Pages:
Author

Topic: DeFi hacks [history] (Read 19375 times)

legendary
Activity: 1932
Merit: 4602
October 19, 2024, 06:17:01 AM
https://cointelegraph.com/news/crypto-security-firm-ancilia-shares-drainer-link-radiant-hack
"Crypto security firm Ancilia landed itself in hot water after accidentally sharing a link pointing to a crypto wallet drainer in an attempt to aid users who lost funds in a $52 million exploit of lending protocol Radiant Capital.

Radiant Capital users were rushing to revoke permissions to prevent their funds from being stolen after the lending protocol was hacked on Oct. 16. The attackers made off with about $51.5 million in funds.

Pseudonymous crypto commentator Spreek shared a screenshot of Ancilia’s now-deleted post, which re-posted what they said was a “scam link” from an imposter Radiant X account.

Ancilia instructed Radiant Capital users trying to revoke their permissions on the exploited protocol to “please follow the link from this official message.”

The link led to a wallet drainer that would have siphoned the funds of any user who clicked on it and accepted the permissions. "
legendary
Activity: 1932
Merit: 4602
October 02, 2024, 04:10:11 AM
https://beincrypto.com/cyvers-report-hacks-2024/
"Crypto hacks in 2024 have already hit $2.114 billion, surpassing all losses from 2023.
CeFi platforms saw a staggering 984% rise in hacks, while DeFi losses dropped 25%.
Cyvers helped mitigate further damage, highlighting the need for real-time defenses."
legendary
Activity: 1820
Merit: 1121
September 11, 2024, 10:54:54 AM
FBI reports Americans lost $5.6B to cryptocurrency fraud in 2023
The elderly were the most vulnerable, and crypto ATMs have a variety of illicit uses, the report found.
The United States Federal Bureau of Investigation (FBI) Internet Crime Complaint Center has released its cryptocurrency fraud report for 2023. Americans lost $5.6 billion due to cryptocurrency fraud that year, up 45% from 2022, it said. Crypto-related complaints represented 10% of the total received, but almost 50% of the total lost that year, the FBI said.

The report found that of the 69,000 crypto-related complaints the FBI received in 2023, people over 60 were most often victimized, accounting for almost $1.6 billion of the losses. Almost 71% of the crypto fraud was related to investment schemes, and about 10% involved call center fraud and government impersonation scams.

Money stolen through crypto confidence schemes
The FBI received complaints from over 200 countries, but the vast majority of complaints and losses were from the United States. Many of the losses were the result of confidence schemes. The FBI had one main piece of advice to avoid this type of scam:

“There is one thing these scammers typically will not do — they will not meet with you in real life. If an investment opportunity comes from someone who you have never met in person […] be extremely cautious of the advice.”

https://cointelegraph.com/news/fbi-2023-cryptocurrency-fraud-report-americans-lost-5-billion
legendary
Activity: 1932
Merit: 4602
August 03, 2024, 07:58:47 AM
https://x.com/quillaudits_ai/status/1818972595900805421

"July 2024 has seen a jaw-dropping $275.76M drained from the web3 ecosystem through hacks and exit scams!
@WazirXIndia
 tops the list with a colossal $235M loss, while
@lifiprotocol
 and Bittensor aren't far behind, losing $11M and $8M, respectively.

The situation is dire, with smart contract vulnerabilities at the forefront,
@RhoMarketsHQ
 and
@lifiprotocol
 are prime examples.

Adding to the chaos, rug pulls like ETHTrustFund's $2M scam have shaken the community.

While $7.8M in total were recovered, the call for robust Web3 Security has never been more critical."
legendary
Activity: 1932
Merit: 4602
July 02, 2024, 05:17:25 PM
https://www.slowmist.com/report/first-half-of-the-2024-report(EN).pdf
"2.1 Overview of Blockchain Security Incidents
According to incomplete statistics from the SlowMist Hacked, a total of 223 security incidents
occurred in the first half of 2024, resulting in losses as high as $1.43 billion. Compared to the first
half of 2023 (185 incidents with losses of approximately $920 million), this represents an over
50% increase in losses. (Note: This report does not include personal losses in statistics)"
legendary
Activity: 1932
Merit: 4602
May 22, 2024, 08:00:01 AM
https://www.coindesk.com/markets/2024/05/21/gala-games-hacker-returns-23m-in-eth-founder-proposes-buy-and-burn/
"Gala Games Hacker Returns $23M in ETH; Founder Proposes 'Buy and Burn'
Gala investor DWF Labs also said that it had purchased 28 million GALA tokens "to alleviate market selling pressures."

Hacker returned $23 million worth of ether to Gala Games after Monday's exploit.
CEO Eric Schiermeyer said "will probably buy and burn."
Gala investor DWF Labs also said that it had purchased 28 million GALA tokens."
legendary
Activity: 1932
Merit: 4602
May 15, 2024, 07:42:26 AM
https://twitter.com/peckshieldalert/status/1786447590042779855
"#PeckShieldAlert #Phishing A whale 0x1E22...8FD5 lost ~1,155 $WBTC (worth ~$71 million) after falling victim to address poisoning.
The phisher has swapped the stolen $WBTC for ~23K $ETH & transferred them out"


https://twitter.com/PeckShieldAlert/status/1788880553653002311
"#PeckShieldAlert ~50% of the stolen funds (~11,446.87 $ETH worth ~$34.7m) has been returned to the victim's address"






legendary
Activity: 1932
Merit: 4602
May 08, 2024, 08:55:27 AM
https://cointelegraph.com/news/pike-finance-exploited-1-6-million-second-exploit-3-days

Pike Finance
exploited for $1.6M in second incident in 3 days

"Pike Finance has been exploited, resulting in the loss of $1.68 million worth of digital assets. The incident marks the protocol’s second exploit in three days.

Decentralized finance (DeFi) lending protocol Pike Finance suffered a $1.68 million exploit across the Ethereum, Arbitrum and Optimism chains on April 30, according to a report from on-chain analytics firm CertiK, shared with Cointelegraph.

The attacker used a vulnerability in Pike Finance’s smart contract to change the output address, draining the contract of over $1.4 million worth of Ether , $150,000 worth of Optimism (OP) tokens and over $100,000 worth of Arbitrum (ARB) tokens, according to CertiK."

legendary
Activity: 1820
Merit: 1121
April 24, 2024, 07:29:50 AM
Mango Markets Exploiter Avi Eisenberg Found Guilty of Fraud and Manipulation
Eisenberg faces up to 20 years in prison for his $110 million heist.
A Manhattan jury has found crypto trader Avi Eisenberg guilty of fraud and market manipulation for his $110 million heist from decentralized finance protocol Mango Markets in October 2022.
Eisenberg was arrested in Puerto Rico in December 2022 and charged with commodities fraud, commodities manipulation, and wire fraud for the scheme. He will be sentenced on July 29 by New York District Court Judge Arun Subramanian. Eisenberg faces up to 20 years in federal prison for his crimes.
“This ground-breaking prosecution epitomizes this office’s ability to employ innovative methods and cutting-edge law enforcement tools to continue to protect all financial markets," said Damian Williams, U.S. Attorney for the Southern District of New York, in a Thursday press statement. "The career prosecutors of this office continue their expertise in prosecuting financial fraud, one of our core priorities, and would-be financial criminals should think twice before daring to engage in illicit conduct on our watch.”

https://www.coindesk.com/policy/2024/04/18/mango-markets-exploiter-avi-eisenberg-found-guilty-of-fraud-and-manipulation/
legendary
Activity: 1932
Merit: 4602
April 17, 2024, 10:13:55 AM
https://www.msn.com/en-us/money/companies/prosecutors-rest-case-in-mango-markets-fraud-trial/ar-BB1lxgoP
"The government on Friday rested in its case against cryptocurrency trader Avraham Eisenberg, who is facing fraud charges.

Driving the news: Prosecutors presented very strong arguments that the defendant had a good idea he was committing a crime over a year ago, when he managed to extract over $100 million from Mango Markets.

Why it matters: In a fraud case, the government has to not only show that the defendant committed a crime, but that they were aware that what they were doing was against the law.

Catch up fast: Eisenberg is on trial in Federal Court in Manhattan for engaging in a trade where he was able to withdraw all the capital on Solana-based Mango Markets on October 11, 2022, using a derivate of the mango (MNGO) token as collateral.

After inflating the token with strategic purchases on various exchanges, he used the inflated value of a MNGO derivative as collateral to borrow all the available deposits on the platform, over $100 million worth.
Then he withdrew those funds to a wallet he controlled, and let his loan default."

https://www.sec.gov/news/press-release/2023-13
SEC Charges Avraham Eisenberg with Manipulating Mango Markets’ “Governance Token” to Steal $116 Million of Crypto Assets
legendary
Activity: 1820
Merit: 1121
April 10, 2024, 01:33:28 PM
Prisma Finance Hacked; Hacker Demands Apology and Offers to Return $11M

Following a hack of Prisma Finance that caused an $11 million loot from this prominent liquid staking protocol, a hacker in the decentralized finance (defi) division has made some stunning proposals. This person called themselves to be white-hat hackers since they are good ethical hackers who try to find bugs and fix them. Under certain conditions, the money they stole can be returned according to this incident that took place on March 28.

https://www.msn.com/en-us/money/technology/prisma-finance-hacked-hacker-demands-apology-and-offers-to-return-11m/ar-BB1kOp7O
legendary
Activity: 1932
Merit: 4602
April 03, 2024, 05:43:30 AM
https://www.theblock.co/post/284883/web3-gaming-platform-munchables-loses-62-5-million-in-exploit-zachxbt
Web3 gaming platform Munchables loses $62.5 million in exploit: ZachXBT
"Munchables, a web3 gaming platform based on the Ethereum Layer 2 Blast, lost $62.5 million in one of the biggest exploits of the year.
The exploiter’s wallet address contained nearly 17,411 ETH, crypto sleuth ZachXBT found.
Munchables reported that the platform had been compromised on the social media platform X. "

legendary
Activity: 1932
Merit: 4602
March 22, 2024, 09:27:45 AM
https://twitter.com/Cointelegraph/status/1770933644242169997
"The SSS_HQ token faced a near-total value loss after a double-spending flaw was exploited, despite efforts to save funds."

https://twitter.com/Cointelegraph/status/1770941171411386475
"According to @CertiK, this glitch was rooted in the contracts’ _update() function, which failed to accurately update token balances under specific conditions, enabling users to double their $SSS token balance by transferring it to themselves."

legendary
Activity: 1820
Merit: 1121
March 20, 2024, 08:23:28 AM
Binance-Incubated UGC Platform NFPrompt Discloses Significant Losses from Latest Hack
NFPrompt (Non-Fungible Prompt), an AI-powered User Generated Content (UGC) Platform, recently disclosed significant losses resulting from a hack. According to a post on X, NFPrompt revealed that it had fallen victim to cyber intrusion, resulting in the loss of funds from its platform, including a part of NFP treasury and ecosystem fund.
https://www.coinspeaker.com/nfprompt-losses-latest-hack/
legendary
Activity: 1820
Merit: 1121
March 06, 2024, 01:32:05 PM
WOOFi Lost $8 Million in Hack on Its Arbitrum Lending Market

"WOOFi, a decentralized exchange, suffered significant financial losses due to an exploit in its Arbitrum lending market, as revealed by the company on Wednesday.

The exploit, identified by several blockchain security firms, including PeckShield, Hypernative, and Chainalysis, involved flash loan attacks targeting WOOFi Swap on Arbitrum around 15:49 UTC on March 5.
In response, WOOFi swiftly halted the affected contracts at approximately 16:02 UTC and initiated an investigation revealed in a report detailing the incident, which was subsequently released on March 6.

The hacker manipulated the sPMM algorithm, which is responsible for setting prices on Arbitrum-based WOOFiSwaps. This manipulation occurred after borrowing 7.7 million WOO tokens and “some other assets.”

The company stated, “At this point WOOFi’s sPMM incorrectly adjusted WOO to an extreme price which was close to zero, and the exploiter then swapped out 10M WOO in the same transaction with almost no cost. The exploiter repeated this attack 3 times within a very short period of time, which netted about $8.75m in profits after returning the flash loans.”"

https://www.cryptotimes.io/2024/03/06/woofi-lost-8-million-in-hack-on-its-arbitrum-lending-market/
legendary
Activity: 1932
Merit: 4602
March 06, 2024, 06:18:55 AM
https://unchainedcrypto.com/ordizk-team-allegedly-steals-1-4-million-in-exit-scam/
OrdiZK Team Allegedly Steals $1.4 Million in Exit Scam
"The team behind cross-chain bridging protocol OrdiZK appear to have stolen $1.4 million worth of ether from users, after allegedly draining tokens from the project contract and deleting its website and social media accounts."
legendary
Activity: 1820
Merit: 1121
March 02, 2024, 02:32:08 PM
@SenecaUSD exploited for 1,900 $ETH (worth ~$6.5M).
The attacker used constructed calldata parameters to call transferfrom and transfer tokens that were approved to the project's contracts to the attacker's address.
The stolen funds are now held across 3 addresses.
Revoke approvals🔽

https://twitter.com/BeosinAlert/status/1763024503452611038


Dear Whitehat,
Please return the funds to the following Ethereum wallet address: 0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
We are collaborating with third-party security providers and law enforcement to trace the funds and identify recipient wallets. Acting promptly is crucial, so we kindly request that you return the funds as soon as possible to avoid any further legal action.
A 20% bounty may be kept as per whitehat efforts.

https://twitter.com/SenecaUSD/status/1762999045109248461



We're happy to see 80% of funds have been returned.
Transaction link: https://etherscan.io/address/0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
The exploit involved assets held in users' wallets. The exploit didn't involve funds directly deposited into Seneca (Seneca's TVL).
The recovery of funds through a whitehat request was an extremely optimistic scenario.
It's important to note that Seneca's Chamber contract was audited prior to deployment (@HalbornSecurity).

https://twitter.com/SenecaUSD/status/1763181438113865960
legendary
Activity: 1932
Merit: 4602
February 28, 2024, 05:18:19 AM
https://cointelegraph.com/news/microstrategy-x-account-hacked-phishing-scam
"MicroStrategy’s X account hacked, shilling Ethereum token phishing scam
Hackers took over the official MicroStrategy X account, posting a series of malicious links to a fake airdrop for a so-called Ethereum-based MSTR token.
Scam Sniffer said just one user had lost over $420,000 to the phishing scam at approximately 12:43 am UTC, only several minutes after the first malicious link was posted to MicroStrategy’s account on X. "
legendary
Activity: 1708
Merit: 1615
Payment Gateway Allows Recurring Payments
February 23, 2024, 02:56:16 PM
Sky Mavis Co-Founder Jeffrey Zirlin’s wallets hacked for $9.7 million in ETH
Zirlin wrote on X that he had a “tough morning” as two of his addresses were compromised.

Jeffrey Zirlin, co-founder of Sky Mavis that created the Axie Infinity game, said that two of his wallets were hacked on Friday morning Asia time and that Ronin was not affected, according to his X post.

Blockchain security firm PeckShield identified that a “whale wallet” had been compromised with about 3,248 Ether, worth around $9.7 million, withdrawn from the Ronin Bridge and moved to crypto mixer Tornado Cash.

“The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain,” Zirlin said on X. “Additionally, the leaked keys have nothing to do with Sky Mavis operations.”
legendary
Activity: 1932
Merit: 4602
January 25, 2024, 08:32:08 AM
john1010,this is the price of freedom.
___
https://beincrypto.com/gamee-loses-millions-to-hack/
How This Crypto Gaming Project Lost $7 Million to Hackers
Gamee, a subsidiary of Animoca Brands, lost $7 million in a hacking attack involving unauthorized access to its token contracts.
The hackers stole 600 million GMEE tokens, converted them into Ethereum and Polygon, causing a 45% drop in GMEE's price.
In response, Gamee transferred token contracts ownership to a secure address, halted liquidity provisioning, and initiated legal proceedings.
Pages:
Jump to: