Topic: DeFi hacks [history] - page 15. (Read 19119 times)
The hacker withdrew 864.8 ETH something more than $3 million from the NFT auction)on the MISO IDO platform of the SushiSwap protocol by introducing malicious code into the external interface of MISO and spoofing the auction address. Chief technical officer SushiSwap Joseph Delong reports on Twitter. Hacker's transaction ID: https://etherscan.io/address/0x3ddd8b6d092df917473680d6c41f80f708c45395#internaltx
AFKSystems 12M $
https://twitter.com/RugDocIO/status/1436440660517793798?s=20
"AFKSystems rug update: stolen funds were eventually sent to"
https://etherscan.io/address/0x56eb4a5f64fa21e13548b95109f42fa08a644628
https://twitter.com/ObeliskOrg/status/1436493898180931588?s=20
:1/18 AFK System Hard Rug Postmortem thread :"
Zabu Finance $3.2M
https://slowmist.medium.com/?p=44243919ea29
"Brief analysis of Zabu Finance being hacked
According to the intelligence of the SlowMist Zone, on September 12, 2021, the Zabu Finance project on Avalanche suffered flashloan attack."
https://twitter.com/zabufinance/status/1436844923483869184
[moderator's note: consecutive posts merged]
https://twitter.com/RugDocIO/status/1436440660517793798?s=20
"AFKSystems rug update: stolen funds were eventually sent to"
https://etherscan.io/address/0x56eb4a5f64fa21e13548b95109f42fa08a644628
https://twitter.com/ObeliskOrg/status/1436493898180931588?s=20
:1/18 AFK System Hard Rug Postmortem thread :"
Zabu Finance $3.2M
https://slowmist.medium.com/?p=44243919ea29
"Brief analysis of Zabu Finance being hacked
According to the intelligence of the SlowMist Zone, on September 12, 2021, the Zabu Finance project on Avalanche suffered flashloan attack."
https://twitter.com/zabufinance/status/1436844923483869184
[moderator's note: consecutive posts merged]
As reported on twitter PeckShield Inc. the hacker behind the attack on Cream Finance returned the funds stolen as a result of the recent attack in the amount of 5152.6 ETH.
So far, the most unfortunate incidents seem to be Rune and Poly, although after Poly, Tether confirmed the refund but defi seems to have been taught a lesson in security to improve than. And I suspect cross-chain bridges are a research point for hackers.
DAO Maker -4M
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
What is wrong with the contract? there must be a solution to avoid such lost. Moreover, it has happened for many times before. I guess they just want to collect investors money without having any responsibility to protect and reserve the funds. Such a disaster. https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
DAO Maker -4M
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
https://twitter.com/TheDaoMaker/status/1433994186446020609
This is the second hack in a month.
https://etherscan.io/address/0x2708cace7b42302af26f1ab896111d87faeff92f#tokentxns
A phishing attack on the issue of tokens of the NFT-project Aurory Project on the Solana blockchain allowed the attacker to withdraw from the wallets of the victims of cryptocurrency and NFT, according to various estimates, from $500,000 to $1.1 million. https://cryptonews.net/en/1635083/
https://decrypt.co/78355/poly-network-hacker-returns-million
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
How convenient to hack platforms for fun, they must not have noticed this is a question of public funds safely and the integrity and trustworthiness of the project in question, it is better they look for other ways of having fun than to mess around with people's investment, I don't see what's funny here especially when the reverse is the case.
Cream Finance-19M
Cream Finance DeFi platform loses $19M in a flash loan hack
https://cointelegraph.com/news/cream-finance-defi-platform-loses-19m-in-a-flash-loan-hack
https://twitter.com/CreamdotFinance/status/1432249771750686721?
"PeckShield specified that the hacker exploited the Amp token by reborrowing assets during its transfer before updating the first to borrow in 17 separate transactions. Providing an example transaction, the security firm stated, “The hacker makes a flashloan of 500 ETH and deposit the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to re-borrow 355 ETH inside $AMP token transfer. Then the hacker self-liquidates the borrow.”"
xToken- 4,5M
"On 29 August at 04:43 UTC, a vulnerability in our xSNX contract was exploited. We estimate the loss to holders at $4.5 million. We are incredibly disappointed in ourselves and deeply sorry to our community."
https://medium.com/xtoken/xsnx-post-mortem-666d35071f38
https://twitter.com/CreamdotFinance/status/1432909465104240641
"At approximately 12pm on 31st August (UTC +8), C.R.E.A.M. Finance was exploited for 462,079,976 in AMP tokens and 2,804.96 ETH tokens.
Stolen tokens will be replaced. We will commit to allocating 20% of all protocol fees toward repayment until this debt is fully paid."
C.R.E.A.M. Finance Post Mortem: AMP Exploit
https://medium.com/cream-finance/c-r-e-a-m-finance-post-mortem-amp-exploit-6ceb20a630c5
[moderator's note: consecutive posts merged]
Cream Finance DeFi platform loses $19M in a flash loan hack
https://cointelegraph.com/news/cream-finance-defi-platform-loses-19m-in-a-flash-loan-hack
https://twitter.com/CreamdotFinance/status/1432249771750686721?
"PeckShield specified that the hacker exploited the Amp token by reborrowing assets during its transfer before updating the first to borrow in 17 separate transactions. Providing an example transaction, the security firm stated, “The hacker makes a flashloan of 500 ETH and deposit the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to re-borrow 355 ETH inside $AMP token transfer. Then the hacker self-liquidates the borrow.”"
xToken- 4,5M
"On 29 August at 04:43 UTC, a vulnerability in our xSNX contract was exploited. We estimate the loss to holders at $4.5 million. We are incredibly disappointed in ourselves and deeply sorry to our community."
https://medium.com/xtoken/xsnx-post-mortem-666d35071f38
https://twitter.com/CreamdotFinance/status/1432909465104240641
"At approximately 12pm on 31st August (UTC +8), C.R.E.A.M. Finance was exploited for 462,079,976 in AMP tokens and 2,804.96 ETH tokens.
Stolen tokens will be replaced. We will commit to allocating 20% of all protocol fees toward repayment until this debt is fully paid."
C.R.E.A.M. Finance Post Mortem: AMP Exploit
https://medium.com/cream-finance/c-r-e-a-m-finance-post-mortem-amp-exploit-6ceb20a630c5
[moderator's note: consecutive posts merged]
The hacker managed to withdraw almost $25 million during the latest flash credit exploit of the Cream Finance protocol using the error of re-entering the AMP token contract. https://cointelegraph.com/news/cream-finance-defi-platform-loses-19m-in-a-flash-loan-hack
Maze Protocol - 4 million US dollars
"The BSC project Maze Protocol was attacked by hackers, and more than 4 million US dollars were suspected to be stolen. Certik also audited and issued a report."
https://twitter.com/WuBlockchain/status/1425970290660544515
"Maze Protocol:The hacker exploited a leak that allowed borrowing assets based on users’ collateral and sending funds directly to the attacker’s address.
The asset pools have been frozen to prevent more attacks. The remaining funds are safe. The website is temporarily shut down."
https://twitter.com/WuBlockchain/status/1425970973900083204
DAO Maker Statement — Thursday, 12th of August
https://medium.com/daomaker/dao-maker-statement-thursday-12th-of-august-2c3bb0d1bb69
https://medium.com/daomaker/dao-maker-compensation-plan-b7a76a312c30
DAO Maker Compensation Plan
"
Phase 1: The SHO Must Go On
500 USDC will be airdropped to all affected users’ wallets without delay.
Phase 2: Remaining 65% Refund & Liquid IOU Tokens
Given that the net exploited amount was $7M, the amount due (after the $2.5M deposit to users’ escrow) equals $4.5M. This $4.5M will be provided to users in exactly one year’s time in the form of DAO tokens at the future market price.
"
https://decrypt.co/78802/ethereum-dex-avoids-350m-defi-hack-thanks-white-hat-heroics
Ethereum DEX Avoids $350M DeFi Hack Thanks to White Hat Heroics: Report
"In brief
SushiSwap’s MISO token sale platform had an exploit that could have been used to steal $350 million worth of Ethereum.
A crypto researcher from VC firm Paradigm says he discovered the exploit yesterday and worked with SushiSwap to neutralize the threat."
https://decrypt.co/79307/polynetwork-make-affected-users-whole-resume-functionality
PolyNetwork to Make Affected Users Whole, Resume Functionality
"Following the record-breaking hack, the crypto project platform is now returning lost funds to affected users."
https://twitter.com/PolyNetwork2/status/1429738587046563841
"Today’s announcement from PolyNetwork appears to close the chapter on the historic heist. Least until the next hack."
[moderator's note: consecutive posts merged]
"The BSC project Maze Protocol was attacked by hackers, and more than 4 million US dollars were suspected to be stolen. Certik also audited and issued a report."
https://twitter.com/WuBlockchain/status/1425970290660544515
"Maze Protocol:The hacker exploited a leak that allowed borrowing assets based on users’ collateral and sending funds directly to the attacker’s address.
The asset pools have been frozen to prevent more attacks. The remaining funds are safe. The website is temporarily shut down."
https://twitter.com/WuBlockchain/status/1425970973900083204
DAO Maker Statement — Thursday, 12th of August
https://medium.com/daomaker/dao-maker-statement-thursday-12th-of-august-2c3bb0d1bb69
DAO Maker Compensation Plan
"
Phase 1: The SHO Must Go On
500 USDC will be airdropped to all affected users’ wallets without delay.
Phase 2: Remaining 65% Refund & Liquid IOU Tokens
Given that the net exploited amount was $7M, the amount due (after the $2.5M deposit to users’ escrow) equals $4.5M. This $4.5M will be provided to users in exactly one year’s time in the form of DAO tokens at the future market price.
"
https://decrypt.co/78802/ethereum-dex-avoids-350m-defi-hack-thanks-white-hat-heroics
Ethereum DEX Avoids $350M DeFi Hack Thanks to White Hat Heroics: Report
"In brief
SushiSwap’s MISO token sale platform had an exploit that could have been used to steal $350 million worth of Ethereum.
A crypto researcher from VC firm Paradigm says he discovered the exploit yesterday and worked with SushiSwap to neutralize the threat."
https://decrypt.co/79307/polynetwork-make-affected-users-whole-resume-functionality
PolyNetwork to Make Affected Users Whole, Resume Functionality
"Following the record-breaking hack, the crypto project platform is now returning lost funds to affected users."
https://twitter.com/PolyNetwork2/status/1429738587046563841
"Today’s announcement from PolyNetwork appears to close the chapter on the historic heist. Least until the next hack."
[moderator's note: consecutive posts merged]
The issue of defi hack is becoming one too many, people are likely going to desist from participating in defi investment. But another angle to all these issues is the lessons that must be learned through all these events. I expect the defi space to be stronger and better as we experiment this laudable idea of decentralized finance!
https://decrypt.co/78355/poly-network-hacker-returns-million
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
I guess they are already rich or they are not really criminals because they cannot pull out this kind of deed, it saves the market from dipping, this kind of news is what makes the market dip and what makes the market grow, I hope criminals will learn from this one, that the whole community will go after them and make them pay if they continue these activities.
https://decrypt.co/78355/poly-network-hacker-returns-million
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
New hack, new post!
DAO Maker Statement — Thursday, 12th of August
https://medium.com/daomaker/dao-maker-statement-thursday-12th-of-august-2c3bb0d1bb69
"The cybercriminal, after tentatively testing this exploit and managing to steal 10,000 USDC, then proceeded to quietly make 15 more transactions.
In this manner, the hacker was able to siphon approximately $7M, until our security team was able to trace, contain and stop the drain of funds. A total of 5251 users were affected, losing $1250 USD on average per user."
[moderator's note: consecutive posts merged]
Poly Network Hacker Returns $342 Million
The largest crypto hack in history might have a happy ending after all as Poly Network sees more than half of the stolen funds returned.
https://decrypt.co/78364/poly-network-hacker-says-exploit-was-just-for-fun
Poly Network Hacker Says Exploit Was Just ‘For Fun’
The Poly Network hacker denies evil intent and says they wanted to teach the project a lesson.
New hack, new post!
DAO Maker Statement — Thursday, 12th of August
https://medium.com/daomaker/dao-maker-statement-thursday-12th-of-august-2c3bb0d1bb69
"The cybercriminal, after tentatively testing this exploit and managing to steal 10,000 USDC, then proceeded to quietly make 15 more transactions.
In this manner, the hacker was able to siphon approximately $7M, until our security team was able to trace, contain and stop the drain of funds. A total of 5251 users were affected, losing $1250 USD on average per user."
[moderator's note: consecutive posts merged]
https://decrypt.co/78270/poly-network-hacker-repays-2-1-million-says-ready-return-fund
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
It was mentioned that the hacker's IP address and other information had been uncovered and maybe this is what scared them into returning those funds. Every centralized exchange will be monitoring their addresses and it would be difficult for them to cash out into fiat.
The hack probably destroys any confidence in Poly Network but at least investors have a chance to recover what they lost.
And the $3 million was frozen by Tether already.
Yeah, I do agree that it destroys Poloy Network face value because of this attack, so it might be hard for their platform to bounce back.
Anyhow, let's hope that the hackers will send back more, if there IP address is exposed, then sooner or later they can be track and identified and arrested.
https://decrypt.co/78270/poly-network-hacker-repays-2-1-million-says-ready-return-fund
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
It was mentioned that the hacker's IP address and other information had been uncovered and maybe this is what scared them into returning those funds. Every centralized exchange will be monitoring their addresses and it would be difficult for them to cash out into fiat.
The hack probably destroys any confidence in Poly Network but at least investors have a chance to recover what they lost.
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
I heard about these comments about the hackers returning the coins, but is it really true that they will be refunding all the coins that they hacked. I really doubt that, if the hackers wanted to help the network they would have done that and asked for a bounty to save the network for good and now the reputation of Poly Network is down the drains and what is the point of all this other than showing off if they really return all the funds."The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
I heard about these comments about the hackers returning the coins, but is it really true that they will be refunding all the coins that they hacked. I really doubt that, if the hackers wanted to help the network they would have done that and asked for a bounty to save the network for good and now the reputation of Poly Network is down the drains and what is the point of all this other than showing off if they really return all the funds. "The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
I just remembered some of these stupid hacks but kucoin was the one that hurts me the most As this mostly happens smart contracts have to be completely changed and team really super it the most and then sometimes or even all the time coins dumps like hell and investors take serious hit...I really hope there is a way for addressing refund or locking user account
https://decrypt.co/78270/poly-network-hacker-repays-2-1-million-says-ready-return-fund
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
Poly Network Hacker Repays Millions, Says ‘Ready to Return the Fund’
"The unknown Poly Network hacker has begun returning funds stolen from yesterday’s record-breaking exploit.
The attacker responsible for yesterday’s $600 million hack of decentralized finance (DeFi) interoperability protocol Poly Network sent nearly $5 million worth of crypto back to the project."
Jump to: