@zasad@. Another the first Defi hack of the year for you to tally for 2021 hehehe. You have to assume that the development teams have fixed all the bugs from their systems. However, no. The hackings continue.
Yearn developer banteg, one of the administrators of the DeFi project's website, followed with a few more details: "Yearn DAI v1 vault got exploited, the attacker got away with $2.8m, the vault lost $11m. Deposits into strategies disabled for v1 DAI, TUSD, USDC, USDT vaults while we investigate."
Source https://decrypt.co/56659/14-million-gone-in-yearn-finance-exploit
Topic: DeFi hacks [history] - page 19. (Read 19521 times)
To be honest, I thought that the last hacked Defi project in 2010 would be Warp Finance.
I think you made a typo, what do you mean 2020 ? :VBut I was wrong and we still have 3 days 
I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
Considering the list on the OP, it is too much to know for the fact that the defi project is simply not safe from hacking cases. Of course it will be very detrimental and i also hope that next year the case can go down.I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
thanks, I corrected the typo.
Dforce return $ 25 million back !!!
https://twitter.com/lawmaster/status/1252483198115774464?
Hack Prevention
https://decrypt.co/32720/a-cryptocurrency-bug-put-545000-of-defi-funds-at-risk
bZx protocol. Refund 8,000,000 $
https://twitter.com/bZxHQ/status/1305496675474006017
$ 10 Million Ethereum Vulnerability Patched by Whitehat Hacker
https://fullycrypto.com/10-million-ethereum-vulnerability-patched-by-whitehat-hacker
Warp Finance 75% refunded.
https://forklog.com/razrabotchiki-warp-finance-vernuli-75-iz-ukradennyh-7-7-mln/
The defi ecosystem is much better than the management system of centralized exchanges. Everything is clear and transparent here.
This really makes me decide if I'm going to invest to DeFi projects by just looking at the list you will really know how DeFi projects can scam participants.
Well this list really helps me a lot not to look more into DeFi projects.
Well this list really helps me a lot not to look more into DeFi projects.
To be honest, I thought that the last hacked Defi project in 2010 would be Warp Finance.
I think you made a typo, what do you mean 2020 ? :VBut I was wrong and we still have 3 days
I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
Considering the list on the OP, it is too much to know for the fact that the defi project is simply not safe from hacking cases. Of course it will be very detrimental and i also hope that next year the case can go down. I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
casperBGD, thanks, you got me on, the first post was updated. To be honest, I thought that the last hacked Defi project in 2020 would be Warp Finance.
But I was wrong and we still have 3 days
I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
But I was wrong and we still have 3 days
I will keep an eye on the hacking of Defi projects next year, I hope there will be less bad news.
https://www.theblockcrypto.com/post/89368/defi-protocol-cover-exploited-attackers-minted-at-least-40-quintillion-tokens
there is another one, Cover smart contract is exploited for $40 quintillion tokens, and attacker already cashed-out $5 million from the protocol, Binance stopped deposit and price is down 76% at the moment
https://www.coingecko.com/en/coins/cover-protocol
Cover merged with YFI earlier, but Yearn.Finance does not seem under pressure due to exploit, it is flat at the moment
https://www.coingecko.com/en/coins/yearn-finance
https://medium.com/iearn/yearn-cover-merger-651142828c45
there is another one, Cover smart contract is exploited for $40 quintillion tokens, and attacker already cashed-out $5 million from the protocol, Binance stopped deposit and price is down 76% at the moment
https://www.coingecko.com/en/coins/cover-protocol
Cover merged with YFI earlier, but Yearn.Finance does not seem under pressure due to exploit, it is flat at the moment
https://www.coingecko.com/en/coins/yearn-finance
https://medium.com/iearn/yearn-cover-merger-651142828c45
The very appearance of DEFI inspired people to really hope for development. But as it is now clear, there is a huge field of activity for scammers, you can create a site very quickly, where it is difficult to find the team composition and contacts. Because of this hype, many do not even pay attention to it and blindly give their money. It turns out that one working project immediately appears a bunch of scammers.
Decentralized Finance in the event of a hack, you have no one to complain to, and this is probably the main reason why I do not use DEFI to the full.
Well said, it's the perfect place for scammers to roam about without any fear of getting caught in the process, it's why I feel unreliable on any DeFi projects, I invested in few strong ones like ChainLink but most new DeFi projects are not safe How can we know if the developers of Defi are not the same group of people?
@zasad@. Another one for your list hehe. You should add all the losses from the Defi hacks and post how much the total losses are for 2020. We can compare 2020's total with next year's total.
Decentralized finance (DeFi) lending protocol Warp Finance has experienced a flash loan attack that resulted in a loss of $7.7 million worth of stablecoins.
Warp said the attack essentially allowed one user to borrow more funds than their collateral value, resulting in a loss for other users or lenders. Flash loans allow users to borrow funds without collateralization, provided the funds are repaid within a single blockchain transaction.
Source https://www.theblockcrypto.com/linked/88415/defi-warp-finance-attacked-lost-7-7-million-stablecoins
Thank you. I updated the first post.@zasad@. Another one for your list hehe. You should add all the losses from the Defi hacks and post how much the total losses are for 2020. We can compare 2020's total with next year's total.
Decentralized finance (DeFi) lending protocol Warp Finance has experienced a flash loan attack that resulted in a loss of $7.7 million worth of stablecoins.
Warp said the attack essentially allowed one user to borrow more funds than their collateral value, resulting in a loss for other users or lenders. Flash loans allow users to borrow funds without collateralization, provided the funds are repaid within a single blockchain transaction.
Source https://www.theblockcrypto.com/linked/88415/defi-warp-finance-attacked-lost-7-7-million-stablecoins
the hacker returned 75% of the coins
https://twitter.com/warpfinance/status/1340484565090119683?
"On December 20th, 2020 at 0216 UTC we successfully recovered the loan collateral from the exploit, in the form of ETH/DAI-LP tokens. The value is approximately $5.85m, which is ~75% of the $7.76m lost funds."
I do not think that developers are hacking their projects
The rate at which platforms are getting hacked in crypto is quite alarming, and this happens especially when there are types of products being released, if it’s not hack then it’s going to be scammers.
These are serious problems and will be discouraging a lot of people, although the market still seems to be growing despite everything, but that doesn’t mean that all these things that has been happening should be neglected. They shouldn’t be neglected at all, I think that the new devs should always learn a lesson from those that came before them and look into how they can create something more secure, but they never do, it seems like their interest is more on the money.
These are serious problems and will be discouraging a lot of people, although the market still seems to be growing despite everything, but that doesn’t mean that all these things that has been happening should be neglected. They shouldn’t be neglected at all, I think that the new devs should always learn a lesson from those that came before them and look into how they can create something more secure, but they never do, it seems like their interest is more on the money.
@Shallow. This might be either be the developers of Defi are incompetent fools or they are themselves the hackers of their own Defi projects. After what we have witnessed here in the cryptospace, it would not be shocking if hacking own project is the new for of exit scam.
Just in one year and all these DeFi projects has been hacked, is this the future or revolution they promised? Is there a big flaw on Defi concept? Or it is right to say, some of these developers do not have the appropriate skills and experience to develop and manage a Defi project, meaning they just leveraged the hype to create their own projects and make money. To be frank, when I see or hear people saying they can't hold new tokens for a long term, I don't really blame them, because it is clear a very good number of new project's team are not ready for any kind of revolutionary development, but to make money.
On a more serious note, with the high number of DeFi hacks, which doesn't look like it is slowing down anytime soon, one need to be careful of the type of funds in invests in them; who even knows what will happen to most of them next year or as time goes on.
On a more serious note, with the high number of DeFi hacks, which doesn't look like it is slowing down anytime soon, one need to be careful of the type of funds in invests in them; who even knows what will happen to most of them next year or as time goes on.
How can we know if the developers of Defi are not the same group of people?
@zasad@. Another one for your list hehe. You should add all the losses from the Defi hacks and post how much the total losses are for 2020. We can compare 2020's total with next year's total.
Decentralized finance (DeFi) lending protocol Warp Finance has experienced a flash loan attack that resulted in a loss of $7.7 million worth of stablecoins.
Warp said the attack essentially allowed one user to borrow more funds than their collateral value, resulting in a loss for other users or lenders. Flash loans allow users to borrow funds without collateralization, provided the funds are repaid within a single blockchain transaction.
Source https://www.theblockcrypto.com/linked/88415/defi-warp-finance-attacked-lost-7-7-million-stablecoins
@zasad@. Another one for your list hehe. You should add all the losses from the Defi hacks and post how much the total losses are for 2020. We can compare 2020's total with next year's total.
Decentralized finance (DeFi) lending protocol Warp Finance has experienced a flash loan attack that resulted in a loss of $7.7 million worth of stablecoins.
Warp said the attack essentially allowed one user to borrow more funds than their collateral value, resulting in a loss for other users or lenders. Flash loans allow users to borrow funds without collateralization, provided the funds are repaid within a single blockchain transaction.
Source https://www.theblockcrypto.com/linked/88415/defi-warp-finance-attacked-lost-7-7-million-stablecoins
The CEO of decentralized finance (DeFi) insurer Nexus Mutual has lost the equivalent to over $8 million in a targeted attack, the firm disclosed Monday.
https://www.coindesk.com/ceo-of-defi-insurer-nexus-mutual-hacked-for-8m-in-nxm-tokens
"A total of 370,000 of the project’s native NXM tokens were drained from Hugh Karp’s address to one owned by the attacker at 09:40 am UTC, according to data source etherscan.io. The transaction cost 0.00429472 ETH (ETH, -0.72%), or $2.49.
Some of the stolen funds have been transferred via decentralized exchange aggregator 1inch.exchange. “We welcome any assistance to stop the funds, which will likely move quickly,” Nexus said.
"
https://etherscan.io/tx/0x4ddcc21c6de13b3cf472c8d4cdafd80593e0fc286c67ea144a76dbeddb7f3629
https://www.coindesk.com/ceo-of-defi-insurer-nexus-mutual-hacked-for-8m-in-nxm-tokens
"A total of 370,000 of the project’s native NXM tokens were drained from Hugh Karp’s address to one owned by the attacker at 09:40 am UTC, according to data source etherscan.io. The transaction cost 0.00429472 ETH (ETH, -0.72%), or $2.49.
Some of the stolen funds have been transferred via decentralized exchange aggregator 1inch.exchange. “We welcome any assistance to stop the funds, which will likely move quickly,” Nexus said.
"
https://etherscan.io/tx/0x4ddcc21c6de13b3cf472c8d4cdafd80593e0fc286c67ea144a76dbeddb7f3629
This is why I'm skeptical to DeFi projects even though not all DeFi projects are scam still a lot of them turns out to be a scam one. Until now I'm not sure which project I should invest and which one I should avoid.
Most of these are mainly flash loan hack which is on price manipulation
Pickle got exploit today too
However it is not because of price manipulation but contract code exploit
Tbh Defi still had a long way to go because since everything is decentralized, it can't be reverse/pause, which is a heaven for hackers/exploiter
Because if they are capable, they can just take everything
Thus if you invested in similar project, kindly be careful with your funds
Pickle got exploit today too
However it is not because of price manipulation but contract code exploit
Tbh Defi still had a long way to go because since everything is decentralized, it can't be reverse/pause, which is a heaven for hackers/exploiter
Because if they are capable, they can just take everything
Thus if you invested in similar project, kindly be careful with your funds
I like that Dforce was returning the hacked money back to the investors because $25 Million is very big loss indeed.
However, as long as the hacking events exists in crypto, im afraid people will be more reluctant to spend their money on crypto.
That being said, some new real DeFi projects should be created so we can show them that cryptocurrency really brings profit for investors.
However, as long as the hacking events exists in crypto, im afraid people will be more reluctant to spend their money on crypto.
That being said, some new real DeFi projects should be created so we can show them that cryptocurrency really brings profit for investors.
https://decrypt.co/49149/pickle-finance-hack
"DeFi Protocol Pickle Finance Hacked For $20 MillionSomeone drained the DeFi protocol’s cDAI jar.
Pickle Finance, a DeFi protocol, was hacked to the tune of almost $20 million.
The hackers’ approach is still unknown, though some analysts are saying it doesn’t resemble a typical flash loan attack."
https://twitter.com/emilianobonassi/status/1330239233538318339
"The coffers of Pickle Finance, a decentralized finance (DeFi) protocol with a native token that looks suspiciously like Pickle Rick, of Rick and Morty fame, were drained today of $20 million in what appears to be a hack.
Pickle Finance shifts investors’ money around different DeFi protocols to maximise returns, a little like a traditional robo-advisor. "
"DeFi Protocol Pickle Finance Hacked For $20 MillionSomeone drained the DeFi protocol’s cDAI jar.
Pickle Finance, a DeFi protocol, was hacked to the tune of almost $20 million.
The hackers’ approach is still unknown, though some analysts are saying it doesn’t resemble a typical flash loan attack."
https://twitter.com/emilianobonassi/status/1330239233538318339
"The coffers of Pickle Finance, a decentralized finance (DeFi) protocol with a native token that looks suspiciously like Pickle Rick, of Rick and Morty fame, were drained today of $20 million in what appears to be a hack.
Pickle Finance shifts investors’ money around different DeFi protocols to maximise returns, a little like a traditional robo-advisor. "
The development teams from these Defi projects might not know how to cashout from their creation without making it appear that they are dumping. It would not be surprising if the hacks and the thefts on their projects were done by themselves as a form of exit scam.
In any case, another one was hacked.
Origin Protocol co-founder Matthew Liu on Monday night confirmed an attack on the Origin Dollar (OUSD) vault.
"The team is all-hands on deck attempting to figure out what vulnerability was exploited and how the hacker was able to access users’ deposits," he wrote.
Though the exact exploit—some form of flash attack—isn't yet known, the Origin team estimated $7 million—a combination of ETH and DAI stablecoin—had been taken
Source https://decrypt.co/48478/ethereum-based-origin-dollar-hacked-for-estimated-7-million
In any case, another one was hacked.
Origin Protocol co-founder Matthew Liu on Monday night confirmed an attack on the Origin Dollar (OUSD) vault.
"The team is all-hands on deck attempting to figure out what vulnerability was exploited and how the hacker was able to access users’ deposits," he wrote.
Though the exact exploit—some form of flash attack—isn't yet known, the Origin team estimated $7 million—a combination of ETH and DAI stablecoin—had been taken
Source https://decrypt.co/48478/ethereum-based-origin-dollar-hacked-for-estimated-7-million
https://akropolis.substack.com/p/delphi-savings-pool-exploit
"At ~14:36 GMT we noticed a discrepancy in the APYs of our stablecoin pools and identified that ~2.0mn DAI had been drained out of the yCurve and sUSD pools.
These pools had been audited by two independent firms, however, the attack vectors used in the exploit were not identified in either audit. The essence of the exploit in question is a combination of a re-entrancy attack with dYdX flash loan origination.
The Akropolis team is currently working through a number of security procedures. The majority of funds on Akropolis are safe. Here is the current status:
Affected Pools:
YCurve and sUSD pools were drained of ~DAI 2.0mn
The stolen funds are currently held in this wallet: https://etherscan.io/address/0x9f26ae5cd245bfeeb5926d61497550f79d9c6c1c"
https://twitter.com/akropolisio/status/1326962438365966356
"At ~14:36 GMT we noticed a discrepancy in the APYs of our stablecoin pools and identified that ~2.0mn DAI had been drained out of the yCurve and sUSD pools.
These pools had been audited by two independent firms, however, the attack vectors used in the exploit were not identified in either audit. The essence of the exploit in question is a combination of a re-entrancy attack with dYdX flash loan origination.
The Akropolis team is currently working through a number of security procedures. The majority of funds on Akropolis are safe. Here is the current status:
Affected Pools:
YCurve and sUSD pools were drained of ~DAI 2.0mn
The stolen funds are currently held in this wallet: https://etherscan.io/address/0x9f26ae5cd245bfeeb5926d61497550f79d9c6c1c"
https://twitter.com/akropolisio/status/1326962438365966356
Jump to: