Indexed Finance -$16 M
https://ndxfi.medium.com/indexed-attack-post-mortem-b006094f0bdc
"Today Indexed suffered its first hack since its deployment in December, and it was a pretty devastating one. About $16m worth of assets were stolen from the indices DEFI5 and CC10 by 0xba5ed1488be60ba2facc6b66c6d6f0befba22ebe."
Indexed Finance continuation of a story
https://decrypt.co/83681/defi-protocol-indexed-finance-hacked-for-16-million-team-finds-hacker
The project’s members identified the hacker on Friday because he didn't cover his tracks off-chain well enough, Day said. They then gave him an ultimatum: return the funds by midnight on Saturday or else they would contact law enforcement.
https://twitter.com/ndxfi/status/1449373158583279622
"The 10% offer has expired. The attacker has until EOD to return 100% of the stolen funds or his information will be published and law enforcement notified."
https://twitter.com/ndxfi/status/1449594187213680643
"The ultimatum has not been met.
In the minutes before the deadline elapsed,
@ZetaZeroes
made changes to his accounts that have made us realise at the last minute that the attacker is significantly younger than we thought."
https://twitter.com/ZetaZeroes
This address is reported to be involved in a Indexed Finance exploit.
https://etherscan.io/address/0xba5ed1488be60ba2facc6b66c6d6f0befba22ebe
[moderator's note: consecutive posts merged]
Topic: DeFi hacks [history] - page 15. (Read 19555 times)
Something tells me this list is gonna be more populated before the year runs out. The truth is, the way DeFi is run, it is always easy draining funds from it and nobody can stop those malicious actors. The only way it can be curbed is by regulations, and regulations alone. And crypto as a whole is long overdue for that
Cream Finance reports that the project managed to recover 5152.6 ETH stolen on August 31, they managed to identify the hacker with the help of the community, the hacker received 10% of the stolen funds.
In addition to hacking in Defi, there are also scams, for example, the developer of the NFT project Evolved Apes, hiding under the nickname Evil Ape, deleted the site and account, hiding from 797 ETH $2.7 million) of users who were supposed to be used to pay for the work of artists.
https://www.vice.com/en/article/y3dyem/investors-spent-millions-on-evolved-apes-nfts-then-they-got-scammed
[moderator's note: consecutive posts merged]
In addition to hacking in Defi, there are also scams, for example, the developer of the NFT project Evolved Apes, hiding under the nickname Evil Ape, deleted the site and account, hiding from 797 ETH $2.7 million) of users who were supposed to be used to pay for the work of artists.
https://www.vice.com/en/article/y3dyem/investors-spent-millions-on-evolved-apes-nfts-then-they-got-scammed[moderator's note: consecutive posts merged]
Compound bug leaves $80 million in COMP at risk of being misrewarded
https://www.theblockcrypto.com/linked/119086/compound-bug-comp-risk-misreward
"But a new bug contained in the upgraded Comptroller Contract has mistakenly allowed some users to claim as much as about 168,000 COMP tokens already, worth around $50 million.
Robert Leshner, founder of Compound Labs, said in follow-up tweets that the Comptroller contract address "contains a limited quantity of COMP" while the majority of the reward sits in a different Reservoir contract address.
Hence "the impact is bounded, at worst, 280,000 COMP tokens," Leshner said. That is worth about $80 million as of press time.
The Comptroller contract address now has 112,000 COMP tokens left."
https://www.theblockcrypto.com/linked/119086/compound-bug-comp-risk-misreward
"But a new bug contained in the upgraded Comptroller Contract has mistakenly allowed some users to claim as much as about 168,000 COMP tokens already, worth around $50 million.
Robert Leshner, founder of Compound Labs, said in follow-up tweets that the Comptroller contract address "contains a limited quantity of COMP" while the majority of the reward sits in a different Reservoir contract address.
Hence "the impact is bounded, at worst, 280,000 COMP tokens," Leshner said. That is worth about $80 million as of press time.
The Comptroller contract address now has 112,000 COMP tokens left."
It seems that most altcoin project devs are only after making money through projects rather than the safety of investors and the project security cause just in a short span the number of DeFi that was hacked is huge.
If this continues DeFi may lose the trust of crypto market finance enthusiasts.
If this continues DeFi may lose the trust of crypto market finance enthusiasts.
The Vee.Finance landing platform was attacked by an unknown hacker, as a result, the attacker withdrew 8804.7 ETH and 213.93 BTC worth approximately $35 million. https://veefi.medium.com/vee-finance-accident-announcement-5e75ff197da6
All services were suspended. We are investigating the cause, please follow our official accounts for the latest updates reported on the project's twitter.
Combining link information in 1 postAll services were suspended. We are investigating the cause, please follow our official accounts for the latest updates reported on the project's twitter.
VEE FINANCE 8804.7 ETH and 213.93 BTC ( $35M)
21 Sep 2021
https://www.rekt.news/veefinance-rekt/
Exploiter ETH Address: 0xeeee458c3a5eaafcfd68681d405fb55ef80595ba
Exploiter AVAX Address: 0xeeeE458C3a5eaAfcFd68681D405FB55Ef80595BA
"The exploiter’s Ethereum address was funded via TornadoCash in three lots of 10 ETH: ONE, TWO, THREE.
The funds were then bridged to Avalanche, where the attacker swapped 26.999006274904347875 WETH.e for 1,369.708 AVAX via Pangolin."
Didn’t makerdao get hacked at some point?
The Vee.Finance landing platform was attacked by an unknown hacker, as a result, the attacker withdrew 8804.7 ETH and 213.93 BTC worth approximately $35 million. https://veefi.medium.com/vee-finance-accident-announcement-5e75ff197da6
All services were suspended. We are investigating the cause, please follow our official accounts for the latest updates reported on the project's twitter.
All services were suspended. We are investigating the cause, please follow our official accounts for the latest updates reported on the project's twitter.
There is only one defect among them that hurt me, the defi was pancakebunny. I was getting my Yield revenues with bunny, after the hack, the price went down and it hurt me. Defi, I knew that there were too many hacks, there are projects in this list that I have not heard before, a good list has been prepared.
pNetwork - a cross-chain DeFi platform was attacked on Binance Smart Chain, losing 277 bitcoin (over USD 12 million).
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
pNetwork Protocol -$12M
https://decrypt.co/81301/defi-bridging-protocol-pnetwork-suffers-12-million-hack
DeFi Bridging Protocol pNetwork Suffers $12 Million Hack
An unknown hacker has exploited a bug in pNetwork’s codebase to steal 277 Bitcoin from the protocol's bridge on Binance Smart Chain.
pNetwork - a cross-chain DeFi platform was attacked on Binance Smart Chain, losing 277 bitcoin (over USD 12 million).
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
pNetwork Protocol -$12M
https://decrypt.co/81301/defi-bridging-protocol-pnetwork-suffers-12-million-hack
DeFi Bridging Protocol pNetwork Suffers $12 Million Hack
An unknown hacker has exploited a bug in pNetwork’s codebase to steal 277 Bitcoin from the protocol's bridge on Binance Smart Chain.
Uniswap when BZRX launched their IDO but when reading the article the author explained how the guy earned 500k usd but not by hacking but combining defi trading bot. It is very important to give real information people. People think that decentralized finance doesn't have any risks! But it's quite the opposite. It is a new industry, new code, no one has tested for long so be careful. Thank you very much for sharing the important information needed.
pNetwork - a cross-chain DeFi platform was attacked on Binance Smart Chain, losing 277 bitcoin (over USD 12 million).
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
Right after the attack, pNetwork offered a clean bounty of USD 1.5 million if the hacker returned the funds.
The hacker withdrew 864.8 ETH something more than $3 million from the NFT auction)on the MISO IDO platform of the SushiSwap protocol by introducing malicious code into the external interface of MISO and spoofing the auction address. Chief technical officer SushiSwap Joseph Delong reports on Twitter. Hacker's transaction ID: https://etherscan.io/address/0x3ddd8b6d092df917473680d6c41f80f708c45395#internaltx
https://twitter.com/josephdelong/status/1438839165873967107
"100 ETH has been returned to the Sushi multisig. Hoping the attacker sends the rest
https://etherscan.io/tx/0x4bfd68aaaaad03d0dd2d5b9e862e3bc4c7ee90cb85507eb85262e932c8748521"
https://twitter.com/AppletonDave/status/1438854505332764672
https://etherscan.io/tx/0x904e5bcb5ef9cfb19f19afd04849f3b12d17dc347d3e525072fcd139cc08cbdb
https://twitter.com/josephdelong/status/1438861783599652868
"All funds returned"
https://twitter.com/skymoon_gt/status/1438847456377192450
"I think the biggest hackers are the ones taking positions of short in exchanges right at the moment of the incident or right before. Once all funds are returned, check these individuals/groups as well. Probably they make more money that way!"
https://decrypt.co/81120/sushiswaps-token-launchpad-hacked-over-3m-ethereum
SushiSwap’s Token Launchpad Hacked for Over $3M in Ethereum
The hacker withdrew 864.8 ETH something more than $3 million from the NFT auction)on the MISO IDO platform of the SushiSwap protocol by introducing malicious code into the external interface of MISO and spoofing the auction address. Chief technical officer SushiSwap Joseph Delong reports on Twitter. Hacker's transaction ID: https://etherscan.io/address/0x3ddd8b6d092df917473680d6c41f80f708c45395#internaltx
AFKSystems 12M $
https://twitter.com/RugDocIO/status/1436440660517793798?s=20
"AFKSystems rug update: stolen funds were eventually sent to"
https://etherscan.io/address/0x56eb4a5f64fa21e13548b95109f42fa08a644628
https://twitter.com/ObeliskOrg/status/1436493898180931588?s=20
:1/18 AFK System Hard Rug Postmortem thread :"
Zabu Finance $3.2M
https://slowmist.medium.com/?p=44243919ea29
"Brief analysis of Zabu Finance being hacked
According to the intelligence of the SlowMist Zone, on September 12, 2021, the Zabu Finance project on Avalanche suffered flashloan attack."
https://twitter.com/zabufinance/status/1436844923483869184
[moderator's note: consecutive posts merged]
https://twitter.com/RugDocIO/status/1436440660517793798?s=20
"AFKSystems rug update: stolen funds were eventually sent to"
https://etherscan.io/address/0x56eb4a5f64fa21e13548b95109f42fa08a644628
https://twitter.com/ObeliskOrg/status/1436493898180931588?s=20
:1/18 AFK System Hard Rug Postmortem thread :"
Zabu Finance $3.2M
https://slowmist.medium.com/?p=44243919ea29
"Brief analysis of Zabu Finance being hacked
According to the intelligence of the SlowMist Zone, on September 12, 2021, the Zabu Finance project on Avalanche suffered flashloan attack."
https://twitter.com/zabufinance/status/1436844923483869184
[moderator's note: consecutive posts merged]
As reported on twitter PeckShield Inc. the hacker behind the attack on Cream Finance returned the funds stolen as a result of the recent attack in the amount of 5152.6 ETH.
So far, the most unfortunate incidents seem to be Rune and Poly, although after Poly, Tether confirmed the refund but defi seems to have been taught a lesson in security to improve than. And I suspect cross-chain bridges are a research point for hackers.
DAO Maker -4M
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
What is wrong with the contract? there must be a solution to avoid such lost. Moreover, it has happened for many times before. I guess they just want to collect investors money without having any responsibility to protect and reserve the funds. Such a disaster. https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
DAO Maker -4M
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
Jump to: