million. Investigation showed that the attacker had prepared for months prior to the inc…

Yala

Sun, 14 Sep 2025 00:00:00 +0000

On September 14, the stablecoin protocol Yala disclosed that a recent security incident occurred when a hacker abused a temporary deployment key during the setup of an authorized cross-chain bridge. The attacker deplo…

Kame Aggregator

Fri, 12 Sep 2025 00:00:00 +0000

Kame Aggregator suffered an exploit due to a design flaw in the swap() function, which allowed arbitrary executor calls. This vulnerability enabled attackers to transfer tokens authorized to the AggregationRouter by u…

Shibarium Bridge

Fri, 12 Sep 2025 00:00:00 +0000

The Shibarium bridge, connecting the Layer 2 network of the same name to Ethereum, was targeted in a flash loan attack, resulting in a loss of approximately $2.4 million. The attacker used a flash loan to purchase 4.6…

Aqua

Mon, 08 Sep 2025 00:00:00 +0000

On-chain investigator ZachXBT reported that the Solana project Aqua has likely executed a rug pull involving approximately 21,770 SOL (~$4.65M). A few hours ago, the funds were split into four parts, moved through mul…

Nemo Protocol

Mon, 08 Sep 2025 00:00:00 +0000

Nemo Protocol, a DeFi protocol on Sui, was attacked, resulting in a loss of approximately $2.4 million.

SwissBorg

Mon, 08 Sep 2025 00:00:00 +0000

Swiss crypto platform SwissBorg suffered a security incident in which approximately 192,600 SOL (~$41.5M) was stolen on Solana. According to SwissBorg’s official statement, the incident was caused by a compromised par…

Bunni

Tue, 02 Sep 2025 00:00:00 +0000

Bunni, a DEX built on Uniswap v4, was exploited on Ethereum and UniChain, with total losses of approximately $8.4 million.

BetterBank

Wed, 27 Aug 2025 00:00:00 +0000

The PulseChain-based defi project BetterBank was exploited by an attacker who took advantage of a vulnerability that allowed them to mint arbitrary tokens, some of which they then swapped for ETH. The attacker later r…

Equilibria Finance

Sun, 24 Aug 2025 00:00:00 +0000

According to an announcement from Equilibria Finance, a vulnerability was discovered in the ePENDLE auto-compounder contract on Ethereum, resulting in a loss of approximately 13.36 ETH. The issue stemmed from the stk-…

ABCCApp

Sat, 23 Aug 2025 00:00:00 +0000

ABCCApp on BSC was reportedly attacked, resulting in a loss of approximately $10.1K. The root cause was that the contract’s addFixedDay() function lacked access control, and fixedDay was used in calculating claimable…

Puffer Finance

Wed, 20 Aug 2025 00:00:00 +0000

According to SlowMist Threat Intelligence, puffer[.]fi and @puffer_finance have been compromised.

D3X AI

Sat, 16 Aug 2025 00:00:00 +0000

D3X AI (@D3X_AI) was attacked on BSC, resulting in a loss of approximately $158.9K. The root cause was that the exchange() function of contract 0xb8ad relied on the spot price of the d3xat token from a UniswapV2 pair,…

Level

Fri, 15 Aug 2025 00:00:00 +0000

The official X account of the stablecoin protocol Level was reportedly compromised, and a fraudulent airdrop link was posted.

BtcTurk

Thu, 14 Aug 2025 00:00:00 +0000

The Turkish cryptocurrency exchange BtcTurk has reportedly suffered another hack. BtcTurk acknowledged “unusual activity” in its hot wallets and has suspended deposits and withdrawals. However, the exchange did not di…

ODIN.FUN

Tue, 12 Aug 2025 00:00:00 +0000

The Bitcoin-based memecoin launchpad ODIN.FUN suffered an exploit, losing approximately 58.2 BTC (around $7 million). The attacker allegedly manipulated the prices of several tokens and then withdrew bitcoin based on…

Credix

Mon, 04 Aug 2025 00:00:00 +0000

The decentralized lending protocol Credix suffered an exploit, losing approximately $4.5 million. The attacker gained control of an admin wallet, minted tokens, and drained liquidity pools. After the incident, Credix…

SuperRare

Mon, 28 Jul 2025 00:00:00 +0000

According to monitoring by SlowMist’s MistEye security system, the NFT platform SuperRare was exploited. The root cause of the vulnerability was an incorrect permission check in the updateMerkleRoot function, which al…

WOO X

Thu, 24 Jul 2025 00:00:00 +0000

Crypto trading platform WOO X suffered an attack resulting in a loss of approximately $14 million. According to the official disclosure, the incident stemmed from a targeted phishing attack that compromised a team mem…

Swarms

Mon, 21 Jul 2025 00:00:00 +0000

The AI agent protocol Swarms disclosed on the X platform that its community Discord account had been compromised. Earlier today, a team member’s Discord account was breached after receiving a malicious direct message…

CoinDCX

Sat, 19 Jul 2025 00:00:00 +0000

On July 19, on-chain investigator ZachXBT posted on his personal channel: “Looks like the India centralized exchange ‘CoinDCX’ was likely drained for ~$44.2M almost 17 hours ago and has yet to disclose the incident to…

VDS

Thu, 17 Jul 2025 00:00:00 +0000

According to monitoring by SlowMist’s MistEye security system, VDS on the BSC appears to have been attacked, with an estimated loss of around $13,000.

BigONE

Wed, 16 Jul 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, cryptocurrency exchange BigONE has suffered a supply chain attack, with losses exceeding $27 million. The attacker breached the production network and altered the…

Arcadia Finance

Tue, 15 Jul 2025 00:00:00 +0000

According to the incident analysis report released by Arcadia Finance, at 04:05 AM UTC on July 15, 2025, an active exploit targeting a series of peripheral contracts occurred. The attacker abused the delegated powers…

Pundi AI

Sat, 12 Jul 2025 00:00:00 +0000

Pundi AI recently experienced a security breach resulting in the unauthorized minting of 1 million tokens. The incident was caused by a vulnerability in the token swap contract, which was exploited via a front-running…

Plasma

Fri, 11 Jul 2025 00:00:00 +0000

The official X account of @PlasmaFDN has been compromised. The attacker is posting phishing links using the X Bot UA spoofing trick—the URLs appear legitimate at first glance but redirect to a phishing site: https://v…

Kinto

Thu, 10 Jul 2025 00:00:00 +0000

Ramon Recuero, co-founder of Kinto, a modular exchange platform in the Arbitrum ecosystem, tweeted about the recent attack, stating that the hacker exploited a vulnerability on Arbitrum that allowed unlimited minting…

GMX

Wed, 09 Jul 2025 00:00:00 +0000

On July 9, according to monitoring by MistTrack’s MistEye security system, the well-known decentralized trading platform GMX (@GMX_IO) suffered an attack, resulting in asset losses exceeding $42 million. Analysis indi…

Texture

Wed, 09 Jul 2025 00:00:00 +0000

An attacker exploited a vulnerability in the Solana-based lending protocol Texture, stealing approximately $2.2 million in user funds from one of the project’s vaults. Shortly after the incident, Texture offered the a…

ZKSwap

Wed, 09 Jul 2025 00:00:00 +0000

ZKSwap’s Ethereum Layer 1 bridge suffered an exploit in which the attacker leveraged its emergency withdrawal mechanism, resulting in a loss of approximately $5 million. Analysis revealed that the component responsibl…

Synthetix

Sun, 06 Jul 2025 00:00:00 +0000

The @synthetix_io main X(Twitter) account has been hacked. Please DO NOT interact with links from this account while we work to regain control.

PANews

Fri, 27 Jun 2025 00:00:00 +0000

The @PANewsCN X account has been compromised. Do not click on any recent links or interact with its posts. Please wait for an official update.

Resupply

Thu, 26 Jun 2025 00:00:00 +0000

According to monitoring by the MistEye system, decentralized stablecoin protocol Resupply appears to have suffered an exploit, with estimated losses of around $9.5 million. The attacker manipulated the cvcrvUSD exchan…

MEV Bot

Wed, 25 Jun 2025 00:00:00 +0000

A suspicious attack involving MEV bot 0xb5cb occurred on BSC, resulting in losses of approximately $2 million.

Silo Labs

Wed, 25 Jun 2025 00:00:00 +0000

According to Silo Labs’ postmortem report, an unreleased leverage feature smart contract deployed on Ethereum mainnet and Sonic was exploited during its testing phase. The affected contract was separate from Silo’s co…

CoinTelegraph

Mon, 23 Jun 2025 00:00:00 +0000

According to monitoring by Scam Sniffer, the front end of CoinTelegraph has been hacked—exercise caution. Reportedly, clicking the CoinTelegraph website triggers a pop-up containing “airdrop” information that cannot b…

CoinMarketCap

Sat, 21 Jun 2025 00:00:00 +0000

According to monitoring by Scam Sniffer, the front end of CoinMarketCap has been compromised. Users are advised to remain vigilant. Following an investigation, CoinMarketCap confirmed that a total of 76 accounts were…

Hacken

Sat, 21 Jun 2025 00:00:00 +0000

The private key of a wallet with minting privileges for Web3 security firm Hacken’s native token, HAI, was leaked. According to Hacken, the incident was caused by “human error during architectural changes.” After gain…

Abstract Chain

Fri, 20 Jun 2025 00:00:00 +0000

According to reports from social media users, the official X account of Abstract Chain appears to have been compromised. The attacker is impersonating the project to promote a fake “official token” scam.

a16z

Thu, 19 Jun 2025 00:00:00 +0000

a16z stated on social media:“Earlier today, our X account was briefly compromised. During that time, the account promoted a token and other fake content — none of which originated from a16z. Apologies for any confusio…

Mehdi Farooq

Thu, 19 Jun 2025 00:00:00 +0000

Mehdi Farooq, a partner at crypto VC firm Hypersphere, disclosed on X that he fell victim to a fake Zoom meeting phishing attack, resulting in the draining of six crypto wallets and the loss of his savings accumulated…

Nobitex

Wed, 18 Jun 2025 00:00:00 +0000

The Iran-based Nobitex cryptocurrency exchange suffered a $90 million hack, and the attacker has also promised to imminently release data and source code from the platform. The hacking group appears to have burned the…

Meta Pool

Tue, 17 Jun 2025 00:00:00 +0000

An attacker exploited a vulnerability in the staking contract for Meta Pool, which is a liquid staking project. This allowed them to mint 9,700 mpETH, the project’s liquid staking token, which is notionally worth $27…

Echo Protocol

Sat, 14 Jun 2025 00:00:00 +0000

Echo Protocol, a project built on the Bitcoin ecosystem, has experienced a compromise of its official X (formerly Twitter) account. Users are advised to refrain from interacting with any recent posts or links and to a…

ether.fi

Sat, 07 Jun 2025 00:00:00 +0000

The official ether.fi Discord was hacked, and fraudulent messages containing scam links were posted. ether.fi urges users not to interact with any links within the Discord.

ALEX Protocol

Fri, 06 Jun 2025 00:00:00 +0000

On June 6, 2025, ALEX Protocol was attacked due to a vulnerability in its on-chain self-listing verification logic, which is constrained by limitations on Stacks. As a result, multiple asset pools were drained, with t…

Force Bridge

Sun, 01 Jun 2025 00:00:00 +0000

The Force Bridge, a cross-chain bridge on the Nervos Network, is suspected to have been compromised, with approximately $3.7 million in assets stolen. The Nervos team has urgently suspended all contracts and is active…

MegaETH

Sun, 01 Jun 2025 00:00:00 +0000

MegaETH stated that its X (formerly Twitter) account has been compromised, warning users not to click on any links or view recent posts.

Malda

Fri, 30 May 2025 00:00:00 +0000

The vulnerability originated in the Migrator.sol contract. The contract allowed the Mendi Comptroller address to be passed dynamically, rather than being hardcoded. This enabled the attacker to supply their own malici…

Cork Protocol

Wed, 28 May 2025 00:00:00 +0000

On May 28, SlowMist detected potential suspicious activity related to Cork Protocol. According to the SlowMist security team’s analysis, the root cause of the attack was the lack of strict validation on user-supplied…

Usual Protocol

Tue, 27 May 2025 00:00:00 +0000

According to monitoring by SlowMist, Usual Protocol suffered a sophisticated arbitrage attack. The attacker exploited a price discrepancy between the protocol’s internal mechanisms and external markets. The core issue…

Cetus

Thu, 22 May 2025 00:00:00 +0000

On May 22, according to community reports, the SUI ecosystem’s liquidity provider Cetus Protocol was reportedly attacked. Liquidity pool depth dropped sharply, and multiple token pairs on Cetus experienced significant…

Nexo

Thu, 22 May 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, the digital asset wealth management platform Nexo suffered a sandwich attack due to a lack of access control in one of its contracts, resulting in a loss of appro…

Nitron

Fri, 16 May 2025 00:00:00 +0000

On May 16th, Demex’s lending market Nitron was exploited, resulting in a loss of $950,559 in user funds. According to Demex’s post-incident analysis, the root cause of the exploit was a donation-based oracle manipulat…

Zunami Protocol

Thu, 15 May 2025 00:00:00 +0000

Zunami Protocol has reported a hack in which the collateral for zunUSD and zunETH was stolen, resulting in a loss of approximately $500,000. The attacker has transferred the stolen funds to Tornado Cash.

ZKsync

Tue, 13 May 2025 00:00:00 +0000

ZKsync Developers posted on X that the official X accounts of both ZKsync and Matter Labs have been compromised. Please do not interact with these accounts or click on any related links.

Sheffield United

Mon, 12 May 2025 00:00:00 +0000

The English football club @SheffieldUnited has confirmed that its official X account was hacked. The attacker posted a Solana token address.

MobiusDAO

Sun, 11 May 2025 00:00:00 +0000

Mobius Token on BSC is suspected to have been exploited, with estimated losses of $2.15 million.

Cointelegraph

Sat, 10 May 2025 00:00:00 +0000

Cointelegraph’s official X account was reportedly compromised and used to send phishing links to contributors on the platform. Crypto KOL @thedefiedge reported receiving a DM from the account, asking him to review an…

BitoPro

Thu, 08 May 2025 00:00:00 +0000

According to on-chain investigator ZachXBT, crypto exchange BitoPro was reportedly hacked on May 8, 2025, resulting in losses of approximately $11.5 million. The attacker drained assets from BitoPro’s hot wallets on T…

Curve Finance

Mon, 05 May 2025 00:00:00 +0000

Curve Finance’s official website and X account were compromised in quick succession. On May 5, attackers first took control of the project’s X account and used it to post a phishing message promoting a fake airdrop. T…

TRON DAO

Fri, 02 May 2025 00:00:00 +0000

TRON DAO stated on X that its account was compromised on May 2, 2025, at 9:25 AM PST. During the breach, an unauthorized party published a post containing contract address, sent private messages, and followed several…

Hyperliquid

Thu, 01 May 2025 00:00:00 +0000

Hyperliquid’s X account is suspected to have been compromised. Please do not trust any content it posts or click on any links, to avoid potential losses.

Aventa

Sun, 27 Apr 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, Aventa, which specializes in creating intuitive Web3 utilities for the crypto community, appears to have been attacked, resulting in a loss of approximatel…

LIFE Protocol

Sun, 27 Apr 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, LIFE Protocol has been attacked, resulting in a loss of over $51,000.

QuantMaster

Sun, 27 Apr 2025 00:00:00 +0000

A member of the crypto community previously revealed that “a smart contract of a certain Web3 project was suspected to have been implanted with malicious code by an employee,” leading to losses of several hundred thou…

Grafana

Sat, 26 Apr 2025 00:00:00 +0000

The open-source data visualization tool Grafana has responded to a recent attack, stating that the attacker forked a Grafana repository, executed a curl command to inject malicious code, and exported environment varia…

Impermax

Sat, 26 Apr 2025 00:00:00 +0000

Impermax was attacked on the Base network. In a tweet, Impermax stated that someone launched a flash loan attack and drained its V3 liquidity pools. The team is currently investigating and advises users not to interac…

Loopscale

Sat, 26 Apr 2025 00:00:00 +0000

A modular DeFi lending market built on Solana, Loopscale, has suffered an attack. The root cause of the exploit has been identified as an isolated issue with Loopscale’s pricing of RateX-based collateral. The incident…

Term Labs

Sat, 26 Apr 2025 00:00:00 +0000

On April 26, 2025, lending protocol Term Labs introduced an internal inconsistency in decimal precision during an update to the tETH oracle, resulting in incorrect pricing of the tETH asset within the protocol. This m…

ACB

Thu, 24 Apr 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, ACB appears to have been attacked on BSC, resulting in a loss of approximately $22,000.

NUMA.

Fri, 18 Apr 2025 00:00:00 +0000

NUMA was attacked on the Arbitrum chain, resulting in a loss of approximately $530,000. The attacker swapped all assets to ETH, bridged them to Ethereum mainnet, and deposited the funds into Tornado Cash.

DIN

Wed, 16 Apr 2025 00:00:00 +0000

The official X account of AI blockchain project DIN (@din_lol_) has been compromised by a hacker. Current posts from the account are not from the official team, and users are advised not to click any links or engage w…

R0AR

Wed, 16 Apr 2025 00:00:00 +0000

R0AR has been exploited, with total losses amounting to approximately $780K. According to analysis by the SlowMist security team, the root cause of the exploit was the presence of a backdoor in the contract. During de…

KiloEx

Tue, 15 Apr 2025 00:00:00 +0000

The decentralized perpetual futures exchange KiloEx was attacked, involving assets across multiple chains including BNB and Base. According to an analysis by the SlowMist Security Team, the root cause of the incident…

Aergo

Mon, 14 Apr 2025 00:00:00 +0000

The official website of hybrid blockchain project Aergo is temporarily unavailable due to a DDoS attack. The technical team is actively working on the issue and aims to restore access as soon as possible. Aergo remind…

ZKsync

Sun, 13 Apr 2025 00:00:00 +0000

The ZKsync security team discovered that an admin account had been compromised, giving the hacker control of approximately $5 million worth of ZK tokens — the remaining unclaimed tokens from the ZKsync airdrop. The ZK…

Jake Gallen

Fri, 11 Apr 2025 00:00:00 +0000

Jake Gallen, CEO of digital asset trading platform Emblem Vault, was hacked after a suspicious Zoom video call, resulting in the loss of over $100,000 worth of Bitcoin and Ethereum. The attacker posed as a YouTube con…

MEV Bot

Tue, 08 Apr 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, a MEV bot (address: 0x49e27d11379f5208cbb2a4963b903fd65c95de09) has lost approximately 116.7 ETH due to a lack of access control.

Next Earth

Tue, 08 Apr 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, the NFT project Next Earth has suffered a reentrancy attack on Polygon.

UPCX

Tue, 01 Apr 2025 00:00:00 +0000

According to an announcement from blockchain payment platform UPCX, unauthorized activity was detected in its management accounts. As a precaution, the platform has urgently suspended UPC deposits and withdrawals. The…

Zapper

Tue, 01 Apr 2025 00:00:00 +0000

According to an official announcement from DeFi asset management protocol Zapper, its .fi domain was hijacked via social engineering. The current zapper(.fi) page is malicious and should be avoided — users are strongl…

SIR.trading

Sun, 30 Mar 2025 00:00:00 +0000

According to the SlowMist MistEye security monitoring system, the leveraged trading project SIR.trading (@leveragesir) on the Ethereum chain has been attacked, resulting in a loss of over $300,000 in assets. The root…

Min Token (MIN)

Fri, 28 Mar 2025 00:00:00 +0000

According to monitoring by SlowMist’s security team, Min Token (MIN) is suspected to have been attacked on BSC, resulting in a loss of approximately $21,400.

Abracadabra

Tue, 25 Mar 2025 00:00:00 +0000

An attacker using a flash loan attack stole $13 million in the Magic Internet Money token from the Abracadabra Money project. The attack was enabled by a bug in the platform’s smart contracts, and the hacker ultimatel…

Watcher.Guru

Fri, 21 Mar 2025 00:00:00 +0000

The media platform Watcher.Guru, which focuses on cryptocurrency and financial market news, posted on X that its account was hacked today. Watcher.Guru is still investigating the specific method of the breach and has…

Zoth

Fri, 21 Mar 2025 00:00:00 +0000

RWA restaking platform Zoth suffered a $8.29 million hack after an attacker gained access to admin privileges that allowed them to modify the platform’s smart contracts. The hacker “upgraded” the contract to a malicio…

Four.Meme

Tue, 18 Mar 2025 00:00:00 +0000

BNB-based memecoin launchpad Four.Meme was attacked. According to the SlowMist security team’s analysis, the attacker purchased a small amount of tokens before launch through the 0x7f79f6df function of Four.Meme, and…

Voltage Finance

Tue, 18 Mar 2025 00:00:00 +0000

On March 18, the Simple Staking pools of Voltage Finance, a DeFi platform built on the Fuse Network, suffered an unauthorized withdrawal, resulting in a total loss of $171,027.20 in USDCE and $151,085.87 in WETH.

Kaito AI

Sun, 16 Mar 2025 00:00:00 +0000

Kaito official representative Sandra (@sandraaleow) posted on X that Kaito AI founder Yu Hu and Kaito’s X account have been compromised. However, no KAITO wallets have been affected.

Berally

Fri, 14 Mar 2025 00:00:00 +0000

Berally, a platform for social trading using AI agents within the Berachain ecosystem, is suspected to have been hacked. The official statement reads: “Partial information of the deployer’s key was leaked, leading to…

1inch

Wed, 05 Mar 2025 00:00:00 +0000

An attacker exploited a smart contract belonging to the 1inch DEX aggregator, stealing $5 million in the USDC stablecoin and wETH. According to the platform, the vulnerability existed in “smart contracts using the obs…

Meow

Wed, 05 Mar 2025 00:00:00 +0000

Jupiter co-founder Meow’s X account was reportedly hacked and posted token CA-related content, which has now been deleted. Users are advised to stay vigilant.

Pond.fun

Wed, 05 Mar 2025 00:00:00 +0000

According to Pond.fun’s official disclosure, the Linea-based meme coin launchpad Pond.fun was hacked this morning. Initial on-chain and off-chain evidence suggests that Pond.fun’s lead software engineer was behind the…

Zoth

Sat, 01 Mar 2025 00:00:00 +0000

Zoth, a restaking platform for “real world assets” (or RWAs), was hacked for around $ 285,000 when an exploiter discovered a bug in the platform’s collateral calculations.

Wemix

Fri, 28 Feb 2025 00:00:00 +0000

According to Yonhap News Agency, Kim Seok-hwan, a representative of Wemix Foundation, a blockchain subsidiary of Wemade, admitted at an emergency meeting that they lost approximately 8.65 million WEMIX tokens (worth a…

Pumpfun

Thu, 27 Feb 2025 00:00:00 +0000

Pumpfun’s X account has been hacked, and the attacker is using it to promote fake tokens.

Suji Yan

Wed, 26 Feb 2025 00:00:00 +0000

Suji Yan, the founder of the Mask Network, suffered the loss of more than $4 million in various cryptocurrency assets to an apparent wallet hack.

Infini

Mon, 24 Feb 2025 00:00:00 +0000

The crypto-focused stablecoin neobank Infini was attacked, with the attacker gaining access to a wallet with admin rights and stealing nearly $50 million from the company.

Bybit

Fri, 21 Feb 2025 00:00:00 +0000

Safe multisig UI manipulated via malware, Lazarus Group attributed

Cardex

Tue, 18 Feb 2025 00:00:00 +0000

On February 18, 2025, Abstract discovered a security incident involving the Cardex app within The Portal, affecting approximately 9,000 wallets with a total loss of around $400,000 in ETH. A leaked key in Cardex’s fro…

Shaw

Sun, 16 Feb 2025 00:00:00 +0000

According to community reports, the X account of ai16z founder Shaw has allegedly been compromised by hackers. Users are advised to exercise caution and avoid interacting with suspicious links.

LIBRA

Sat, 15 Feb 2025 00:00:00 +0000

Argentine President Javier Milei promoted a cryptocurrency called $LIBRA on social media. Following his endorsement, the token’s price surged rapidly but later suffered a severe crash.

zkLend

Wed, 12 Feb 2025 00:00:00 +0000

The leading lending platform on the Starknet chain, zkLend, has suffered an attack. The core reason for this breach lies in the fact that the value of the accumulator in an empty market can be manipulated and amplifie…

Four.Meme

Tue, 11 Feb 2025 00:00:00 +0000

The memecoin platform Four.Meme was attacked. According to an analysis by the SlowMist security team, the attacker was able to execute a frontrunning attack by pre-creating a liquidity pool on PancakeSwap v3 with an e…

Cashverse

Sat, 08 Feb 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, Cashverse appears to have been attacked on BSC.

BankX

Fri, 07 Feb 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, BankX appears to have been attacked on BSC, ETH, and Optimism.

Jupiter

Thu, 06 Feb 2025 00:00:00 +0000

JupiterDAO confirmed on X that the official Jupiter X account (@JupiterExchange) has been compromised. Users are advised not to click on any links or copy-paste any contract addresses.

Mohammed Dewji MO

Thu, 06 Feb 2025 00:00:00 +0000

The X account of Tanzanian businessman and entrepreneur Mohammed Dewji MO (@moodewji) was compromised. The hacker falsely announced the launch of a TANZANIA token and sold it to investors.

Dr Mahathir Mohamad

Wed, 05 Feb 2025 00:00:00 +0000

According to a post by SlowMist founder Cos on X, the X account of former Malaysian Prime Minister Dr Mahathir Mohamad (@chedetofficial) was compromised and used to promote a fake token. The creator of the associated…

Ionic

Tue, 04 Feb 2025 00:00:00 +0000

On February 4, 2025, the Ionic protocol suffered a social engineering attack, allowing the attacker to use a forged Lombard Bitcoin Token (LBTC) as collateral. This asset was deployed on the Mode network. The attacker…

The Tor Project

Fri, 31 Jan 2025 00:00:00 +0000

The Tor Project X account has been compromised. The hacker is using the account to promote a fake token. Users should stay vigilant.

TIME

Fri, 31 Jan 2025 00:00:00 +0000

The official TIME Magazine X account was allegedly compromised and posted about the TIME token.

Dean Norris

Sun, 26 Jan 2025 00:00:00 +0000

According to DL News, Dean Norris, the actor who played Hank Schrader in Breaking Bad, became the target of a hack on the X platform for the second time in six months. The attack started with a tweet from Norris’ acco…

AdsPower

Fri, 24 Jan 2025 00:00:00 +0000

The AdsPower security team discovered a breach in which hackers distributed malicious code, resulting in the compromise of some third-party browser extensions.

Jair Messias Bolsonaro

Fri, 24 Jan 2025 00:00:00 +0000

The X account of former Brazilian President Jair Messias Bolsonaro was hacked and used to promote the token. The original post has since been deleted.

ODOS

Fri, 24 Jan 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, due to a lack of input validation in @odosprotocol, the vulnerability has been exploited across multiple chains, resulting in approximately $100,000 in losses. OD…

Nasdaq

Thu, 23 Jan 2025 00:00:00 +0000

According to The Block, Nasdaq’s official X account was hacked, and the attackers used it to promote fraudulent meme coins.

Phemex

Thu, 23 Jan 2025 00:00:00 +0000

The Singapore-based Phemex cryptocurrency exchange’s hot wallets were hacked, resulting in a loss of approximately $70 million.

AST

Wed, 22 Jan 2025 00:00:00 +0000

According to monitoring by the SlowMist security team, AST was allegedly attacked on BSC.

Dan Finlay

Tue, 21 Jan 2025 00:00:00 +0000

MetaMask posted on X: “This morning, our co-founder Dan Finlay’s Farcaster account was compromised and used to promote a memecoin. We are in touch with the Farcaster team to help investigate the incident."

Stability AI

Thu, 16 Jan 2025 00:00:00 +0000

Stability AI’s official X account posted information related to the STAI token contract, which appears to have been compromised. Be cautious to avoid falling victim to a scam.

ZKsync Ignite

Thu, 16 Jan 2025 00:00:00 +0000

The ZKsync team tweeted that the @ZKsyncIgnite account has been compromised. Do not interact with the account or click any links. Wait for the @zksync account to confirm when the account has been reclaimed.

CAT Protocol

Wed, 15 Jan 2025 00:00:00 +0000

The CAT Protocol within the Bitcoin ecosystem posted on Platform X, stating that they recently detected and mitigated an attempted attack on the CAT Protocol, confirming that no user funds were lost. On January 18, CA…

DAWN

Wed, 15 Jan 2025 00:00:00 +0000

According to Scam Sniffer’s monitoring, the X account of the decentralized autonomous wireless network project DAWN was compromised and used to post phishing tweets.

The Idols

Tue, 14 Jan 2025 00:00:00 +0000

The attacker exploited a vulnerability in The Idols project’s smart contract to steal 97 stETH (approximately $324,000) from the project.

Moonray

Mon, 13 Jan 2025 00:00:00 +0000

Moonray’s Discord was Compromised, and the attackers posted fraudulent airdrop messages. Users are advised to stay cautious and aware of potential risks.

Mosca

Mon, 13 Jan 2025 00:00:00 +0000

Mosca appears to have suffered another attack on BSC, resulting in losses of approximately $37,600.

UniLend

Mon, 13 Jan 2025 00:00:00 +0000

On January 13, 2025, the SlowMist MistEye security monitoring system detected an attack on UniLend, resulting in a loss of ~$197K.

BUIDL

Sun, 12 Jan 2025 00:00:00 +0000

BUIDL was suspected to have been attacked on BSC, resulting in an approximate loss of $8K.

Foresight Ventures

Sun, 12 Jan 2025 00:00:00 +0000

According to Foresight News, the Foresight Ventures X account was hacked and is currently in the process of being recovered. Please do not click or trust any links or token information posted by this account.

Litecoin

Sun, 12 Jan 2025 00:00:00 +0000

Litecoin posted on X, stating that their X account was briefly compromised and some unauthorized content was published. These posts were deleted within seconds. They are still investigating the incident but have immed…

Ryan Zarick

Sun, 12 Jan 2025 00:00:00 +0000

The X account of Ryan Zarick, co-founder and CTO of LayerZero Labs, was briefly compromised and used to post a fraudulent airdrop claim along with a phishing link.

Aizel Network

Sat, 11 Jan 2025 00:00:00 +0000

The official X account of the blockchain AI project Aizel Network was hacked at noon on January 11 and is currently in the process of being recovered. The official reminder to users is to be cautious of the content po…

SuperVerse

Sat, 11 Jan 2025 00:00:00 +0000

The SuperVerse X account was compromised and used to post a fraudulent airdrop claim containing a phishing link.

Alien Base

Fri, 10 Jan 2025 00:00:00 +0000

Multiple attack transactions targeting the Alien Base BunniHub contract resulted in a loss of approximately $38,000.

FortuneWheel

Fri, 10 Jan 2025 00:00:00 +0000

FortuneWheel was suspected to have been attacked on BSC, resulting in an approximate loss of $21.6K.

Holoworld AI

Fri, 10 Jan 2025 00:00:00 +0000

tong, the founder of Holoworld AI, posted on X stating that the Holoworld AI X account has been hacked. Please do not click on any links.

HORS

Wed, 08 Jan 2025 00:00:00 +0000

HORS was suspected to have been attacked on BSC, resulting in an approximate loss of $10.3K.

Moby

Wed, 08 Jan 2025 00:00:00 +0000

According to Moby Post-Mortem Report, on January 8, an attacker took control of the Private Key used to authorize upgrades to Moby’s core contracts, compromising the protocol. This led to the exposure of 3.77 wBTC, 20…

Orange Finance

Wed, 08 Jan 2025 00:00:00 +0000

The Arbitrum-based liquidity management project Orange Finance suffered a $830,000 asset theft due to a misconfigured multi-sig. The attacker gained ownership of each vault, modified their implementations, and withdre…

Virtuals Protocol

Wed, 08 Jan 2025 00:00:00 +0000

Virtuals Protocol announced on X that their official Discord server has been compromised. They advised users not to click on any posts or private messages from administrators until further notice.

IPC

Tue, 07 Jan 2025 00:00:00 +0000

IPC was suspected to have been attacked on BSC, resulting in an approximate loss of $590K.

Mosca

Mon, 06 Jan 2025 00:00:00 +0000

Mosca was reportedly attacked on BSC, resulting in an approximate loss of $19,500.

Solv Protocol

Sun, 05 Jan 2025 00:00:00 +0000

The official X account of Solv Protocol has been compromised. Users are advised not to click on any suspicious links.

Babylon

Sat, 04 Jan 2025 00:00:00 +0000

The official X account of the Babylon was compromised, and the hacker used it to post tweets containing phishing links.

Sorra

Sat, 04 Jan 2025 00:00:00 +0000

Sorra was suspected to have been attacked on ETH, resulting in an approximate loss of $43K.

0xScope

Fri, 03 Jan 2025 00:00:00 +0000

lmk.fun (formerly Scopescan) issued an alert on the X platform, warning that the X account of the Web3 knowledge graph protocol 0xScope (@ScopeProtocol) has been hacked. Users are advised not to click on any links or…

Centrifuge

Fri, 03 Jan 2025 00:00:00 +0000

The official X account of the RWA lending protocol Centrifuge was compromised, and fake information was posted.

LAURA

Wed, 01 Jan 2025 00:00:00 +0000

LAURA was suspected to have been attacked on ETH, resulting in an approximate loss of $48.2K.

NoOnes

Wed, 01 Jan 2025 00:00:00 +0000

The peer-to-peer cryptocurrency trading platform NoOnes suffered a major security breach earlier this month. CEO Ray Youssef explained that the breach occurred on January 1st due to an exploit involving their Solana b…

Superchain Eco

Tue, 31 Dec 2024 00:00:00 +0000

According to monitoring by Scam Sniffer, the X account of Superchain Eco (@SuperchainEco) was compromised and used to post phishing links.

FEG

Sun, 29 Dec 2024 00:00:00 +0000

The FEG project suffered an attack resulting in a loss of approximately $1 million. Analysis suggests that the root cause of the incident appears to be a composability issue arising from the integration with the under…

Standing on Bizness (BIZNESS)

Sat, 28 Dec 2024 00:00:00 +0000

Standing on Bizness (BIZNESS) appears to have been subjected to a reentrancy attack on Base, resulting in an estimated loss of $15,700.

Yat Siu

Thu, 26 Dec 2024 00:00:00 +0000

Animoca Brands tweeted that @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please…

Moonhacker

Mon, 23 Dec 2024 00:00:00 +0000

The Moonhacker contract suffered a flash loan attack, resulting in a loss of approximately $320,000.

Vivek Ramaswamy

Fri, 20 Dec 2024 00:00:00 +0000

Regarding rumors about the collaboration between DOGE and USUAL, Azoria CEO James Fishback clarified that he had contacted DOGE’s head of department, Vivek Ramaswamy, whose account was compromised.

zkPass

Fri, 20 Dec 2024 00:00:00 +0000

According to Scam Sniffer’s monitoring, the privacy-preserving data verification protocol zkPass’s X account was compromised and used to post phishing tweets.

Slurpycoin

Thu, 19 Dec 2024 00:00:00 +0000

Slurpycoin on BSC suffered a flash loan attack. The attacker exploited the buyback mechanism to manipulate the token price and profited ~$3K from sandwich arbitrage.

Anthropic

Wed, 18 Dec 2024 00:00:00 +0000

The official X account of AI startup Anthropic, backed by Amazon, appears to have been compromised, posting an unknown token contract address related to AI Agents.

HarryPotterObamaSonic10Inu

Wed, 18 Dec 2024 00:00:00 +0000

A series of exploiting transactions on Ethereum targeting the liquidity pool of the HarryPotterObamaSonic10Inu 2.0 token. The attacker profited approximately $243K and deposited the funds into Tornado.

GemPad

Tue, 17 Dec 2024 00:00:00 +0000

The lock contract of the DeFi platform GemPad was exploited on the BSC, ETH, Base, and Polygon networks, resulting in a loss of approximately $2 million.

BTC24H (BTC24H)

Mon, 16 Dec 2024 00:00:00 +0000

BTC24H (BTC24H) is suspected to have been attacked on Polygon, with an estimated loss of $85,700.

Decentralized Finance (DCF)

Sun, 15 Dec 2024 00:00:00 +0000

Decentralized Finance (DCF) was attacked on the BSC chain, resulting in a loss of approximately $8,800.

Drake

Sun, 15 Dec 2024 00:00:00 +0000

Canadian rapper Drake’s X account (with over 39 million followers) was allegedly compromised on Saturday evening, promoting a Solana meme coin based on his cartoon “alter ego” character. The coin’s trading volume reac…

JHY (JHY)

Sat, 14 Dec 2024 00:00:00 +0000

A suspicious attack involving JHY (JHY) occurred on the BSC chain, resulting in a loss of approximately $11,200.

bnbs (bnbs)

Thu, 12 Dec 2024 00:00:00 +0000

A suspicious reentrancy attack involving bnbs (bnbs) occurred on the BSC chain, resulting in a loss of approximately $20,300.

Clober

Tue, 10 Dec 2024 00:00:00 +0000

Clober DEX liquidity vault on Base Network was exploited resulting in a loss of 133.7 ETH (~$501k). The root cause of the attack was a reentrancy vulnerability in the _burn() function of the Rebalancer contract.

Haven Protocol

Tue, 10 Dec 2024 00:00:00 +0000

The algorithmic stablecoin protocol Haven Protocol has issued a warning about a hack exploiting a vulnerability in “range proof validation.” This flaw allows attackers to mint illicit XHV undetected. According to repo…

LABUBU (LABUBU)

Tue, 10 Dec 2024 00:00:00 +0000

A suspicious attack involving LABUBU (LABUBU) occurred on the BSC chain, resulting in a loss of approximately $11,900.

Cardano Foundation

Sun, 08 Dec 2024 00:00:00 +0000

The Cardano Community posted on X, stating that the Cardano Foundation’s X account has been compromised. They are currently addressing the issue and advised users to temporarily ignore all posts from the account.

MAAT

Sat, 07 Dec 2024 00:00:00 +0000

The Omnichain meta-yield aggregator MAAT tweeted that a security breach in the MAAT alpha version, resulting in unauthorized withdrawals of $240,000 USDT.

Arata

Fri, 06 Dec 2024 00:00:00 +0000

Arata tweeted that the Arata ecosystem and CEX wallet have been exploited. The hacker managed to sell a significant portion of the tokens.

Vestra DAO

Wed, 04 Dec 2024 00:00:00 +0000

Vestra DAO tweeted that a hacker exploited a vulnerability in the locked staking contract, manipulating the reward mechanism to claim rewards exceeding their entitlement. As a result, a total of 73,720,000 VSTR tokens…

RunWay (BYC)

Tue, 03 Dec 2024 00:00:00 +0000

According to the SlowMist security team’s monitoring, RunWay (BYC) appears to have been attacked on BSC, resulting in a loss of approximately $100K.

Brett

Mon, 02 Dec 2024 00:00:00 +0000

According to community feedback, the official X account of the Meme token Brett on the Base chain has reportedly been compromised and used to post false information. Please stay vigilant against related risks.

DeBox

Mon, 02 Dec 2024 00:00:00 +0000

DeBox officially announced that due to the leakage of the private key of an operational account’s personal EOA wallet, 31.03 ETH and 4.879 million BOX tokens were stolen.

GAGAW (GAGAW)

Mon, 02 Dec 2024 00:00:00 +0000

The GAGAW (GAGAW) on BSC is suspected to have been attacked, resulting in a loss of approximately $70K.

Clipper DEX

Sun, 01 Dec 2024 00:00:00 +0000

According to Clipper’s post-mortem, on December 1, 2024, an attacker exploited a vulnerability in a smart contract used by Clipper, manipulating the single-asset deposit and withdrawal feature. This manipulation affec…

Spectral

Sun, 01 Dec 2024 00:00:00 +0000

Spectral tweeted that they received an alert about a vulnerability affecting certain tokens on the bonding curve contracts on Syntax, which was used to remove approximately $200K in liquidity.

XT Exchange

Thu, 28 Nov 2024 00:00:00 +0000

The cryptocurrency exchange XT has reportedly fallen victim to a hacking incident, resulting in the loss of approximately $1.7 million worth of crypto assets. The hacker has converted the funds into 461.58 ETH and dep…

DCF

Mon, 25 Nov 2024 00:00:00 +0000

On November 25, DCF on the BNB Chain was attacked, resulting in a loss of approximately $440,000. The root cause of the vulnerability was an error in the logic implemented by the project team in the transfer function…

Pump Science

Mon, 25 Nov 2024 00:00:00 +0000

The DeSci project Pump Science tweeted that the wallet T5j2UB…jjb8sc was exploited due to an oversight in their GitHub repository. The exploiter gained access to the keypair, which had been embedded in the source co…

Akashalife (AK1111)

Sun, 24 Nov 2024 00:00:00 +0000

The Akashalife (AK1111) on BSC was suspected to have been attacked, resulting in a loss of approximately $31.5K.

JRNY

Sat, 23 Nov 2024 00:00:00 +0000

On-chain investigator ZachXBT stated on his personal Telegram channel that the wallet associated with crypto KOL JRNY appears to have been compromised, with approximately $4 million worth of crypto assets transferred…

Matez (MATEZ)

Fri, 22 Nov 2024 00:00:00 +0000

The Matez (MATEZ) on BSC is suspected to have been attacked, resulting in a loss of at least $80K.

Sweepr Token (SWEEPR)

Fri, 22 Nov 2024 00:00:00 +0000

The Sweepr Token (SWEEPR) on ETH was suspected to have been attacked, resulting in a loss of approximately $14K.

BSCGem (BSCGem)

Wed, 20 Nov 2024 00:00:00 +0000

According to monitoring by the SlowMist Security Team, the BSCGem (BSCGem) on BSC is suspected to have been attacked, resulting in a loss of approximately $17.3K.

MFT (MFT)

Sun, 17 Nov 2024 00:00:00 +0000

The MFT (MFT) on BSC is suspected to have been attacked, resulting in a loss of approximately $33.7K.

Polter Finance

Sun, 17 Nov 2024 00:00:00 +0000

The lending project Polter Finance on Fantom lost ~$12 million due to an oracle price-related flash loan attack on its newly launched SpookySwap (BOO) market.

DEXX

Sat, 16 Nov 2024 00:00:00 +0000

On-chain trading terminal stored private keys insecurely server-side

Giggle Academy

Sat, 16 Nov 2024 00:00:00 +0000

Binance co-founder CZ confirmed on X that the official X account of his educational project, Giggle Academy, has been hacked.

dogwifcoin (WIF)

Fri, 15 Nov 2024 00:00:00 +0000

The X account of the meme project dogwifcoin (WIF) is suspected to have been hacked, posting multiple token contract messages. Users are advised to stay vigilant.

GMGN

Fri, 15 Nov 2024 00:00:00 +0000

GMGN stated in the community, “The GMGN website has suffered a malicious attack, suspected to involve multiple methods, including common crawler attacks and flood attacks. The development team is currently working on…

Thala Labs

Fri, 15 Nov 2024 00:00:00 +0000

Farm contract vulnerability exploited, funds recovered via negotiation

vETH

Thu, 14 Nov 2024 00:00:00 +0000

The vETH token suffered an attack, resulting in approximately $450K in losses.

DeltaPrime

Mon, 11 Nov 2024 00:00:00 +0000

The DeltaPrime DeFi protocol, was attacked on Avalanche and Arbitrum, with an initial estimated loss of $4.75 million.

BGM

Sun, 10 Nov 2024 00:00:00 +0000

The BGM token on BSC was attacked, resulting in losses exceeding $450K, with the attacker profiting through price manipulation.

CoinPoker

Fri, 08 Nov 2024 00:00:00 +0000

On November 8, a hacker breached the CoinPoker’s hot wallet, resulting in the unauthorized draining of approximately $2M USD. The attack spanned across multiple blockchain networks, including BNB Chain, Ethereum, and…

MetaWin

Mon, 04 Nov 2024 00:00:00 +0000

According to on-chain detective ZachXBT, the cryptocurrency gambling platform MetaWin was reportedly attacked, resulting in the theft of over $4 million on the Ethereum and Solana blockchains.

Wiz Khalifa

Mon, 04 Nov 2024 00:00:00 +0000

According to on-chain investigator ZachXBT, American rapper Wiz Khalifa’s X account was hacked, posting fake announcements about a WIZ token. The hacker responsible is reportedly the same person who compromised Andy A…

Lottie Player

Thu, 31 Oct 2024 00:00:00 +0000

According to monitoring by Scam Sniffer, Lottie Player suffered a supply chain attack, impacting projects such as 1inch and Movement.

M2 Exchange

Thu, 31 Oct 2024 00:00:00 +0000

UAE-based exchange lost funds on BTC, ETH, and Solana chains

SUNRAY FINANCE

Thu, 31 Oct 2024 00:00:00 +0000

SUNRAY FINANCE experienced a private key compromise, allowing the exploiter to gain control of the SUN and ARC tokens and sell them off, draining the funds from DEX pairs. So far, the attacker has stolen approximately…

Keystone

Wed, 30 Oct 2024 00:00:00 +0000

The official X account of the hardware wallet Keystone is suspected to have been hacked. Users are advised to remain vigilant and be cautious of potential risks.

Shoebill Finance

Wed, 30 Oct 2024 00:00:00 +0000

On Oct 31st, Collaterizable Leverage Lending Platform Shoebill Finance experienced a security incident affecting the BTC Market on the BOB chain. The incident stemmed from an unexpected interaction within the oracle c…

Andy Ayrey

Tue, 29 Oct 2024 00:00:00 +0000

Andy Ayrey, founder of the AI bot project Truth Terminal, announced the launch of a new token IB on X. It is suspected that his account may have been hacked.

Essence Finance

Sat, 26 Oct 2024 00:00:00 +0000

Scroll ecosystem stablecoin project Essence Finance is suspected of rugpulled, its stablecoin CHI has fallen by more than 92% to $0.077 in the past 24h, more than $20 million of collateral is suspected to have been re…

Aark Digital

Fri, 25 Oct 2024 00:00:00 +0000

During a routine GM token burn, Aark Digital encountered a callback error due to a third-party contract modification. To resolve this, Aark Digital initiated a contract upgrade and GM delisting to adjust affected user…

U.S. Government-Controlled Wallet

Fri, 25 Oct 2024 00:00:00 +0000

According to a MistTrack tweet, a suspicious outflow was detected from a wallet controlled by the U.S. government (0xc9E…34c): nearly $20 million was transferred to 0x3486ee700ccaf3e2f9c5ec9730a2e916a4740a9f, includ…

Unverified Contracts

Fri, 25 Oct 2024 00:00:00 +0000

Base chain detected a price manipulation attack targeting unverified lending contracts, where the attacker gained around $1 million in tokens through excessive borrowing.

Cryptobottle

Thu, 24 Oct 2024 00:00:00 +0000

In October 2024, Cryptobottle on Polygon suffered three separate attacks, with total losses amounting to approximately $527,000. The attack on October 24 was the largest of the three, where the attacker exploited a cr…

Ramses Exchange

Thu, 24 Oct 2024 00:00:00 +0000

The contract of Ramses Exchange on Arbitrum was attacked, resulting in a loss of approximately $93,000.

SHARPEI

Wed, 23 Oct 2024 00:00:00 +0000

A dog-themed memecoin project called SHARPEI abruptly cashed out $3.4 million, tanking the token price by more than 96% in seconds. The project had been promoted by crypto influencers, but hit a snag when a pitch deck…

MuratiAI

Mon, 21 Oct 2024 00:00:00 +0000

The X account of MuratiAI (@MuratiAI), an AI network and bot platform centered around anime, is suspected to have been hacked, with phishing links being posted. Until further notice, please refrain from clicking any l…

Transak

Mon, 21 Oct 2024 00:00:00 +0000

According to on-chain investigator ZachXBT, the crypto payment service provider Transak recently fell victim to a ransomware attack. Transak reported that the incident occurred when an attacker accessed an employee’s…

Ambient Finance

Sat, 19 Oct 2024 00:00:00 +0000

Scroll-based DEX protocol Ambient Finance announced on X platform that their domain has been hijacked. Until further notice, please do not interact with the Ambient Finance frontend.

Eigenlayer

Fri, 18 Oct 2024 00:00:00 +0000

The official X account of Eigenlayer, the Ethereum re-staking protocol, is suspected to have been hacked. The hacker has posted a fake phishing link; please do not interact with it.

IBXtrade

Fri, 18 Oct 2024 00:00:00 +0000

DeFi analyst Anon Vee posted on X that several users have reported that the Orderly Network ecosystem project IBXtrade is suspected of a rug pull. It is reported that IBXtrade launched a pre-sale three days ago with a…

Tapioca DAO

Fri, 18 Oct 2024 00:00:00 +0000

Tapioca DAO experienced a significant security breach, with attackers obtaining relevant private keys through social engineering attacks and stealing approximately $4.7 million in cryptocurrency. On October 25, Tapioc…

Kabosumama

Thu, 17 Oct 2024 00:00:00 +0000

According to AggrNews, the Instagram account of Kabosumama, the owner of the Shiba Inu Kabosu, the inspiration behind the popular DOG project “Doge” meme, has been hacked. Kabosumama previously posted on her blog, sta…

Lagrange

Thu, 17 Oct 2024 00:00:00 +0000

ZK startup Lagrange’s X account has been allegedly compromised, and a scam link related to the LGR token has been posted. Please stay vigilant and be cautious of potential risks.

Radiant Capital

Wed, 16 Oct 2024 00:00:00 +0000

Multisig signers compromised via malware-infected PDF, DPRK attributed

Zulu Network

Mon, 14 Oct 2024 00:00:00 +0000

The official X account of Bitcoin L2 Zulu Network appears to have been compromised. The hacker has posted a fake phishing link. Please avoid interacting with it.

KOR Protocol

Sat, 12 Oct 2024 00:00:00 +0000

The official X account of the decentralized intellectual property (IP) platform KOR Protocol appears to have been compromised. The hacker has posted a fake phishing link. Please avoid interacting with it.

Ordinals Wallet

Fri, 11 Oct 2024 00:00:00 +0000

According to monitoring by Scam Sniffer, the X account of Ordinals Wallet was hacked, and a phishing link was posted. Upon review, the related post has already been deleted.

SPX6900

Fri, 11 Oct 2024 00:00:00 +0000

According to meme coin KOL Murad (@MustStopMurad), the official X account of SPX6900 (SPX) has been hacked. Users are advised not to click any links.

HYDT

Thu, 10 Oct 2024 00:00:00 +0000

A suspicious attack involving HYDT tokens has occurred on BSC, resulting in a loss of approximately $58,000.

Spot On Chain

Sun, 06 Oct 2024 00:00:00 +0000

The X account of the crypto data tracking service Spot On Chain has reportedly been compromised. It was said to have posted a fake EIGEN airdrop phishing link this morning, while also disabling the comment section for…

EigenLayer Investor

Sat, 05 Oct 2024 00:00:00 +0000

EigenLayer disclosed on X that in an isolated incident this morning, an email thread involving one investor’s transfer of tokens into custody was compromised by a malicious attacker. As a result, 1,673,645 EIGEN token…

LEGO Group

Sat, 05 Oct 2024 00:00:00 +0000

According to a report by Cointelegraph, the homepage of toy manufacturer LEGO Group was hacked on October 5th local time, briefly displaying a “LEGO Coin” token scam. The fraudulent token was present on the LEGO Group…

Symbiotic

Sat, 05 Oct 2024 00:00:00 +0000

The official X account of the staking protocol Symbiotic has been suspected of being hacked. The hacker has already posted a fake phishing link. Please do not interact with it.

Fire (FIRE)

Tue, 01 Oct 2024 00:00:00 +0000

The Fire ($FIRE) token on Ethereum was exploited just 24 seconds after its launch, resulting in the theft of 9 ETH (approximately $24,000). The root cause was related to the token burn mechanism within the transfer()…

Bedrock

Fri, 27 Sep 2024 00:00:00 +0000

The multi-chain liquidity re-staking protocol Bedrock announced on social media that the team is aware of a security vulnerability involving uniBTC, with the total estimated loss from the theft around $2 million. Acco…

Onyx

Thu, 26 Sep 2024 00:00:00 +0000

Onyx protocol suffered a security breach, resulting in a loss of over $3.8 million. The attacker exploited a known precision issue in the Compound V2 code. Additionally, the NFTLiquidation contract failed to properly…

ReHold

Thu, 26 Sep 2024 00:00:00 +0000

ReHold CTO Michael Semin disclosed on the X platform that on July 15, 2024, ReHold’s CEO and co-founder, Renat Gafarov, withdrew over $700,000 from the company’s smart contract without his approval. ReHold has since m…

Truflation

Thu, 26 Sep 2024 00:00:00 +0000

According to on-chain sleuth ZachXBT, the project Truflation was hacked a few hours ago for $5M+ on multiple chains from the treasury multisig and personal wallets.

ether.fi

Tue, 24 Sep 2024 00:00:00 +0000

On September 24, ether.fi experienced a security incident involving its domain registrar, Gandi.net, resulting in the compromise of the ether[.]fi domain.

Bankroll Network

Sun, 22 Sep 2024 00:00:00 +0000

On September 22, Bankroll Network on BNB was attacked due to a contract vulnerability, resulting in a loss of approximately $230,000.

Immutable

Sat, 21 Sep 2024 00:00:00 +0000

The Immutable Discord server was compromised. According to an official tweet from Immutable, a community support contractor’s Discord was compromised, leading to a phishing link being posted.

Shezmu

Sat, 21 Sep 2024 00:00:00 +0000

A crypto yield platform called Shezmu suffered a loss of around $4.9 million in $ShezUSD after an attacker exploited a flaw that allowed anyone to mint collateral, which they could then use to borrow ShezUSD. These to…

BingX

Fri, 20 Sep 2024 00:00:00 +0000

Hot wallet drained across ETH, BSC, Polygon chains

Compound

Fri, 20 Sep 2024 00:00:00 +0000

Compound community’s Discord server has been hacked. Please do not click on any links until the situation is resolved.

Masa

Fri, 20 Sep 2024 00:00:00 +0000

According to on-chain investigator ZachXBT on the X platform, the decentralized AI data network Masa suffered a hack on September 20, incurring losses exceeding six figures in USD. However, Masa did not disclose this…

Banana Gun

Thu, 19 Sep 2024 00:00:00 +0000

Telegram trading bot contract vulnerability allowed token theft

Decentraland

Thu, 19 Sep 2024 00:00:00 +0000

The official X account of the metaverse project Decentraland has been hacked. The hacker has posted a fake phishing link. Please avoid interacting with it.

DIN

Thu, 19 Sep 2024 00:00:00 +0000

The official X account of AI Modular Data Preprocessing Layer DIN was hacked, and a large number of phishing posts and links were sent.

Ethena Labs

Thu, 19 Sep 2024 00:00:00 +0000

Ethena Labs posted on X platform that their Ethena domain registrar account was recently compromised. They have taken measures to disable the website until further notice. The protocol is not affected, and funds are s…

DeltaPrime

Mon, 16 Sep 2024 00:00:00 +0000

DeFi project DeltaPrime has officially confirmed on platform X that a security incident occurred. DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M. This was due to a compromised private key.

BaseBros Fi

Fri, 13 Sep 2024 00:00:00 +0000

The yield-optimizing DeFi protocol BaseBros Fi has vanished after executing a rug pull via an unaudited smart contract.

OTSea

Fri, 13 Sep 2024 00:00:00 +0000

Peer-to-peer trading platform OTSea’s staking contract on Ethereum was exploited by an EOA, resulting in the theft of approximately $26,000.

Omnipus

Wed, 11 Sep 2024 00:00:00 +0000

Omnipus contracts were drained of approximately $30,000 during the OPUS token presale. The attack exploited a vulnerability in which the contracts mistakenly believed the attackers had sent too much ETH and refunded t…

Caterpillar Coin

Tue, 10 Sep 2024 00:00:00 +0000

Caterpillar Coin suffered a flashloan attack resulting in a loss of ~$1.4M and causing a 99% slippage on the token. The attack exploited vulnerabilities in the “price protection mechanisms”, which led to the manipulat…

Indodax

Tue, 10 Sep 2024 00:00:00 +0000

Indonesian exchange hot wallets drained across multiple networks

Jules Urbach

Sun, 08 Sep 2024 00:00:00 +0000

The Render Network posted on X, stating that the X account of its founder and CEO, Jules Urbach, was hacked and used to post fake airdrop information. Please do not click any links from the account, and carefully veri…

Fuel

Fri, 06 Sep 2024 00:00:00 +0000

The Ethereum modular execution layer Fuel posted on X, stating that their official Discord had been attacked. Users are advised not to click on any suspicious links or provide any personal information.

Jaylen Brown

Thu, 05 Sep 2024 00:00:00 +0000

NBA star Jaylen Brown’s X account was hacked, and a large amount of fake token information was posted. Users are advised to be cautious and avoid interacting with fraudulent contracts.

NEAR Protocol

Thu, 05 Sep 2024 00:00:00 +0000

NEAR’s official account posted on X, stating that the official X account of NEAR Protocol had been hijacked. The hacker posted a series of messages attacking the Crypto ecosystem.

ChainLink

Tue, 03 Sep 2024 00:00:00 +0000

The official ChainLink Discord has been hacked. Please do not click on any links until the situation is resolved.

Penpie

Tue, 03 Sep 2024 00:00:00 +0000

Reentrancy in reward claiming via malicious Pendle market registration

Pythia

Tue, 03 Sep 2024 00:00:00 +0000

The decentralized algorithmic stablecoin protocol Pythia was attacked due to a vulnerability in its staking contract, resulting in a loss of 21 ETH (approximately $53,000).

Sei

Tue, 03 Sep 2024 00:00:00 +0000

Sei’s official Discord has been suspected of being hacked. The hacker has posted a fake phishing link. Please do not interact with it.

Usual

Sat, 31 Aug 2024 00:00:00 +0000

The stablecoin protocol Usual posted on X to alert users that its official Discord server has been hacked. Please do not click on any links.

Powerledger

Fri, 30 Aug 2024 00:00:00 +0000

Australian blockchain energy technology company Powerledger posted on X that its Telegram channel has been hacked. They advise users not to engage with or share any information as they are currently working to resolve…

Witness Chain

Fri, 30 Aug 2024 00:00:00 +0000

The official Witness Chain Discord has been hacked. Please do not click on any links until the situation is resolved.

io.net

Thu, 29 Aug 2024 00:00:00 +0000

Ahmad Shadid, former CEO of the decentralized GPU network io.net, posted on X that the official io.net Discord has been hacked. He has informed the IO team and advised not to click on any shared links.

Kylian Mbappe

Thu, 29 Aug 2024 00:00:00 +0000

French football star Kylian Mbappe’s X account was hacked, and a token called MBAPPE was posted. The tweet has since been deleted. The MBAPPE token’s market value skyrocketed to tens of millions of dollars within minu…

Orderly Network

Thu, 29 Aug 2024 00:00:00 +0000

According to an official tweet from Web3 liquidity provider Orderly Network, their Discord server has been compromised. The official team advises users not to click on any links until the situation is fully resolved t…

1inch

Wed, 28 Aug 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, the official 1inch Discord appears to have been hacked, and phishing links have been posted. Please be cautious with your funds.

Aave

Wed, 28 Aug 2024 00:00:00 +0000

The DeFi lending platform Aave was attacked due to a contract vulnerability. The attack occurred in a smart contract outside of Aave’s core protocol, which is used to allow users to repay loans using existing collater…

Avalanche

Mon, 26 Aug 2024 00:00:00 +0000

According to an official tweet from Avalanche, their Discord server has been compromised. The official team advises users not to click on any links until the situation is fully resolved.

ZkSync

Mon, 26 Aug 2024 00:00:00 +0000

ZkSync’s official Discord has been compromised, and hackers have posted a malicious link promoting a fake “second round airdrop” plan, falsely promising users free ZK tokens.

Aquarius

Sat, 24 Aug 2024 00:00:00 +0000

The official X account of the crypto venture capital firm Aquarius was hacked. The attacker has already changed the username, associated email, and phone number. Additionally, the previous username has been taken over…

Artela

Sat, 24 Aug 2024 00:00:00 +0000

The parallel-execution EVM public chain Artela announced on the X platform that their official Discord was hacked today. The attacker took control of the Discord channel and spread fake airdrop messages. The team took…

Polygon

Sat, 24 Aug 2024 00:00:00 +0000

Mudit Gupta, the Chief Information Security Officer of Polygon, stated on the X platform that the Polygon Community Discord has been compromised. He advised users not to click on any links within the server as the tea…

HFLH

Fri, 23 Aug 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, the staking and lending protocol HFLH on BNB Chain has been attacked. Users are advised to stay vigilant.

McDonald

Wed, 21 Aug 2024 00:00:00 +0000

On-chain sleuth ZachXBT revealed that McDonald’s Instagram account was allegedly hacked and used to promote the meme token GRIMACE.

Parcl

Tue, 20 Aug 2024 00:00:00 +0000

The website frontend of Solana ecosystem real estate trading protocol Parcl has been hacked, extracting tokens from users’ Solana wallets and displaying fake transaction results in Phantom. Parcl’s official X account…

Luigi D'Onorio DeMeo

Mon, 19 Aug 2024 00:00:00 +0000

The X account of AvaLabs COO Luigi D’Onorio DeMeo appears to have been compromised. Please do NOT interact with any addresses or links it has posted.

Sahara AI

Mon, 19 Aug 2024 00:00:00 +0000

The decentralized AI blockchain platform Sahara AI announced on the X platform that their official Discord has been compromised. Users are advised not to click on any links or respond to any messages until further not…

Vow

Tue, 13 Aug 2024 00:00:00 +0000

Vow suffers an attack due to a contract vulnerability, resulting in a loss of approximately $1.2 million.

iVest DAO

Mon, 12 Aug 2024 00:00:00 +0000

iVest DAO was attacked due to a smart contract vulnerability, resulting in a loss of approximately $172,000.

RARI Foundation

Fri, 09 Aug 2024 00:00:00 +0000

The official Discord server of RARI Foundation has been hacked. Please refrain from using the server until the team has regained control.

Nexera

Wed, 07 Aug 2024 00:00:00 +0000

An external attacker gained access to credentials for managing Nexera Fundrs platform’s smart contracts. Using these credentials, the attacker transferred NXRA tokens from Fundrs’ staking contracts on Ethereum. Out of…

OMPx

Tue, 06 Aug 2024 00:00:00 +0000

OMPx was attacked, resulting in a loss of approximately $107,000. The attacker obtained initial funds through Railgun, and the stolen funds have already been deposited into Railgun.

Ronin

Tue, 06 Aug 2024 00:00:00 +0000

The Ronin Bridge project experienced unusual cross-chain asset withdrawals, suggesting a potential attack. According to the SlowMist security team, the vulnerability was caused by the modification of weight to an unex…

SATOSHI (SATS)

Sat, 03 Aug 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, SATOSHI (SATS) was attacked on Ethereum on August 3rd.

Starknet

Fri, 02 Aug 2024 00:00:00 +0000

According to an official tweet from Ethereum Layer 2 network Starknet, their Discord server has been compromised. The official team advises users not to click on any links until the situation is fully resolved.

Convergence Finance

Thu, 01 Aug 2024 00:00:00 +0000

Convergence Finance was attacked. 58M CVG have been minted and sold by the hacker for approximately $210,000 ( the whole portion of tokens dedicated to staking emissions); Approximately $2,000 of unclaimed rewards fro…

Terra

Wed, 31 Jul 2024 00:00:00 +0000

Terra blockchain experienced a security breach that led to the theft of tokens. The attackers exploited a known vulnerability related to the third-party module IBC hooks, stealing the value of cross-chain assets, incl…

Anzen Finance

Tue, 30 Jul 2024 00:00:00 +0000

Anzen Finance, the issuer of RWA stablecoins, announced on the X platform that on July 30, due to an error in the Blast vault contract, a white hat hacker exploited the vault to steal 500,000 USDz. The white hat retur…

Metis

Tue, 30 Jul 2024 00:00:00 +0000

The Ethereum Layer 2 network Metis issued a warning on Twitter stating that their Discord has been compromised. They advised users not to click on any “airdrop links” or any other links.

Casper Network

Fri, 26 Jul 2024 00:00:00 +0000

On July 26, 2024, Casper Network was attacked. Following the attack, Casper Network tweeted that they had worked with validators to pause the network in order to minimize the impact of the security vulnerability until…

SAT20 Labs

Fri, 26 Jul 2024 00:00:00 +0000

On July 26th, the official Twitter account of SAT20 Labs was hacked, and the attacker posted tweets containing links to install malware.

MonoSwap

Thu, 25 Jul 2024 00:00:00 +0000

Blast ecosystem DEX MonoSwap disclosed on Twitter that the platform has been hacked. Users are advised not to add liquidity or stake. If you have any staking positions, please withdraw them immediately to avoid financ…

Sorta Finance

Thu, 25 Jul 2024 00:00:00 +0000

According to on-chain detective ZachXBT, Sorta Finance is likely to conduct an exit scam on Arbitrum in the future, so do not use the protocol. This scammer has previously stolen over $25 million through scams such as…

TinTinLand

Thu, 25 Jul 2024 00:00:00 +0000

According to the SlowMist security team, the community TinTinLand’s pinned tweet on July 20 contained a phishing link. With the assistance of the SlowMist security team, TinTinLand promptly resolved the account theft…

DeltaPrime

Tue, 23 Jul 2024 00:00:00 +0000

On July 23, an attacker exploited a misconfiguration to gain access to $1 million from 13 different Prime accounts. This misconfiguration allowed the attacker to illegitimately transfer ownership of the Prime accounts…

dYdX

Tue, 23 Jul 2024 00:00:00 +0000

On July 23, the dydx.exchange domain was discovered to have been compromised. The attacker changed the DNS Nameservers from Cloudflare to DDoS-Guard. The attacker also successfully removed the DNSSEC settings on the d…

Fake Base Dawgz

Tue, 23 Jul 2024 00:00:00 +0000

The Fake Base Dawgz on Ethereum is suspected of a rug pull, resulting in a loss of over $113,000.

Spectra

Tue, 23 Jul 2024 00:00:00 +0000

DeFi protocol Spectra suffered an attack, resulting in a loss of approximately $550,000. Spectra has disabled the application and terminated the router contract to contain the situation, while the core protocol contra…

Kelp DAO

Mon, 22 Jul 2024 00:00:00 +0000

On July 22, 2024, Kelp’s DApp began displaying malicious wallet activity transactions aimed at draining funds. Kelp’s engineering team evaluated the situation and identified the root cause to be faulty nameservers rou…

Renzo

Mon, 22 Jul 2024 00:00:00 +0000

The liquidity restaking protocol Renzo tweeted that the Renzo Discord server has been compromised by malicious attackers. Please do not click on any links posted in the server.

ETHTrustFund

Sun, 21 Jul 2024 00:00:00 +0000

ETHTrustFund conducted a rugpull and stole approximately $2 million worth of cryptocurrencies on Base.

UPS

Sun, 21 Jul 2024 00:00:00 +0000

UPS on BNBChain was attacked again, losing about $521K. On April 8th, UPS was previously attacked on BNBChain, losing about $30K.

Arbitrum

Sat, 20 Jul 2024 00:00:00 +0000

The arbitrum.com website appears to have been hacked and is being redirected to the official website of the Meme project MOG. Please stay vigilant and ensure the safety of your assets.

Rho Markets

Fri, 19 Jul 2024 00:00:00 +0000

A misconfiguration in the Rho Markets lending protocol allowed an MEV bot operator to take $7.6 million from the project’s users across multiple chains. The MEV bot operator sent an on-chain message indicating their w…

WazirX

Thu, 18 Jul 2024 00:00:00 +0000

Safe multisig implementation swapped, Lazarus Group attributed

LI.FI

Tue, 16 Jul 2024 00:00:00 +0000

According to the monitoring by the SlowMist security team, the cross-chain bridge aggregation protocol LI.FI has experienced suspicious transactions, resulting in user losses of over $10 million. Please revoke approva…

MALOU (NEVER)

Tue, 16 Jul 2024 00:00:00 +0000

On BNB Chain, the MALOU (NEVER) token experienced over 99% slippage. The address 0xd7c358b8337d3116f5765060f48C1C71B9908B84 used a backdoor to sell NEVER tokens, obtaining 428 BNB (approximately $240,000), which were…

Minterest

Mon, 15 Jul 2024 00:00:00 +0000

According to Fuzzland co-founder Chaofan Shou, the cross-chain lending protocol Minterest was attacked. The attacker used a flash loan attack, resulting in a loss of approximately $1.4 million for the protocol.

Ethena

Sun, 14 Jul 2024 00:00:00 +0000

According to on-chain sleuth ZachXBT, the Ethena Discord server has been hacked. Do not click on any links for the time being.

Dough Finance

Fri, 12 Jul 2024 00:00:00 +0000

Dough Finance was attacked due to a contract vulnerability. Some unauthorized funds were extracted by hackers, resulting in a loss of approximately $2.1 million. Around 76 ETH (approximately $260,000) has been returne…

Unstoppable Domains

Fri, 12 Jul 2024 00:00:00 +0000

Web3 domain provider Unstoppable Domains stated on Twitter that Unstoppabledomains.com was attacked. Until further notice, please do not open any emails from @unstoppabledomains.com or use the website.

Compound

Thu, 11 Jul 2024 00:00:00 +0000

Compound DAO security advisor Michael Lewellen tweeted that the Compound Finance official website (http://compound.finance) has been compromised and is currently hosting a phishing site. Do not interact with the site…

OpSec

Thu, 11 Jul 2024 00:00:00 +0000

The OpSec staking contract was maliciously upgraded, allowing the attacker to withdraw and sell OPSEC tokens worth approximately 59 ETH (around $182,000).

Smart Bank Token (SBT)

Thu, 11 Jul 2024 00:00:00 +0000

The Smart Bank Token (SBT) contract on BNBChain was attacked, resulting in a loss of approximately $56,000.

Wasabi Wallet

Wed, 10 Jul 2024 00:00:00 +0000

According to a message posted by Wasabi Wallet on Twitter, users have reported that a coordinator named WasabiCoordinator is gradually stealing user funds through a complex attack. Wasabi Wallet advises all users conn…

Doja Cat

Mon, 08 Jul 2024 00:00:00 +0000

On July 8, rapper Doja Cat’s Twitter account was hacked to promote a memecoin. Doja Cat quickly posted on her Instagram account, stating that her Twitter account had been compromised.

Linking The World (LW)

Mon, 08 Jul 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, Linking The World (LW) was attacked on BNBChain due to a contract vulnerability, losing approximately $80,000.

Interlay

Sun, 07 Jul 2024 00:00:00 +0000

Polkadot issued a warning on Twitter, alerting users that the official Twitter account of Interlay, a cross-chain interoperability project, was compromised and used to post a scam message. Users are advised to be caut…

Authy

Fri, 05 Jul 2024 00:00:00 +0000

23pds, the CISO at SlowMist, tweeted that the 2FA service Authy has been hacked, resulting in the theft of the phone numbers of 33 million users. If you are an Authy user, please be vigilant against phishing attacks….

Bittensor

Tue, 02 Jul 2024 00:00:00 +0000

On July 2, 2024, the decentralized AI project Bittensor was attacked, resulting in some Bittensor wallet users being compromised. The hackers stole approximately 32,000 TAO tokens, valued at around $8 million. On-chai…

MintRisesPrices

Tue, 02 Jul 2024 00:00:00 +0000

MintRisesPrices on BNBChain suffered a reentrancy attack, resulting in a loss of approximately $59,000.

Sydney Sweeney

Tue, 02 Jul 2024 00:00:00 +0000

According to Cointelegraph, the Twitter account of American actress Sydney Sweeney was hacked, with now-deleted posts promoting a crypto token bearing her name in an apparent pump-and-dump scheme.

TRUMP (MAGA)

Tue, 02 Jul 2024 00:00:00 +0000

The Fake TRUMP (MAGA) on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Evolve Bank & Trust

Mon, 01 Jul 2024 00:00:00 +0000

On July 1, according to Protos, the crypto-friendly bank Evolve Bank & Trust recently admitted that despite discovering “unauthorized activity”—specifically, the theft of 33 TB of user data—a month ago, they only publ…

Particle Network

Mon, 01 Jul 2024 00:00:00 +0000

According to screenshots shared by X user @bmgentile, the modular chain abstraction Layer 1 project Particle Network issued an official apology statement. They stated that their account email was recently hacked and u…

BorpaToken

Sun, 30 Jun 2024 00:00:00 +0000

The cross-chain DeFi protocol Entangle announced on X that the official X account of the meme token project BorpaToken, developed by their team, has been compromised. Do not click on any links. The BorpaToken team is…

Cyber

Thu, 27 Jun 2024 00:00:00 +0000

According to Cyber’s official Twitter, the Discord server @BuildOnCyber of the decentralized social L2 Cyber (formerly CyberConnect) was compromised. A phishing link was posted in the announcements channel and all per…

APEMAGA

Wed, 26 Jun 2024 00:00:00 +0000

APEMAGA on Ethereum suspected to have been attacked, resulting in a loss of approximately $32,000.

Metallica

Tue, 25 Jun 2024 00:00:00 +0000

According to Decrypt, the social media account of the renowned heavy metal band Metallica were recently hacked. The hackers used these accounts to promote scam cryptocurrency tokens. Several celebrities were also impl…

DeFiance

Sun, 23 Jun 2024 00:00:00 +0000

Arthur (@Arthur_0x), the founder of DeFiance Capital, posted on X to warn that the official X account of DeFiance Capital has been compromised. Please avoid clicking on any links shared by the account.

Ethereum Foundation

Sun, 23 Jun 2024 00:00:00 +0000

According to the latest official blog post by the Ethereum Foundation, their email account was hacked, and phishing emails were sent to 35,794 recipients. The email falsely claimed that the Foundation was partnering w…

Sportsbet

Sun, 23 Jun 2024 00:00:00 +0000

According to monitoring by on-chain detective ZachXBT, the online gambling platform Sportsbet was also suspected to be attacked by the same hacker as BtcTurk, resulting in a loss of over $3.5 million.

50 Cent

Sat, 22 Jun 2024 00:00:00 +0000

The rapper 50 Cent has claimed that his Twitter account and website were hacked to promote a memecoin called GUNIT.

BtcTurk

Sat, 22 Jun 2024 00:00:00 +0000

The Turkish cryptocurrency exchange BtcTurk has acknowledged that they suffered a hack. The exchange halted deposits and withdrawals while investigating, and said they are working with law enforcement. Furthermore, th…

CoinStats

Sat, 22 Jun 2024 00:00:00 +0000

Cryptocurrency portfolio management company CoinStats temporarily suspended user activities after 1,590 crypto wallets were affected by a security incident. CoinStats stated, “The attack has been mitigated, and we hav…

Fake CGPT

Fri, 21 Jun 2024 00:00:00 +0000

The Fake CGPT on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Dyson

Mon, 17 Jun 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, Dyson on BNBChain was attacked, resulting in a loss of approximately $31,000.

WIFCOIN_ETH

Mon, 17 Jun 2024 00:00:00 +0000

The meme coin WIFCOIN_ETH was suspected to be attacked, with a loss of ~$16K.

AutoChain Global

Fri, 14 Jun 2024 00:00:00 +0000

AutoChain Global’s contract on BNBChain was suspected to be attacked, with a loss of approximately $113,000.

Holograph

Fri, 14 Jun 2024 00:00:00 +0000

The Omnichain NFT protocol Holograph protocol was exploited, resulting in a loss of approximately $14.4 million. According to the team, a former contractor exploited an infinite mint vulnerability in their smart contr…

nftperp

Fri, 14 Jun 2024 00:00:00 +0000

On June 14, NFT perpetual contract trading platform nftperp announced on Twitter that a critical bug had been found in the clearingHouse contract. All vulnerable contracts have been suspended until further notice. On…

UwU Lend

Thu, 13 Jun 2024 00:00:00 +0000

After the attack on June 10, UwU Lend was exploited again by the same attacker, resulting in a loss of $3.72 million. The attacker held a significant amount of USDE tokens obtained from the first attack, which allowed…

JokInTheBoxETH

Mon, 10 Jun 2024 00:00:00 +0000

MEV Bot JokInTheBoxETH was attacked, lost ~$34K. The root cause of the exploit was poorly implemented unstake function fo the staking contract. Since the unstake function does not check the state of the variable “unst…

UwU Lend

Mon, 10 Jun 2024 00:00:00 +0000

On June 10, 2024, according to the security monitoring system MistEye by SlowMist, the digital asset lending platform UwU Lend on the EVM chain was attacked, resulting in a loss of approximately $19.3 million. The att…

YOLO Games

Mon, 10 Jun 2024 00:00:00 +0000

$1.5 million was stolen from the liquidity pool on the Blast network’s gaming platform YOLO Games. The root cause was the lack of permission checks in the “exitPool” function, allowing anyone to impersonate liquidity…

Loopring

Sun, 09 Jun 2024 00:00:00 +0000

Ethereum Layer 2 protocol Loopring posted on Twitter that the some Loopring Smart Wallets were targeted in a security breach. The attack exploited wallets with only one Guardian, specifically the Loopring Official Gua…

Lykke

Sun, 09 Jun 2024 00:00:00 +0000

Lykke, the zero-fee crypto exchange, was suspected to be exploited, which resulted in a loss of assets worth over $22.4 million. The root cause of the exploit is unknown at the moment, and the team has yet to acknowle…

Gemholic

Sat, 08 Jun 2024 00:00:00 +0000

Gemholic, a crypto project, is accused of a rug pull after moving $3.5M in recently recovered funds and vanishing from social media.

SteamSwap (STM)

Fri, 07 Jun 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, SteamSwap(STM) on BNBChain was attacked, resulting in a loss of approximately $105K.

TLN Protocol

Fri, 07 Jun 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, the TLN Protocol on BNBChain has been attacked again. On May 31, TLN Protocol suffered a loss of approximately $280,000 due to a contract vulnerability exploited…

CoinGecko

Wed, 05 Jun 2024 00:00:00 +0000

CoinGecko reported that its third-party email platform GetResponse experienced a data breach on June 5. The compromised data includes users’ names (if provided during registration), email addresses, IP addresses, and…

Renzo

Wed, 05 Jun 2024 00:00:00 +0000

Renzo’s co-founder, Lucas Kozinski, posted a warning on Twitter stating that the @RenzoProtocol Twitter account has been compromised. He advised not to click any links and mentioned that the team is working with Twitt…

NCD

Tue, 04 Jun 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, NCD on BNBChain was attacked, resulting in a loss of approximately $20,000.

Velocore

Sun, 02 Jun 2024 00:00:00 +0000

DEX Velocore experienced a security breach on June 2nd, 2024, resulting in financial losses approximating $6.8 million in ETH. The primary cause of the incident was faulty logic within the velocore__execute() function…

DMM Bitcoin

Fri, 31 May 2024 00:00:00 +0000

Hot wallet private key compromised, DPRK attributed

MixedSwapRouter

Fri, 31 May 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, the MixedSwapRouter on Arbitrum was attacked, resulting in a loss of approximately 293,000 WINR, valued at around $16,000.

TLN Protocol

Fri, 31 May 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, the TLN Protocol on BNBChain was attacked, resulting in a loss of approximately $280,000.

EXcommunity

Wed, 29 May 2024 00:00:00 +0000

According to monitoring by the SlowMist security team, EXcommunity on BNBChain is suspected of being attacked, resulting in a loss of approximately $37,000.

MetaDragon

Wed, 29 May 2024 00:00:00 +0000

According to the SlowMist security team, potential suspicious activity has been detected in the GameFi protocol MetaDragon, and users are advised to remain vigilant. MetaDragon stated that users need to convert their…

Orion Protocol

Tue, 28 May 2024 00:00:00 +0000

According to the SlowMist security team, the liquidity aggregator protocol Orion’s contract was attacked, resulting in a loss of approximately $616,000.

Nicola Sebastiani

Mon, 27 May 2024 00:00:00 +0000

Sebastiani, co-founder of The Sandbox, posted on X platform that one of The Sandbox team members was hacked and his Twitter account used to send SCAM tweets and DMs, disguised as if these were official.

RedKeysGame

Mon, 27 May 2024 00:00:00 +0000

According to the SlowMist security team, RedKeysGame on BNBChain was attacked, resulting in a loss of approximately $10,000.

Normie

Sun, 26 May 2024 00:00:00 +0000

According to community feedback, the Base ecosystem’s meme coin NORMIE has been attacked. The attacker exploited a design flaw in the NORMIE token’s cross-chain bridge, manipulating the price on the Base Chain using f…

Rho Markets

Wed, 22 May 2024 00:00:00 +0000

The official Twitter account of Scroll’s liquidity layer, Rho Markets, was hacked and posted suspicious links.

TonUP

Wed, 22 May 2024 00:00:00 +0000

The TON ecosystem Launchpad platform TonUP announced on social media that its recently launched staking contract was attacked, resulting in a loss of 307,264 UP tokens. Upon investigation, it was found that the incide…

YON

Wed, 22 May 2024 00:00:00 +0000

YON on BNBChain was exploited and lost 190 BNB (～$118K) as a result. The vulnerability in the transferFrom function of the target contract (YON) allowed the attacking contract to directly transfer YON to the LP contract.

Gala Games

Mon, 20 May 2024 00:00:00 +0000

On May 20, 2024, the Web3 gaming platform Gala Games was attacked, resulting in a loss of approximately $21.8 million. The attacker minted 5 billion GALA tokens, worth over $200 million, and quickly sold 592 million G…

TCH

Fri, 17 May 2024 00:00:00 +0000

According to the SlowMist security team’s monitoring, the TCH token on the BNBChain has been continuously attacked due to a malleability issue, resulting in a loss of approximately $19,000.

Fake Notcoin

Thu, 16 May 2024 00:00:00 +0000

Fake Notcoin on ETH is suspected of a rug pull, and the current token price has dropped by 100%.

pump.fun

Thu, 16 May 2024 00:00:00 +0000

pump.fun is a Solana-based memecoin generator. On May 16th, the project suffered a $1.9 million exploit by an attacker who then began airdropping the money to somewhat random wallets. pump.fun stated on Twitter that t…

ALEX Lab

Wed, 15 May 2024 00:00:00 +0000

Bitcoin DeFi application ALEX Lab was drained of over $4.3 million in various tokens after a suspected private key compromise attacked its bridging service. Hackers transferred over $300,000 USD worth of BTC, $3.3 mil…

BlockTower Capital

Wed, 15 May 2024 00:00:00 +0000

BlockTower Capital’s main hedge fund has been compromised and partially drained by fraudsters. The company has $1.7 billion in assets under management. Despite hiring blockchain forensic analysts to investigate the sp…

Equalizer Exchange

Tue, 14 May 2024 00:00:00 +0000

On May 14th, the decentralized trading protocol Equalizer Exchange within the Fantom ecosystem was suspected to have been attacked. The official team tweeted that they are investigating the incident and advised users…

PI (PI)

Tue, 14 May 2024 00:00:00 +0000

The PI (PI) on Polygon is suspected of a rug pull, and the current token price has dropped by 100%, causing losses exceeding $490,000.

Predy Finance

Tue, 14 May 2024 00:00:00 +0000

The decentralized exchange Predy Finance on the Arbitrum chain was attacked, resulting in the loss of $464k worth of crypto assets from its lending pool.

Sonne Finance

Tue, 14 May 2024 00:00:00 +0000

Based on Compound’s Optimism native lending protocol, Sonne Finance has fallen victim to a lightning loan attack by hackers, resulting in losses exceeding $20 million USD.

Patton

Mon, 13 May 2024 00:00:00 +0000

Patton on the ETH appears to have exit scammed, resulting in a 100% price drop and causing losses exceeding $260,000.

Galaxy Fox

Fri, 10 May 2024 00:00:00 +0000

According to the monitoring of the SlowMist Security Alert system, the Web3 game project Galaxy Fox has been attacked, resulting in a loss of approximately $300,000.

Tsuru

Fri, 10 May 2024 00:00:00 +0000

According to the SlowMist Security Alert system, potential suspicious activities related to Tsuru have resulted in a loss of 138.78 ETH.

Bloom

Thu, 09 May 2024 00:00:00 +0000

The Blast ecosystem project Bloom was attacked, resulting in a loss of approximately $540,000. On May 10th, Bloom announced that they had successfully recovered most of the stolen funds. The Bloom team stated that aft…

Fake Lifeform (LFT)

Thu, 09 May 2024 00:00:00 +0000

Fake Lifeform (LFT) on Ethereum is suspected of an exit scam. The deployer called removeLimits() backdoor to mint additional tokens and dump them on the dex pair to drain 81 ETH (~$243K).

NEAR Protocol

Thu, 09 May 2024 00:00:00 +0000

The official Twitter account of the public chain project NEAR Protocol appears to have been compromised. Currently, its profile picture on Twitter has been changed to a solid black image, and its bio has been updated…

GPU

Wed, 08 May 2024 00:00:00 +0000

GPU on BNBChain was attacked, with a loss of about $32,000. There is a logic vulnerability in the _transfer function of the contract. When transferring money to yourself, the balance will increase by the amount of the…

GNUS

Mon, 06 May 2024 00:00:00 +0000

Fantom ecosystem project GNUS fell victim to an attack, resulting in a loss of approximately $1.27 million. GNUS.ai posted on Twitter: “Due to a recent exploit, a hacker was able to mint fake GNUS tokens on Fantom, tr…

OSN

Mon, 06 May 2024 00:00:00 +0000

OSN on BNBChain is suspected to have been attacked. The attacker initiated multiple attack transactions, resulting in a loss of ~$110K. The attacker took advantage of the OSNLpDividendTracker contract which sells its…

Perpy Finance

Mon, 06 May 2024 00:00:00 +0000

The Social Fi project Perpy Finance was attacked. A hacker was able to update the contract and illicitly withdrew 58,489,594 PRY tokens. These were then transferred and exchanged for 41.895 ETH. According to Perpy Fin…

Saturn

Mon, 06 May 2024 00:00:00 +0000

Saturn, the new token issuance protocol, was exploited on the BNB chain, which resulted in a loss of 14.16 BNB, worth approximately $8,343. The protocol would reportedly burn and sync the asset amount before any prior…

NOVAMIND_ (NMD)

Thu, 02 May 2024 00:00:00 +0000

NOVAMIND_ (NMD) on ETH is suspected of a rug pull. ~~41 ETH (~~$123k) was transferred to a multisig and the token price has dropped ~97%.

Dune

Tue, 30 Apr 2024 00:00:00 +0000

The blockchain data analysis platform Dune tweeted that its account was compromised earlier today and a fake post about a Dune Airdrop was live for about 15 minutes. The Dune team now has control over the account again.

Pike Finance

Tue, 30 Apr 2024 00:00:00 +0000

On April 30th, the cross-chain lending protocol Pike Finance tweeted that its Pike Beta protocol had been attacked, resulting in losses of 99,970.48 ARB, 64,126 OP, and 479.39 ETH. The exploit was caused by weak secur…

Yield Protocol

Tue, 30 Apr 2024 00:00:00 +0000

A hacker stole approximately $181,000 worth of crypto assets from Yield’s strategic contracts present on the Arbitrum blockchain. The hacker exploited a discrepancy between the pool token balance and total supply with…

Rain

Mon, 29 Apr 2024 00:00:00 +0000

Crypto detective ZachXBT stated on his Telegram channel that the Middle Eastern cryptocurrency exchange Rain appears to have been hacked, resulting in a loss of $14.8 million USD. The breach occurred on April 29, 2024…

Ember Sword NFT

Sun, 28 Apr 2024 00:00:00 +0000

A vulnerability has been detected in the unverified Ember Sword NFT auction that allowed the extraction of 60 WETH, equivalent to approximately $195,000, from 159 victims who approved the contract.

xBank Finance

Sat, 27 Apr 2024 00:00:00 +0000

According to feedback from multiple community members, the zkSync ecosystem lending platform @xBankFinance is suspected of a rug pull. Currently, the official account displays that it has been frozen, and the platform…

Fake IO

Fri, 26 Apr 2024 00:00:00 +0000

Fake IO on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Pike Finance

Fri, 26 Apr 2024 00:00:00 +0000

The cross-chain lending protocol Pike Finance tweeted that the USDC pool on Pike Beta has been exploited by a hacker. The total amount of USDC exploited is 299,127. The root cause is led by forged CCTP message to drai…

FENGSHOU (NGFS)

Thu, 25 Apr 2024 00:00:00 +0000

Shortly after the deployment of the FENGSHOU (NGFS) token, it was attacked, resulting in a loss of approximately $191,000. The vulnerability lies in a public delegateCallReserves function which allows the attacker t…

io.net

Thu, 25 Apr 2024 00:00:00 +0000

io.net founder and CEO Ahmad Shadid announced on social media that io.net’s metadata APIs recently experienced a security incident. A malicious party exploited accessible mappings of User IDs to Device IDs, leading to…

YIEDL

Thu, 25 Apr 2024 00:00:00 +0000

According to intelligence from the SlowMist Security Team, the YIEDL project on the BSC chain was attacked, with the attacker stealing approximately $300,000. In this incident, the reason lies in the contract’s failur…

Merlin

Wed, 24 Apr 2024 00:00:00 +0000

According to community feedback, the official Discord server of Merlin Chain appears to have been targeted in a hacker attack, where a management account posted a notification containing a phishing link.

X Bridge

Wed, 24 Apr 2024 00:00:00 +0000

The cross-chain bridge X Bridge has experienced multiple suspicious transactions, which are still ongoing. A suspicious address was recently funded by Tornado Cash on BNBChain, then bridged to ETH, and subsequently de…

XBridge

Wed, 24 Apr 2024 00:00:00 +0000

The cross-chain bridge project XBridge was exploited due to a smart contract vulnerability on the Ethereum Mainnet and the BNB chain, resulting in a loss of approximately $1.44 million.

Fake Safe Token (SAFE)

Tue, 23 Apr 2024 00:00:00 +0000

The Fake Safe Token (SAFE) on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Magpie Protocol

Tue, 23 Apr 2024 00:00:00 +0000

The decentralized liquidity aggregation protocol Magpie Protocol was attacked due to a contract vulnerability, resulting in $129,000 being stolen from 221 wallets. The root cause is due to unchecked call data. The att…

Velvet Capital

Tue, 23 Apr 2024 00:00:00 +0000

Users reported abnormal activity on the trading platform of the DeFi asset management protocol Velvet Capital on April 23rd. When attempting to connect to the frontend, users were prompted to approve their wallet’s ac…

Fake Cruiz (CRUIZ)

Mon, 22 Apr 2024 00:00:00 +0000

The Fake Cruiz (CRUIZ) on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Z123

Mon, 22 Apr 2024 00:00:00 +0000

Z123 on BSC was attacked by a hacker due to a contract vulnerability, resulting in a loss of approximately $136k. The .update() function of Z123 was repeatedly called which burned extra tokens and inflated the price.

ZKasino

Sat, 20 Apr 2024 00:00:00 +0000

The decentralized betting platform ZKasino is suspected to have exited. Recently, users on Twitter reported that ZKasino removed the message “Ethereum will be returned and can be bridged back” from the Bridge Funds in…

Hedgey

Fri, 19 Apr 2024 00:00:00 +0000

Hedgey Finance suffered two exploits, one on the Ethereum and another on the Arbitrum network. The ETH attack resulted in a loss of $1.9 million, while the Arbitrum exploit led to a theft of $42.8 million in ARB tokens.

Meson Finance

Fri, 19 Apr 2024 00:00:00 +0000

The Twitter account of the cross-chain bridge Meson Finance posted a tweet containing a phishing link. Meson Finance tweeted that the relevant content has been deleted and confirmed that the issue originated from a th…

PRCL

Wed, 17 Apr 2024 00:00:00 +0000

Fake PRCL on the BNB Chain appears to have exit scammed, resulting in a 100% price drop and causing losses exceeding $100,000.

Mars

Tue, 16 Apr 2024 00:00:00 +0000

Token issuance protocol Mars was attacked and lost about 1M MARS 和 137 个 WBNB.

Fake JILLBODEN

Mon, 15 Apr 2024 00:00:00 +0000

Fake JILLBODEN on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Fake VDZ

Mon, 15 Apr 2024 00:00:00 +0000

Fake VDZ on BNBChain is suspected of a rug pull, and the current token price has dropped by 100%.

Grand Base

Mon, 15 Apr 2024 00:00:00 +0000

Grand Base, a real world assets platform built on the Base layer-2 blockchain, the team behind the project claimed that the deployer wallet had been compromised, allowing an attacker to drain the project’s liquidity p…

GFA token

Sun, 14 Apr 2024 00:00:00 +0000

The GFA token was exploited on the BNB chain, which resulted in a loss of assets worth approximately $15,000. The root cause of the exploit is a lack of access control. The vulnerable contracts had functions for calcu…

Leaper Finance

Sun, 14 Apr 2024 00:00:00 +0000

According to on-chain analyst ZachXBT’s monitoring, the group of scammers who stole 8 figs with Magnate, Kokomo, Lendora, Solfire, etc is back with a new project on Blast @Leaperfinance. Last week they funded an addre…

Fake Masa

Fri, 12 Apr 2024 00:00:00 +0000

Fake Masa on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Sumer Money

Fri, 12 Apr 2024 00:00:00 +0000

Sumer Money was exploited on the Base chain due to a smart contract vulnerability, which resulted in a loss of assets worth approximately $310,000. The root cause of the exploit is a lack of reentrancy protection, whi…

Zest Protocol

Fri, 12 Apr 2024 00:00:00 +0000

The Bitcoin-native lending protocol, Zest Protocol twitted that it experienced an attack. The attacker lent out an amount exceeding the value of their collateral by artificially inflating its value. The attack has bee…

Empower AI

Thu, 11 Apr 2024 00:00:00 +0000

The price of Empower AI (EMPAI) on Ethereum has dropped by 100%. A whale 0xE4808…f3bA has dumped 1,000,000,000,000 EMPAI for about 66.44 WETH (valued at around $23,750).

Fake Monad

Thu, 11 Apr 2024 00:00:00 +0000

Fake Monad on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Fake Oasis AI

Wed, 10 Apr 2024 00:00:00 +0000

Fake Oasis AI on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Fake Truflation

Wed, 10 Apr 2024 00:00:00 +0000

Fake Truflation on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Jupiter

Wed, 10 Apr 2024 00:00:00 +0000

Jupiter, a trading aggregator in the Solana ecosystem, tweeted that they noticed a large number of spam bots hitting our RPCs and limited them. Users are advised to try their operations again. The team is working supe…

xBlast

Tue, 09 Apr 2024 00:00:00 +0000

The full-chain Web3 ecosystem xBlast, built inside Telegram, disclosed on Twitter that it had been hacked. The attacker transferred XBL tokens from its project’s main wallet address and sold them for approximately 22…

Squid Game (SQUID)

Mon, 08 Apr 2024 00:00:00 +0000

Squid Game (SQUID) is a meme token on the BNB chain. On April 8, 2024, the SQUID Game was exploited on the BNB chain due to a smart contract vulnerability, which resulted in a loss of assets worth approximately $87,00…

UPS

Mon, 08 Apr 2024 00:00:00 +0000

UPS on BNBChain was attacked and lost ~$30K.

Wall Street Memes

Sun, 07 Apr 2024 00:00:00 +0000

Wall Street Memes (WSM)’s pre-sale contract was attacked, resulting in a loss of ～2.5M WSM, worth of ~$18,000.

CondomSOL

Thu, 04 Apr 2024 00:00:00 +0000

CondomSOL on Solana has exited, and its Twitter account is no longer accessible. The wallet associated with CondomSOL raised 4,965 SOL, equivalent to approximately $922,000.

Robinson Burkey

Thu, 04 Apr 2024 00:00:00 +0000

The Twitter account of Wormhole co-founder Robinson Burkey was hacked, and a suspicious link was posted.

Avolend Finance

Wed, 03 Apr 2024 00:00:00 +0000

In the Blast ecosystem, the project Avolend Finance is suspected to be a rug pull. Currently, its official website and Twitter account cannot be accessed.

OpenLeverage

Mon, 01 Apr 2024 00:00:00 +0000

The DeFi protocol OpenLeverage has been attacked, resulting in a loss of approximately $260,000. In light of this, OpenLeverage has decided to discontinue the OpenLeverage trading and lending protocol. OpenLeverage is…

FixedFloat

Sun, 31 Mar 2024 00:00:00 +0000

FixedFloat, a decentralized exchange, tweeted that they have encountered another attack, with hackers exploiting vulnerabilities in their third-party services. The company assured that both company and user funds rema…

Pendle Finance

Sat, 30 Mar 2024 00:00:00 +0000

The founder of yield-trading protocol Pendle Finance tweeted that the team has confirmed being unable to access the official Pendle Twitter account and is currently investigating to resolve the issue. During this peri…

Solareum

Sat, 30 Mar 2024 00:00:00 +0000

The Solana ecosystem is grappling with a spate of drained wallets. A cause has yet to be definitively determined, but some of the thefts were linked to the use of trading bots like Solareum. According to security rese…

Lava

Fri, 29 Mar 2024 00:00:00 +0000

Lava suffered a flash loan attack, resulting in approximately $340,000 in losses. All lending markets are reportedly paused as the investigation is ongoing.

Prisma Finance

Thu, 28 Mar 2024 00:00:00 +0000

Migration contract logic flaw allowed unauthorized withdrawals

Decrypt

Wed, 27 Mar 2024 00:00:00 +0000

The email newsletter account of Web3 media company Decrypt has been compromised, and a phishing scam email has been sent to all of our subscribers. Please do not click on any links. Currently, the attacker has profite…

Munchables

Wed, 27 Mar 2024 00:00:00 +0000

The Blast ecosystem project Munchables was attacked, resulting in a loss of approximately $62.5 million. On the same day, Blast founder Pacman tweeted: “$97m has been secured in a multisig by Blast core contributors….

ZongZiFa

Mon, 25 Mar 2024 00:00:00 +0000

The project ZongZiFa on BSC was exploited through a flash loan, resulting in a loss of approximately $229,000. The attacker manipulated the price of ZongZi to gain invitation rewards.

Curio Ecosystem

Sun, 24 Mar 2024 00:00:00 +0000

The RWA infrastructure of the Curio Ecosystem suffered an attack, involving smart contracts based on MakerDAO within its ecosystem. The attacker exploited a permission access logic vulnerability.

Lucky Star Currency

Fri, 22 Mar 2024 00:00:00 +0000

The astrology-based project Lucky Star Currency rug-pulled in October 2023, resulting in a loss of $1.1 million. On March 22, 2024, ownership of the project was transferred to a malicious smart contract, which then dr…

Super Sushi Samurai

Fri, 22 Mar 2024 00:00:00 +0000

The new blockchain game Super Sushi Samurai, based on the Blast layer-2, was attacked due to a vulnerability in its token contract, resulting in a loss of approximately $4.6 million. Shortly after the theft, the attac…

AirDAO

Thu, 21 Mar 2024 00:00:00 +0000

The hackers gained access to AirDAO LP through a social engineering scam and drained the liquidity pool of AMB/ETH. The scam involved an email with a malicious attachment, impersonating one of their known partners. In…

TICKER

Thu, 21 Mar 2024 00:00:00 +0000

TICKER project developer steals $900,000. A developer brought on to run a presale for the TICKER token stole $900,000 from the project. 15% of the token supply was sent to the developer to distribute via an airdrop, b…

Dolomite

Wed, 20 Mar 2024 00:00:00 +0000

On March 20th, Dolomite, a decentralized trading protocol in the Arbitrum ecosystem, was attacked due to a vulnerability in its old contracts on the Ethereum mainnet. Approximately 187 victims suffered asset losses to…

LayerSwap

Wed, 20 Mar 2024 00:00:00 +0000

The @GoDaddy account for the L2 cross-chain bridge LayerSwap’s domain http://layerswap[.]io was compromised. The compromise of the domain led to a phishing site being displayed, resulting in approximately 50 users los…

ParaSwap

Wed, 20 Mar 2024 00:00:00 +0000

Decentralized exchange (DEX) aggregator ParaSwap announced the discovery of a critical vulnerability affecting its approved aggregation smart contract Augustus V6. This vulnerability impacts users who have authorized…

Trezor

Wed, 20 Mar 2024 00:00:00 +0000

On the X platform, on-chain investigator ZachXBT reported that the X account of hardware wallet provider Trezor was hacked.

TON

Tue, 19 Mar 2024 00:00:00 +0000

According to on-chain investigator ZachXBT, the X account of TON Blockchain has been compromised.

Fake Ansem

Sun, 17 Mar 2024 00:00:00 +0000

According to blockchain investigator ZachXBT, an account impersonating Solana ecosystem KOL Ansem (@blknoiz06) capitalized on the recent meme coin craze to profit over $2.6 million through phishing.

Remilia

Sun, 17 Mar 2024 00:00:00 +0000

The treasury of Remilia, the parent company of Milady, has been drained, with assets from multiple official Remilia wallets being transferred and sold. The hot wallet and multi-signature treasury of Remilia’s parent c…

Wilder World

Sat, 16 Mar 2024 00:00:00 +0000

The deployer wallet of the NFT marketplace Wilder World was attacked, and ownership was transferred to the attacker. Following a malicious upgrade, the attacker withdrew WILD and MEOW tokens and converted them into ap…

MOBOX

Fri, 15 Mar 2024 00:00:00 +0000

The DeFi protocol MOBOX was attacked due to a vulnerability in the borrow function, resulting in a loss of approximately $750,000.

Mozaic

Fri, 15 Mar 2024 00:00:00 +0000

The DeFi project Mozaic was exploited, who stole approximately $2 million from the project. According to Mozaic, this individual was a Mozaic developer who had illegally obtained the private keys of a security module…

NFPrompt

Fri, 15 Mar 2024 00:00:00 +0000

The AI-driven UGC platform NFPrompt, aimed at the next generation of content creators, disclosed on Twitter that they have experienced a security breach. Hackers infiltrated several wallets, including the wallet of th…

Introspection Token

Thu, 14 Mar 2024 00:00:00 +0000

On March 14, 2024, according to intelligence from the SlowMist security team, the IT token on the BSC was attacked, with the attacker profiting approximately $15,200. The attacker exploited the transfer function in th…

Cloud AI

Wed, 13 Mar 2024 00:00:00 +0000

The AI service provider Cloud AI reported that both their deployer and treasury account have been compromised by hackers. The attackers acquired 58,900 CloudAI tokens and some ETH. All CloudAI tokens have been exchang…

beoble

Tue, 12 Mar 2024 00:00:00 +0000

The Twitter account of Web3 chat solution beoble has been compromised, with phishing links being posted. Please refrain from clicking on any links until further notice is provided by the official team.

Polyhedra

Tue, 12 Mar 2024 00:00:00 +0000

Polyhedra was exploited due to the compromise of the private keys, which resulted in a loss of 1,400,323 THENA tokens worth approximately $760,000. The contract was maliciously upgraded following the leakage of the pr…

BLASTOFF

Mon, 11 Mar 2024 00:00:00 +0000

The Blast ecosystem’s LaunchPad and yield aggregator BLASTOFF announced that its Future Yield Minter Vault has been hacked, resulting in the theft of approximately 150 ETH (approximately $600,000). The official team h…

Unizen

Sat, 09 Mar 2024 00:00:00 +0000

The Unizen defi platform lost around $2.1 million in the Tether stablecoin in an attack that took advantage of a vulnerability an external call from the project smart contract. On March 12th, Unizen’s CTO Martin Grans…

FLOKIAI (FLOKIAI)

Fri, 08 Mar 2024 00:00:00 +0000

FLOKIAI (FLOKIAI) on the BNB Chain appears to have exit scammed. The address starting with 0xFe54 has exchanged 268,561,795,727,990.23 FLOKIAI tokens for approximately 316.4 BNB, valued at around $148,000.

HumanizedAi (HMZ)

Fri, 08 Mar 2024 00:00:00 +0000

HumanizedAi (HMZ) is suspected to have exited scam, with the project team profiting 173 ETH (approximately $665,000). The project’s Twitter account and website have been shut down.

ClosedAI (ClosedAI)

Thu, 07 Mar 2024 00:00:00 +0000

ClosedAI (ClosedAI) appears to have exit scammed on the BNB Chain. The address starting with 0xFe54 has exchanged 277,635,327,881,198.25 ClosedAI tokens for approximately 307.3 BNB, valued at around $13,100.

TGBS (TGBS)

Wed, 06 Mar 2024 00:00:00 +0000

On March 6, TGBS (TGBS) was exploited through a flash loan attack, resulting in a loss of approximately $151k.

OrdiZK

Tue, 05 Mar 2024 00:00:00 +0000

OrdiZK advertized themselves as a privacy bridge between the Ethereum network and Bitcoin, has exited, resulting in approximately $1.4 million in losses.

Sherlock

Tue, 05 Mar 2024 00:00:00 +0000

The Twitter account of the security company @sherlockdefi was hacked, with the attackers using the account to post a tweet containing phishing links.

WOOFi

Tue, 05 Mar 2024 00:00:00 +0000

The sPMM algorithm controlling the pricing of WOOFi trades on DEX WOOFi was exploited on Arbitrum. The exploit consisted of a sequence of flash loans that took advantage of low liquidity to manipulate the price of WOO…

Grayscale Capital

Thu, 29 Feb 2024 00:00:00 +0000

Capital Killer, an anti-capitalist hacker group, revealed on twitter that they have attacked the Grayscale official website, claiming it as a gift to the AVAV community in support of fairness and anti-capitalism. Curr…

Shido Network

Thu, 29 Feb 2024 00:00:00 +0000

The decentralized cross-chain protocol Shido Network on the Ethereum blockchain appears to be a rug pull. The owner of the SHIDO token staking contract first upgraded the staking contract, then withdrew a large amount…

Seneca

Wed, 28 Feb 2024 00:00:00 +0000

On February 28th, a vulnerability was discovered in the contract of Seneca, an omnichain CDP protocol on the Ethereum network. Hackers exploited constructed calldata parameters to call transferfrom, transferring token…

Serenity Shield

Wed, 28 Feb 2024 00:00:00 +0000

Blockchain data storage protocol Serenity Shield tweeted that the MetaMask wallet associated with the project has been compromised. According to blockchain detective ZachXBT, Serenity Shield was robbed of 6.9 million…

Aleo

Mon, 26 Feb 2024 00:00:00 +0000

Aleo, a blockchain project that advertises it’s a place for “fully private applications” with “built-in privacy” has just emailed private identification documents — including selfies and photographs of government iden…

MicroStrategy

Mon, 26 Feb 2024 00:00:00 +0000

The Twitter account of MicroStrategy, the largest public holder of BTC, appears to have been compromised, with phishing airdrop links being posted. According to on-chain detective ZachXBT, the incident has resulted in…

RiskOnBlast

Sun, 25 Feb 2024 00:00:00 +0000

RiskOnBlast, a gambling and trading platform on the new ethereum layer-2 Blast blockchain, appears to be a rug pull. On February 25, the platform drained more than 420 ETH (~$1.3 million) from more than 750 user walle…

Tornado Cash

Sun, 25 Feb 2024 00:00:00 +0000

SlowMist founder Cos tweeted that there is a backdoor code in the Tornado Cash IPFS version frontend that hijacks deposit certificates. A governance attack led to malicious proposals being passed, and the malicious co…

ZoomerCoin

Sat, 24 Feb 2024 00:00:00 +0000

ZoomerCoin on Ethereum suffered a flash loan attack, resulting in a loss of 14.06 ETH (~ $41k).

Avalanche

Fri, 23 Feb 2024 00:00:00 +0000

On February 23rd, the Avalanche mainnet experienced block production interruptions. Addressing this issue, Ava Labs co-founder Kevin Sekniqi stated on Twitter that the problem appears to be a gossip-related mempool ma…

BitForex

Fri, 23 Feb 2024 00:00:00 +0000

On February 23, 2024, Hong Kong-based cryptocurrency exchange BitForex was suspected of an exit scam after approximately $56.5 million in suspicious fund outflows were detected across multiple blockchains. The platfor…

Compound

Fri, 23 Feb 2024 00:00:00 +0000

On the evening of February 23rd, UNI experienced a sudden price surge, causing Compound to fail in promptly updating UNI’s price. As a result, the protocol used an incorrect price provided by Uniswap’s TWAP (Time-Weig…

Jihoz

Fri, 23 Feb 2024 00:00:00 +0000

Axie Infinity co-founder Jihoz tweeted that his personal two addresses have been compromised. The attack is limited to his personal accounts and is unrelated to the validation or operation of the Ronin chain. Addition…

Blueberry Protocol

Thu, 22 Feb 2024 00:00:00 +0000

Integer rounding error in borrow logic exploited, whitehat rescued funds

ARPA

Tue, 20 Feb 2024 00:00:00 +0000

The official Twitter account of ARPA, a permissionless threshold network based on the BLS signature scheme, has been compromised, and false token claiming links have been posted.

Rugged Art

Mon, 19 Feb 2024 00:00:00 +0000

The ERC 404 project Rugged Art was attacked due to a reentrancy vulnerability, resulting in a loss of 11 ETH.

Starcoin

Sun, 18 Feb 2024 00:00:00 +0000

On February 18th, Starcoin, a project within the Move ecosystem, tweeted that they detected abnormal activities on their network that required immediate attention to safeguard the integrity and security of the system….

FixedFloat

Fri, 16 Feb 2024 00:00:00 +0000

Hot wallet drained via compromised infrastructure

xPET

Fri, 16 Feb 2024 00:00:00 +0000

The CEO of SocialFi xPET tweeted that SocialFi was attacked due to vulnerabilities related to the newly launched PvP feature, resulting in hackers stealing 91.5 ETH (approximately $25,400).

Duelbits

Wed, 14 Feb 2024 00:00:00 +0000

The hot wallet of the crypto gambling platform Duelbits was attacked, resulting in a loss of approximately $4.6 million.

Miner（MINER）

Wed, 14 Feb 2024 00:00:00 +0000

The ERC-X protocol Miner (MINER) has been attacked, please do not interact. According to the Miner team’s analysis, the _update function of the contract was exploited. The root cause of this exploit is a double-transf…

Keith Grossman

Fri, 09 Feb 2024 00:00:00 +0000

Keith Grossman, the president of MoonPay, currently has a compromised X account distributing wallet drainer links.

Not Found (404)

Fri, 09 Feb 2024 00:00:00 +0000

The Not Found (404) project on ETH is suspected to have exited with losses of approximately $156,000, as the deployer withdrew a large amount of liquidity.

PlayDapp

Fri, 09 Feb 2024 00:00:00 +0000

Attacker gained minter role and minted 1.79B PLA tokens

Starlay Finance

Thu, 08 Feb 2024 00:00:00 +0000

A critical security incident within the Starlay protocol’s USDC lending pool on the Acala EVM platform. An exploit was identified and executed due to abnormal behavior in the liquidity index calculation mechanism, whi…

Detto Finance

Fri, 02 Feb 2024 00:00:00 +0000

The project Detto Finance in the Base ecosystem is suspected of a rug pull, with its social media accounts currently inaccessible, resulting in approximately $95,000 in losses.

Phantom

Fri, 02 Feb 2024 00:00:00 +0000

The user-friendly crypto wallet designed for DeFi and NFTs, Phantom, reported a DDoS attack on its platform. Someone attempted to overload its systems, causing potential temporary interruptions in some services. User…

Chris Larsen

Wed, 31 Jan 2024 00:00:00 +0000

On January 31st, according to blockchain investigator ZachXBT, Ripple fell victim to a hacking attack resulting in the theft of 213 million XRP, valued at approximately $112.5 million. Ripple’s co-founder, Chris Larse…

Klaytn

Wed, 31 Jan 2024 00:00:00 +0000

Klaytn, the South Korean public blockchain, tweeted a reminder to users that its official Discord server has been attacked. Until further notice, please refrain from clicking on any links or interacting with any posts…

ZeroLend

Wed, 31 Jan 2024 00:00:00 +0000

The lending market ZeroLend has experienced a DDoS attack.

Abracadabra Money

Tue, 30 Jan 2024 00:00:00 +0000

GMX v1 integration reentrancy via cauldron contract callback

Masa

Tue, 30 Jan 2024 00:00:00 +0000

The official Twitter account of zk-data marketplace Masa is suspected to be compromised, and fake airdrop links have been posted.

Andrei Grachev

Mon, 29 Jan 2024 00:00:00 +0000

DWF Labs tweeted that the Twitter account of their managing partner, Andrei Grachev, has been compromised.

Barley Finance

Mon, 29 Jan 2024 00:00:00 +0000

Barley Finance tweeted that there has been a vulnerability attack on the wBARL pod. The team is working on resolving the issue. Details are as follows: 1. The exploiter took more than 10% of the total BARL supply in t…

Goledo Finance

Sun, 28 Jan 2024 00:00:00 +0000

GoledoFinance on Conflux was attacked, with a loss of 7.9m $CFX ($1.7M). The Goledo team has completed the initial investigation of the large borrowings in the lending pool. The team has determined that the issue is r…

Wall Street Memes

Sun, 28 Jan 2024 00:00:00 +0000

The Wall Street Memes token was subject to a coordinated attack. The hackers exploited a vulnerability with their staking provider and accessed the $WSM staking contract.

Citadel Finance

Sat, 27 Jan 2024 00:00:00 +0000

Citadel Finance was exploited on the Arbitrum chain, which resulted in a loss of 43 ETH, worth approximately $93,000. The root cause of the exploit is price manipulation of the underlying assets.

Citadel.one

Sat, 27 Jan 2024 00:00:00 +0000

Portfolio management tool Citadel.one has been attacked, resulting in a loss of approximately $93K.

Somesing

Sat, 27 Jan 2024 00:00:00 +0000

South Korean Web3 social music service Somesing announced that it fell victim to a security vulnerability attack last Saturday, resulting in a loss of 730 million native tokens (SSX), equivalent to approximately $11.5…

AltLayer

Fri, 26 Jan 2024 00:00:00 +0000

AltLayer, a temporary extension layer built on Optimistic Rollups, tweeted that early this morning, its Twitter profile was not displaying past tweets on the timeline. After approximately 3 hours of handling, the acco…

Staci Warden

Fri, 26 Jan 2024 00:00:00 +0000

The Algorand Foundation tweeted that the Twitter account of Staci Warden (@StaciW_DC), the CEO of the Foundation, has been compromised.

Nebula Revelation

Thu, 25 Jan 2024 00:00:00 +0000

On January 25th, the staking contract of the space-themed open-world Web3 game Nebula Revelation suffered a reentrancy attack. On January 28th, Nebula Revelation announced a compensation plan of 159,831 USDT. The team…

Saga DAO

Thu, 25 Jan 2024 00:00:00 +0000

Saga DAO, a community-run fan club for Solana’s sellout mobile phone fell victim to a hacker attack, resulting in a theft of 750 SOL, equivalent to approximately $60,000. On February 2nd, SagaDAO tweeted that all fund…

JohnLennonC0IN (BEATLES)

Wed, 24 Jan 2024 00:00:00 +0000

JohnLennonC0IN (BEATLES) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

GMEE

Tue, 23 Jan 2024 00:00:00 +0000

The blockchain gaming platform GMEE has announced via Twitter that the GMEE token contract on Polygon experienced unauthorized GitLab access a few hours ago, resulting in the theft of 600 million GMEE tokens. Subseque…

Bullran Index

Mon, 22 Jan 2024 00:00:00 +0000

Bullran Index was attacked due to a lack of permission control. An MEV bot was able to burn the BUI tokens that a user deposited into a custom safe contract and exploit the lack of permission control to extract 136 ETH.

Concentric Finance

Mon, 22 Jan 2024 00:00:00 +0000

The DeFi protocol Concentric Finance, built on the Camelot v3 protocol, has suffered a severe security breach. In an official post on social media, Concentric.fi stated that the security breach due to a targeted socia…

HTX

Fri, 19 Jan 2024 00:00:00 +0000

Tron founder Justin Sun tweeted that Htx.com and HTX_DAO have been attacked by DDoS attack. The official HTX Twitter account also mentioned that the HTX application is currently experiencing interruptions, and the tec…

CRONUS (CRONUS)

Thu, 18 Jan 2024 00:00:00 +0000

CRONUS (CRONUS) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

LongNoseDog (LONG)

Thu, 18 Jan 2024 00:00:00 +0000

LongNoseDog (LONG) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Manta Pacific

Thu, 18 Jan 2024 00:00:00 +0000

According to a tweet from Manta Network, the Manta Pacific chain encountered an RPC attack at approximately 9 AM UTC. Kenny Li, co-founder of Manta Network (@superanonymousk), provided updates on Twitter regarding the…

Miguel Morel

Thu, 18 Jan 2024 00:00:00 +0000

Arkham official announced on Twitter that its CEO, Miguel Morel, fell victim to a SIM card swap attack. Miguel Morel’s Twitter account was compromised.

Poldo (POLDO)

Thu, 18 Jan 2024 00:00:00 +0000

BSC 上的 Poldo (POLDO) 疑跑路，部署者撤走了大量流动性，导致价格下跌 100%。

Rosa Finance

Thu, 18 Jan 2024 00:00:00 +0000

The decentralized, non-custodial liquidity market protocol Rosa Finance on Arbitrum was exploited, resulting in a loss of approximately $45,000.

BasketDAO

Wed, 17 Jan 2024 00:00:00 +0000

The crypto index project BasketDAO was exploited on the Ethereum Mainnet due to a smart contract vulnerability, which resulted in a loss of assets worth approximately $107,000. The root cause of the exploit is an arbi…

Trezor

Wed, 17 Jan 2024 00:00:00 +0000

Trezor, the manufacturer of encrypted hardware wallets, has announced that it is currently investigating a security incident that occurred on January 17, 2024. Unauthorized access was detected to the third-party suppo…

BorzoiCoin (BORZOI)

Tue, 16 Jan 2024 00:00:00 +0000

BorzoiCoin (BORZOI) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

FoxFunnies (FXN)

Tue, 16 Jan 2024 00:00:00 +0000

FoxFunnies (FXN) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Hector Network

Tue, 16 Jan 2024 00:00:00 +0000

Another $2.7 million is gone after an apparent thief was able to exploit a smart contract that was intended to distribute payouts to Hector’s token holders. They then swapped the tokens from the USDC stablecoin to ETH…

MOE (MOE)

Tue, 16 Jan 2024 00:00:00 +0000

MOE (MOE) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

PulseXIncentiveToken (INC)

Tue, 16 Jan 2024 00:00:00 +0000

PulseXIncentiveToken (INC) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Socket

Tue, 16 Jan 2024 00:00:00 +0000

The interoperability protocol Socket tweeted that the protocol experienced a security incident. An attacker exploited a vulnerability on a newly added module under the Socket Aggregator system. The module was responsi…

Audify (AUDI)

Mon, 15 Jan 2024 00:00:00 +0000

Audify (AUDI) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

BoxyDude (BOX)

Mon, 15 Jan 2024 00:00:00 +0000

BoxyDude (BOX) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

MAR3AI (MAR3)

Mon, 15 Jan 2024 00:00:00 +0000

MAR3AI (MAR3) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

SolDragon (DRAGON)

Mon, 15 Jan 2024 00:00:00 +0000

SolDragon (DRAGON) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Speero (SPEERO)

Mon, 15 Jan 2024 00:00:00 +0000

Speero (SPEERO) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

StarkPepe (SPEPE)

Mon, 15 Jan 2024 00:00:00 +0000

StarkPepe (SPEPE) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

ZKFair

Fri, 12 Jan 2024 00:00:00 +0000

The community-driven ZK L2 network ZKFair’s official Discord has been hacked.Do not click any links until the team regain control of the server.

CoinGecko

Thu, 11 Jan 2024 00:00:00 +0000

Independent crypto data aggregator CoinGecko’s Twitter accounts @CoinGecko and @GeckoTerminal was compromised. One of their team members clicked on a fraudulent Calendly link by accident, granting unauthorized app acc…

Wise Lending

Thu, 11 Jan 2024 00:00:00 +0000

The @Wise_Lending market was exploited today, resulting in ~~177 ETH loss (~~$464K). Our initial analysis shows the share accounting logic is flawed with a precision issue to drain the market funds.

ElonTroll (ElonTroll)

Wed, 10 Jan 2024 00:00:00 +0000

Fake ElonTroll on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

XAI

Wed, 10 Jan 2024 00:00:00 +0000

A Rug Pull occurred with the XAI token on the BNB Chain, where the deployer dumped 20,779 billion XAI tokens, making a profit of approximately $220,000.

SEC

Tue, 09 Jan 2024 00:00:00 +0000

The U.S. Securities and Exchange Commission (SEC) stated on Monday in a release that its Twitter account was compromised on January 9th due to an unauthorized party gaining control of the associated phone number throu…

MangoFarm

Sun, 07 Jan 2024 00:00:00 +0000

The MangoFarm project is suspected of a rug pull. The official Twitter account of the MangoFarm is no longer accessible.

Aragon Network DAO

Sat, 06 Jan 2024 00:00:00 +0000

Aragon Network DAO recently found itself targeted in a cryptocurrency scam, resulting in a substantial loss of approximately 800,000 USDC. The attack employed a multi-faceted approach, combining counterfeit ERC-20 tok…

Coinspaid

Sat, 06 Jan 2024 00:00:00 +0000

Cryptocurrency payment service provider Coinspaid experienced multiple unauthorized transactions, with hackers stealing cryptocurrency assets worth $7.5 million.

Olaf

Sat, 06 Jan 2024 00:00:00 +0000

According to a report by Cointelegraph, the cryptocurrency venture capital firm Polychain Capital has confirmed that its founder and CEO, Olaf Carlson-Wee, has had his Twitter account compromised. Hackers have posted…

XKingdom Tech

Sat, 06 Jan 2024 00:00:00 +0000

The SocialFi and GameFi platform XKingdom Tech, built on Arbitrum, has exit-scammed, resulting in approximately $1.2 million in losses. The stolen funds were bridged to Ethereum and transferred to Tornado Cash.

CertiK

Fri, 05 Jan 2024 00:00:00 +0000

The Twitter account of the security firm CertiK was compromised. The attackers posted false information claiming that the Uniswap router contract is vulnerable to a reentrancy attack, along with phishing links. Subseq…

Narwhal

Fri, 05 Jan 2024 00:00:00 +0000

The liquidity mining project Narwhal’s token experienced two considerable drops within a two day period leading to an overall slippage of approximately 99%. The project’s official X account @Narwhal_fyi, announced tha…

Chronos

Thu, 04 Jan 2024 00:00:00 +0000

Liquidity layer & AMM Chronos tweeted that its concentrated liquidity pools managed by @dyson_money have been exploited in a manner similar to the gamma exploit. Users are advised to revoke contracts associated with t…

Gamma

Thu, 04 Jan 2024 00:00:00 +0000

The liquidity management protocol Gamma has been attacked, and its post-mortem indicates that there was a flaw in the deposit agent configuration. This flaw allowed the attacker to manipulate the price up to the price…

Atomicals Market

Tue, 02 Jan 2024 00:00:00 +0000

Atomicals Market (Marketplace and Explorer for Atomicals and ARC-20) tweeted that they’re currently under ddos attacks.

Radiant Capital (Jan)

Tue, 02 Jan 2024 00:00:00 +0000

Empty market manipulation via rounding error in index calculation

Wizz Wallet

Tue, 02 Jan 2024 00:00:00 +0000

Wizz Wallet, the wallet of the Atomicals protocol, posted on Twitter that builders within the Atomicals ecosystem, including the Wizz team, have experienced DDoS attacks.

NFPrompt

Mon, 01 Jan 2024 00:00:00 +0000

NFPrompt announced on its social media platform that the team detected issues with Web2 wallet service. They assured users about the security of their funds and recommended using self-custodied Web3 wallets. For users…

Wabalaba Land

Mon, 01 Jan 2024 00:00:00 +0000

A global IP of FREE Digital Collectibles, Art and community Wabalaba Land’s Discord has been compromised. Do not click any links until the team regain control of the server.

Orbit Chain

Sun, 31 Dec 2023 00:00:00 +0000

Cross-chain bridge signer keys compromised on New Year’s Eve

Channels Finance

Sat, 30 Dec 2023 00:00:00 +0000

ChannelsFinance on BSC was attacked, resulting in losses of over $320K. The contract uses an old Compound v2 protocol which has a known vulnerability.

Compound Labs

Sat, 30 Dec 2023 00:00:00 +0000

DeFi lending protocol Compound Labs tweeted that their account was compromised yesterday for ~4 hours until they regained control of the account and removed the spam messages.

OKX

Sat, 30 Dec 2023 00:00:00 +0000

OKX Wallet BRC20 marketplace has experienced a vulnerability where a large number of fake sats are displayed in the order book. Users are advised to immediately cease trading sats to avoid purchasing false assets and…

INSC NFT

Fri, 29 Dec 2023 00:00:00 +0000

There is a vulnerability in the INSC NFT contract, and multiple hackers have exploited it to steal NFTs and transfer them to Blur and OpenSea for sale. According to Blur market data, the floor price of INSC (ins-20) h…

Fake FomoFi (FOMO) Token

Thu, 28 Dec 2023 00:00:00 +0000

Fake FomoFi (FOMO) on BNB Chain is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Fake NFPrompt (NFP)

Thu, 28 Dec 2023 00:00:00 +0000

Fake NFPrompt (NFP) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Libra Protocol

Thu, 28 Dec 2023 00:00:00 +0000

The inscription project Libra Protocol on Arbitrum is suspected to have exit scammed. Currently, the project team has transferred the received mint fees to the address 0x0c12acc8e53c6ff7ab3fad5eaa97056ae950288f.

NebulaNode (NNNN)

Thu, 28 Dec 2023 00:00:00 +0000

NebulaNode (NNNN) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Sleepless AI (AI)

Thu, 28 Dec 2023 00:00:00 +0000

Sleepless AI (AI) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Thunder

Wed, 27 Dec 2023 00:00:00 +0000

Multi-chain trading platform Thunder suffered an attack. Thunder responded by stating that a third-party service it uses appears to have been targeted. No one’s private keys are compromised. Only 114 wallets out of ov…

MegabotETH

Tue, 26 Dec 2023 00:00:00 +0000

MegabotETH is suspected of a rug pull. Approximately 742k has been stolen.

Pike Finance

Tue, 26 Dec 2023 00:00:00 +0000

Pike Finance, a cross-chain lending protocol on Base, is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Telcoin

Tue, 26 Dec 2023 00:00:00 +0000

Recently, Telcoin Wallet was subjected to a targeted attack, and Telcoin tweeted that it is aware of the situation with the Telcoin app. Use of the app has been temporarily frozen while the issue is investigated and a…

Ordinal Dex (ORDEX)

Mon, 25 Dec 2023 00:00:00 +0000

Ordinal Dex (ORDEX) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Pine Protocol

Fri, 22 Dec 2023 00:00:00 +0000

PineProtocol seems to have been exploited. According to SlowMist’s analysis, the exploiter’s IP is 116...112. The exploiter has withdrawn ETH from FixedFloat and ChangeNOW, and has transferred 20 ETH to TornadoCash….

UniSat Wallet

Fri, 22 Dec 2023 00:00:00 +0000

UniSat Wallet’s official tweet is suspected to have been hacked.It posted a promotional tweet for a program with closed comments and a suspected malicious link.

INX

Wed, 20 Dec 2023 00:00:00 +0000

The INX Digital Company, a security token and digital asset trading platform, announced that on December 20, 2023, it learned of a cyberattack that occurred on the computer systems of a third-party vendor providing se…

0xKofi

Mon, 18 Dec 2023 00:00:00 +0000

@0xKofi’s Twitter account has been hacked; please do not click on the scam link.

Metakey

Mon, 18 Dec 2023 00:00:00 +0000

Metakey’s Discord has been compromised. Do not click the link in announcements.

Flooring Protocol

Sun, 17 Dec 2023 00:00:00 +0000

On December 17th, according to SlowMist Cos, Flooring Protocol may have been subjected to a hacker attack, and users are advised to promptly revoke contract authorizations. In a tweet on December 17th, Flooring Protoc…

NFT Trader

Sat, 16 Dec 2023 00:00:00 +0000

Old contract reentrancy exploited to drain high-value NFTs

Ledger Connect Kit

Thu, 14 Dec 2023 00:00:00 +0000

the Ledger Connect Kit suffered a supply chain attack, with attackers stealing at least $600,000. The SlowMist security team immediately initiated an analysis of the relevant code and discovered that the attackers imp…

Levana

Wed, 13 Dec 2023 00:00:00 +0000

The perpetual contract on Osmosis, Levana, has been subjected to an attack resulting in a loss exceeding $1.14 million. A post-incident report provided by its team indicates that between December 13th and December 26t…

OKX

Wed, 13 Dec 2023 00:00:00 +0000

According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist’s analysis, it was found that when users exchange, they authorize the TokenApprove contract, and t…

Peapods Finance

Wed, 13 Dec 2023 00:00:00 +0000

On December 13th, Peapods Finance was hacked by white hat hackers due to a reentrancy vulnerability. On December 14th, Peapods Finance tweeted that the hackers returned 90% of the funds. On December 15th, the hacker,…

stoic_DAO

Mon, 11 Dec 2023 00:00:00 +0000

There is a price slippage on project stoic_DAO. 10% of the total Zeta token supply was swapped for ~91 ETH.

Venus Protocol

Mon, 11 Dec 2023 00:00:00 +0000

According to on-chain data, a user deposited 0.5 BNB into Venus and borrowed a series of assets, including stkBNB, ankrBNB, etc. The user then exchanged them for 116.45 ETH assets and transferred them to another accou…

Abattoir of Zir (DIABLO)

Thu, 07 Dec 2023 00:00:00 +0000

Abattoir of Zir (DIABLO) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Time

Thu, 07 Dec 2023 00:00:00 +0000

On December 7, 2023, Time on the ETH were attacked due to a security vulnerability in the thirdweb pre-built smart contracts, which resulted in approximately $190,000 in profits for the attacker.

Xai

Thu, 07 Dec 2023 00:00:00 +0000

Xai, a Layer 3 solution for AAA gaming, has issued an alert for phishing impersonating Xai, where attackers have fraudulently obtained approximately $374 ETH, valued at approximately $845.8K.

Strong Finance (STRONG)

Wed, 06 Dec 2023 00:00:00 +0000

Strong Finance (STRONG) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

CKD Token (CKD)

Tue, 05 Dec 2023 00:00:00 +0000

CKD Token (CKD) on BSC is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

thirdweb

Tue, 05 Dec 2023 00:00:00 +0000

On December 5, 2023, thirdweb, the Web3 base development platform, indicated that a security vulnerability was discovered in pre-built smart contracts. The impacted pre-built contracts include but are not limited to D…

Stargate Snapshot

Mon, 04 Dec 2023 00:00:00 +0000

A Discord Mod on LayerZero has reported that a scammer who introduced a phishing link within a proposal vote on the Stargate Snapshot platform, enticing users to stake $STG tokens. Over 1K users took part in the vote,…

FCN-TRUST (FCN)

Fri, 01 Dec 2023 00:00:00 +0000

The FCN-TRUST (FCN) token On BSC was exploited for over $504k in a flash loan attack. The attack caused the token price to crash by 99%.

MYX Finance (QMYX)

Fri, 01 Dec 2023 00:00:00 +0000

MYX Finance (QMYX) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Aerodrome

Wed, 29 Nov 2023 00:00:00 +0000

Aerodrome tweeted that the frontend is currently compromised, please do not interact with Aerodrome for the time being, the team is investigating.

HOUNAX

Wed, 29 Nov 2023 00:00:00 +0000

Virtual Asset Platform HOUNAX Investigated for Fraud. On November 1, HOUNAX was placed by the Hong Kong Securities and Futures Commission (SFC) on a warning list of “Suspicious Virtual Asset Trading Platforms,” which…

Velodrome

Wed, 29 Nov 2023 00:00:00 +0000

Optimism decentralized trading protocol Velodrome tweeted that the frontend is currently compromised, please do not interact with Velodrome for the time being, the team is investigating. On December 1, Velodrome poste…

AssetClub (ACC)

Tue, 28 Nov 2023 00:00:00 +0000

AssetClub (ACC) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Symbiogenesis (SYSIS)

Tue, 28 Nov 2023 00:00:00 +0000

Symbiogenesis (SYSIS) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Expanso (EXPSO)

Mon, 27 Nov 2023 00:00:00 +0000

Expanso (EXPSO) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

Jewels (JWL)

Fri, 24 Nov 2023 00:00:00 +0000

CJewels (JWL) on ETH is suspected of a rug pull, with the deployer removing substantial liquidity, causing a 100% price decline.

AISurf (AISC)