Binance-Incubated UGC Platform NFPrompt Discloses Significant Losses from Latest Hack
NFPrompt (Non-Fungible Prompt), an AI-powered User Generated Content (UGC) Platform, recently disclosed significant losses resulting from a hack. According to a post on X, NFPrompt revealed that it had fallen victim to cyber intrusion, resulting in the loss of funds from its platform, including a part of NFP treasury and ecosystem fund.
https://www.coinspeaker.com/nfprompt-losses-latest-hack/
Topic: DeFi hacks [history] - page 2. (Read 19555 times)
WOOFi Lost $8 Million in Hack on Its Arbitrum Lending Market
"WOOFi, a decentralized exchange, suffered significant financial losses due to an exploit in its Arbitrum lending market, as revealed by the company on Wednesday.
The exploit, identified by several blockchain security firms, including PeckShield, Hypernative, and Chainalysis, involved flash loan attacks targeting WOOFi Swap on Arbitrum around 15:49 UTC on March 5.
In response, WOOFi swiftly halted the affected contracts at approximately 16:02 UTC and initiated an investigation revealed in a report detailing the incident, which was subsequently released on March 6.
The hacker manipulated the sPMM algorithm, which is responsible for setting prices on Arbitrum-based WOOFiSwaps. This manipulation occurred after borrowing 7.7 million WOO tokens and “some other assets.”
The company stated, “At this point WOOFi’s sPMM incorrectly adjusted WOO to an extreme price which was close to zero, and the exploiter then swapped out 10M WOO in the same transaction with almost no cost. The exploiter repeated this attack 3 times within a very short period of time, which netted about $8.75m in profits after returning the flash loans.”"
https://www.cryptotimes.io/2024/03/06/woofi-lost-8-million-in-hack-on-its-arbitrum-lending-market/
"WOOFi, a decentralized exchange, suffered significant financial losses due to an exploit in its Arbitrum lending market, as revealed by the company on Wednesday.
The exploit, identified by several blockchain security firms, including PeckShield, Hypernative, and Chainalysis, involved flash loan attacks targeting WOOFi Swap on Arbitrum around 15:49 UTC on March 5.
In response, WOOFi swiftly halted the affected contracts at approximately 16:02 UTC and initiated an investigation revealed in a report detailing the incident, which was subsequently released on March 6.
The hacker manipulated the sPMM algorithm, which is responsible for setting prices on Arbitrum-based WOOFiSwaps. This manipulation occurred after borrowing 7.7 million WOO tokens and “some other assets.”
The company stated, “At this point WOOFi’s sPMM incorrectly adjusted WOO to an extreme price which was close to zero, and the exploiter then swapped out 10M WOO in the same transaction with almost no cost. The exploiter repeated this attack 3 times within a very short period of time, which netted about $8.75m in profits after returning the flash loans.”"
https://www.cryptotimes.io/2024/03/06/woofi-lost-8-million-in-hack-on-its-arbitrum-lending-market/
https://unchainedcrypto.com/ordizk-team-allegedly-steals-1-4-million-in-exit-scam/
OrdiZK Team Allegedly Steals $1.4 Million in Exit Scam
"The team behind cross-chain bridging protocol OrdiZK appear to have stolen $1.4 million worth of ether from users, after allegedly draining tokens from the project contract and deleting its website and social media accounts."
OrdiZK Team Allegedly Steals $1.4 Million in Exit Scam
"The team behind cross-chain bridging protocol OrdiZK appear to have stolen $1.4 million worth of ether from users, after allegedly draining tokens from the project contract and deleting its website and social media accounts."
@SenecaUSD exploited for 1,900 $ETH (worth ~$6.5M).
The attacker used constructed calldata parameters to call transferfrom and transfer tokens that were approved to the project's contracts to the attacker's address.
The stolen funds are now held across 3 addresses.
Revoke approvals🔽
https://twitter.com/BeosinAlert/status/1763024503452611038
Dear Whitehat,
Please return the funds to the following Ethereum wallet address: 0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
We are collaborating with third-party security providers and law enforcement to trace the funds and identify recipient wallets. Acting promptly is crucial, so we kindly request that you return the funds as soon as possible to avoid any further legal action.
A 20% bounty may be kept as per whitehat efforts.
https://twitter.com/SenecaUSD/status/1762999045109248461
We're happy to see 80% of funds have been returned.
Transaction link: https://etherscan.io/address/0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
The exploit involved assets held in users' wallets. The exploit didn't involve funds directly deposited into Seneca (Seneca's TVL).
The recovery of funds through a whitehat request was an extremely optimistic scenario.
It's important to note that Seneca's Chamber contract was audited prior to deployment (@HalbornSecurity).
https://twitter.com/SenecaUSD/status/1763181438113865960
The attacker used constructed calldata parameters to call transferfrom and transfer tokens that were approved to the project's contracts to the attacker's address.
The stolen funds are now held across 3 addresses.
Revoke approvals🔽
https://twitter.com/BeosinAlert/status/1763024503452611038
Dear Whitehat,
Please return the funds to the following Ethereum wallet address: 0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
We are collaborating with third-party security providers and law enforcement to trace the funds and identify recipient wallets. Acting promptly is crucial, so we kindly request that you return the funds as soon as possible to avoid any further legal action.
A 20% bounty may be kept as per whitehat efforts.
https://twitter.com/SenecaUSD/status/1762999045109248461
We're happy to see 80% of funds have been returned.
Transaction link: https://etherscan.io/address/0xb7aF0Aa318706D94469d8d851015F9Aa12D9c53a
The exploit involved assets held in users' wallets. The exploit didn't involve funds directly deposited into Seneca (Seneca's TVL).
The recovery of funds through a whitehat request was an extremely optimistic scenario.
It's important to note that Seneca's Chamber contract was audited prior to deployment (@HalbornSecurity).
https://twitter.com/SenecaUSD/status/1763181438113865960
https://cointelegraph.com/news/microstrategy-x-account-hacked-phishing-scam
"MicroStrategy’s X account hacked, shilling Ethereum token phishing scam
Hackers took over the official MicroStrategy X account, posting a series of malicious links to a fake airdrop for a so-called Ethereum-based MSTR token.
Scam Sniffer said just one user had lost over $420,000 to the phishing scam at approximately 12:43 am UTC, only several minutes after the first malicious link was posted to MicroStrategy’s account on X. "
"MicroStrategy’s X account hacked, shilling Ethereum token phishing scam
Hackers took over the official MicroStrategy X account, posting a series of malicious links to a fake airdrop for a so-called Ethereum-based MSTR token.
Scam Sniffer said just one user had lost over $420,000 to the phishing scam at approximately 12:43 am UTC, only several minutes after the first malicious link was posted to MicroStrategy’s account on X. "
Sky Mavis Co-Founder Jeffrey Zirlin’s wallets hacked for $9.7 million in ETH
Zirlin wrote on X that he had a “tough morning” as two of his addresses were compromised.
Jeffrey Zirlin, co-founder of Sky Mavis that created the Axie Infinity game, said that two of his wallets were hacked on Friday morning Asia time and that Ronin was not affected, according to his X post.
Blockchain security firm PeckShield identified that a “whale wallet” had been compromised with about 3,248 Ether, worth around $9.7 million, withdrawn from the Ronin Bridge and moved to crypto mixer Tornado Cash.
“The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain,” Zirlin said on X. “Additionally, the leaked keys have nothing to do with Sky Mavis operations.”
Zirlin wrote on X that he had a “tough morning” as two of his addresses were compromised.
Jeffrey Zirlin, co-founder of Sky Mavis that created the Axie Infinity game, said that two of his wallets were hacked on Friday morning Asia time and that Ronin was not affected, according to his X post.
Blockchain security firm PeckShield identified that a “whale wallet” had been compromised with about 3,248 Ether, worth around $9.7 million, withdrawn from the Ronin Bridge and moved to crypto mixer Tornado Cash.
“The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain,” Zirlin said on X. “Additionally, the leaked keys have nothing to do with Sky Mavis operations.”
john1010,this is the price of freedom.
___
https://beincrypto.com/gamee-loses-millions-to-hack/
How This Crypto Gaming Project Lost $7 Million to Hackers
Gamee, a subsidiary of Animoca Brands, lost $7 million in a hacking attack involving unauthorized access to its token contracts.
The hackers stole 600 million GMEE tokens, converted them into Ethereum and Polygon, causing a 45% drop in GMEE's price.
In response, Gamee transferred token contracts ownership to a secure address, halted liquidity provisioning, and initiated legal proceedings.
___
https://beincrypto.com/gamee-loses-millions-to-hack/
How This Crypto Gaming Project Lost $7 Million to Hackers
Gamee, a subsidiary of Animoca Brands, lost $7 million in a hacking attack involving unauthorized access to its token contracts.
The hackers stole 600 million GMEE tokens, converted them into Ethereum and Polygon, causing a 45% drop in GMEE's price.
In response, Gamee transferred token contracts ownership to a secure address, halted liquidity provisioning, and initiated legal proceedings.
Observing the numerous incidents you've shared within the DeFi space, it's evident that security remains a significant challenge. The frequency and scale of these hacks highlight the vulnerabilities inherent in the current decentralized financial ecosystem. As the space continues to evolve, addressing these security concerns and implementing robust measures to safeguard users' funds will be crucial for the sustained growth and adoption of DeFi. The community's response and ability to learn from these incidents will play a pivotal role in shaping a more secure and resilient decentralized financial landscape.
DeFi protocol Concentric.fi suffered a hacker attack and lost approximately US$1.6 million, reminding not to interact for now
CertiK Alert monitors that the DeFi protocol Concentric Finance platform built based on the Camelot v3 protocol has been attacked by vulnerabilities, and the initial loss is estimated to be US$1.6 million. Concentric Finance reminds you not to interact with this protocol for the time being.
https://www.coinlive.com/news-flash/424934
CertiK Alert monitors that the DeFi protocol Concentric Finance platform built based on the Camelot v3 protocol has been attacked by vulnerabilities, and the initial loss is estimated to be US$1.6 million. Concentric Finance reminds you not to interact with this protocol for the time being.
https://www.coinlive.com/news-flash/424934
https://coingape.com/socket-loses-3-3-million-in-hack-due-to-input-validation-flaw/
Socket Loses $3.3 Million in Hack Due to Input Validation Flaw
"Blockchain interoperability protocol Socket reported a security breach on Tuesday that resulted in over $3.3 million in losses. The incident impacted wallets that had granted infinite approvals to Socket contracts. It was attributed to a vulnerability in user input validation.
The exploit was linked to a specific route in the system that had been added just three days before the attack. As per blockchain security firm PeckShield, the problematic route has since been deactivated to prevent further misuse."
Socket Loses $3.3 Million in Hack Due to Input Validation Flaw
"Blockchain interoperability protocol Socket reported a security breach on Tuesday that resulted in over $3.3 million in losses. The incident impacted wallets that had granted infinite approvals to Socket contracts. It was attributed to a vulnerability in user input validation.
The exploit was linked to a specific route in the system that had been added just three days before the attack. As per blockchain security firm PeckShield, the problematic route has since been deactivated to prevent further misuse."
Great topic, love this list! Thanks
I hope DeFi will have less and less of those as DEX improves.
I hope DeFi will have less and less of those as DEX improves.
First hack in 2024
https://ambcrypto.com/radiant-capital-falls-prey-to-this-security-hack-details-here/
Radiant Capital falls prey to this security hack.
"Radiant Capital faced a cyber attack, resulting in a loss of over $4.4 million.
The breach prompts a temporary pause, leading to a decline in sentiment for both Radiant Capital and Arbitrum.
Radiant Capital [RDNT] is a platform that seeks to unify fragmented liquidity across various lending protocols and chains in the decentralized finance (DeFi) space. However, recent events have cast a shadow on its integrity as the platform fell victim to a malicious attack."
https://ambcrypto.com/radiant-capital-falls-prey-to-this-security-hack-details-here/
Radiant Capital falls prey to this security hack.
"Radiant Capital faced a cyber attack, resulting in a loss of over $4.4 million.
The breach prompts a temporary pause, leading to a decline in sentiment for both Radiant Capital and Arbitrum.
Radiant Capital [RDNT] is a platform that seeks to unify fragmented liquidity across various lending protocols and chains in the decentralized finance (DeFi) space. However, recent events have cast a shadow on its integrity as the platform fell victim to a malicious attack."
Levana Protocol, a platform known for its blockchain-based perpetual futures swap protocol, has fallen victim to a devastating crypto hack.
The exploit led to the loss of more than $1 million worth of cryptocurrency tokens from Levana's liquidity pools. This incident highlights the growing challenges blockchain platforms face in ensuring the security of user funds and the need for robust security measures.
https://www.econotimes.com/Blockchain-Based-Levana-Protocol-Falls-Victim-to-1-Million-Crypto-Hack-1668721
The exploit led to the loss of more than $1 million worth of cryptocurrency tokens from Levana's liquidity pools. This incident highlights the growing challenges blockchain platforms face in ensuring the security of user funds and the need for robust security measures.
https://www.econotimes.com/Blockchain-Based-Levana-Protocol-Falls-Victim-to-1-Million-Crypto-Hack-1668721
https://www.theblock.co/post/269809/orbit-chains-bridge-reportedly-hacked-for-81-5-million
Orbit Chain's bridge reportedly hacked for $81.5 million
"Orbit Chain’s cross-chain bridge has reportedly been hacked for $81.5 million in cryptocurrencies and stablecoins.
The exact nature of the hack is unknown.
Orbit Bridge, a cross-chain bridge protocol, has seen unusual outflows of $81.5 million in several cryptocurrencies in what appears to be a major hack.
In five separate transactions, each to a fresh wallet, the Orbit Bridge sent $50 million in stablecoins (30 million Tether, 10 million DAI, and 10 million USDC), 231 wBTC (about $10 million), and 9,500 eth (about $21.5 million). The hack was first noticed by X user Kgjr. "
Orbit Chain's bridge reportedly hacked for $81.5 million
"Orbit Chain’s cross-chain bridge has reportedly been hacked for $81.5 million in cryptocurrencies and stablecoins.
The exact nature of the hack is unknown.
Orbit Bridge, a cross-chain bridge protocol, has seen unusual outflows of $81.5 million in several cryptocurrencies in what appears to be a major hack.
In five separate transactions, each to a fresh wallet, the Orbit Bridge sent $50 million in stablecoins (30 million Tether, 10 million DAI, and 10 million USDC), 231 wBTC (about $10 million), and 9,500 eth (about $21.5 million). The hack was first noticed by X user Kgjr. "
Scammers stole $880k via fake Discord server for Across Protocol
Crypto sleuth ZachXBT warned in a Telegram channel that Across Protocol’s documentation was linked to a fake Discord server.
In a Telegram post on Dec. 26, crypto sleuth ZachXBT raised concerns about a potential security breach related to Across Protocol’s documentation.
The warning highlighted a link within the protocol’s documentation leading users to a fake Discord server, suggesting the protocol’s vanity invite address might have been compromised. The incident reportedly led to a loss of $880,000 worth of crypto tied to one unknown blockchain entity.
Crypto sleuth ZachXBT warned in a Telegram channel that Across Protocol’s documentation was linked to a fake Discord server.
In a Telegram post on Dec. 26, crypto sleuth ZachXBT raised concerns about a potential security breach related to Across Protocol’s documentation.
The warning highlighted a link within the protocol’s documentation leading users to a fake Discord server, suggesting the protocol’s vanity invite address might have been compromised. The incident reportedly led to a loss of $880,000 worth of crypto tied to one unknown blockchain entity.
Thunder Terminal claims funds safe after $240K attack, hacker says otherwise
The on-chain trading platform confirmed a 3rd party compromise has led to funds being drained from 114 wallets but claims it has already fixed the issue. The hacker has a different take.
On-chain trading platform Thunder Terminal says user funds are now safe after thwarting a $240,000 exploit that compromised 114 wallets on its platform. The hacker, however, says it’s "all lies" and is demanding an additional ransom for user data.
https://cointelegraph.com/news/thunder-terminal-hack-exploit-wallet-compromise-hacker-demands-ransom
The on-chain trading platform confirmed a 3rd party compromise has led to funds being drained from 114 wallets but claims it has already fixed the issue. The hacker has a different take.
On-chain trading platform Thunder Terminal says user funds are now safe after thwarting a $240,000 exploit that compromised 114 wallets on its platform. The hacker, however, says it’s "all lies" and is demanding an additional ransom for user data.
https://cointelegraph.com/news/thunder-terminal-hack-exploit-wallet-compromise-hacker-demands-ransom
https://invezz.com/news/2023/12/13/okx-dex-losses-370k-in-hack-users-assured-reimbursement/
"OKX Dex has faced a suspected hacking incident, resulting in losses exceeding $370,000.
OKX Dex swiftly responded to the breach by removing the compromised proxy address.
OKX also deactivated the affected contracts and reassured users of asset safety.
OKX‘s decentralized exchange and cross-chain bridge aggregator OKX Dex has fallen victim to a suspected hacking incident, resulting in losses exceeding $370,000. The breach raised alarms among users who noticed unauthorized transactions from wallets previously authorized on the platform.
The hacker is said to have exploited the vulnerability in OKX Dex’s authorization process as users exchange their crypto assets."
"OKX Dex has faced a suspected hacking incident, resulting in losses exceeding $370,000.
OKX Dex swiftly responded to the breach by removing the compromised proxy address.
OKX also deactivated the affected contracts and reassured users of asset safety.
OKX‘s decentralized exchange and cross-chain bridge aggregator OKX Dex has fallen victim to a suspected hacking incident, resulting in losses exceeding $370,000. The breach raised alarms among users who noticed unauthorized transactions from wallets previously authorized on the platform.
The hacker is said to have exploited the vulnerability in OKX Dex’s authorization process as users exchange their crypto assets."
https://beincrypto.com/florence-finance-loses-1-45-million-hackers/
"Scammers have stolen $1.45 million in USDC from the real-world asset lending project, Florence Finance, via a phishing attack.
The Florence Finance attack involved address poisoning, a common phishing technique where a fraudulent, similar-looking address is used.
Co-founder and CEO of Cyvers, Deddy Lavid, has emphasized the need for heightened security measures in the digital finance sector."
"Scammers have stolen $1.45 million in USDC from the real-world asset lending project, Florence Finance, via a phishing attack.
The Florence Finance attack involved address poisoning, a common phishing technique where a fraudulent, similar-looking address is used.
Co-founder and CEO of Cyvers, Deddy Lavid, has emphasized the need for heightened security measures in the digital finance sector."
https://twitter.com/KyberNetwork/status/1728800315955437743
"The KyberSwap team has been in contact with the owners of the frontrun bots that extracted about $5.7M* worth of funds from KyberSwap pools on Polygon and Avalanche during the exploit.
We have negotiated with the owners of the frontrun bots to return 90% of the users’ funds taken by them to: 0x8180a5CA4E3B94045e05A9313777955f7518D757,
in return for a 10% bounty as described in this on-chain message: https://polygonscan.com/tx/0x8a0880f1662e39fa838e89fa751669e4a1eee5c15586dc447453274f7b8ce746
.."
"The KyberSwap team has been in contact with the owners of the frontrun bots that extracted about $5.7M* worth of funds from KyberSwap pools on Polygon and Avalanche during the exploit.
We have negotiated with the owners of the frontrun bots to return 90% of the users’ funds taken by them to: 0x8180a5CA4E3B94045e05A9313777955f7518D757,
in return for a 10% bounty as described in this on-chain message: https://polygonscan.com/tx/0x8a0880f1662e39fa838e89fa751669e4a1eee5c15586dc447453274f7b8ce746
.."
What do you think is the reason why this case always happens every year? If you look at history, there will always be things like this.
Is it that easy to hack or is the security of each project different, or is this a game of the people closest to it, because they are the ones who can reach it the easiest, and there are many other possibilities.
Is it that easy to hack or is the security of each project different, or is this a game of the people closest to it, because they are the ones who can reach it the easiest, and there are many other possibilities.
Now the question is whether it is wise not to trust an exchange with all your coins. Indeed, this is an easy target for bandits and no matter how strong the security system created by the exchange, it will still be searchable and this year 2023 the cryptocurrency market is very unstable.
Jump to: