Incidents involving DeFi, DEX, NFT, and other smart contract projects. Subscribe to Blockchain Threat Intelligence for news of the latest incidents.
-
Project: yCredit Finance
Date: 2021-01-01
Summary: Minting vulnerability exploited
Impact: $11M lost
Type: Hack
Chain: ETH
References:- Deposit Less, Get More: yCredit Attack Details by BlockSecTeam
- Exploit PoC by Banteg
-
Project: Saddle Finance
Date: 2021-01-19
Summary: Price arbirtrage due to high slippage.
Impact: 7.9 BTC ($275K) lost
Type: Hack
Chain: ETH
References:- Saddle Finance - REKT by rekt
- 2021-1 Saddle Finance Arbitrage by Origin Protocol
-
Project: SushiSwap
Date: 2021-01-19
Summary: Misconfiguration exploited to manipulate DIGG-WETH price.
Impact: 81 ETH ($100K) attacker profit Type: Hack
Chain: ETH
References:- SushiSwap was attacked for the second time by SlowMist
- Badgers DIGG SUSHI by rekt
- Replaying Ethereum Hacks - Sushiswap BadgerDAO's Digg by cmichel
-
Project: Yearn
Date: 2021-02-04
Summary: Yearn V1 yDAI vault exploited.
Impact: $11M lost Type: Hack
Chain: ETH
References:- Vulnerability disclosure 2021-02-04 by Yearn Security
- The yDAI Incident Analysis: Forced Investment by PeckShield
- A brief analysis of yearn finance being hacked by SlowMist
- Inside the Yearn v1 yDAI Hack (Feb 2021) by Halborn
- Yearn - REKT by rekt
- Yearn Exploit by Origin Protocol
- Attacker TX on Etherscan
- Tether Freezes $1.7 Million in Profits From Yearn Finance Hack by Robert Stevens (Decrypt)
-
Project: Growth DeFi
Date: 2021-02-09
Summary: rAAVE pool exploited by forcing an LP with a fake token.
Impact: $1.3M (ETH) stolen. Type: Hack
Chain: ETH
References:- rAAVE Farming Contract Exploit explained by Growth DeFi
- The Big Combo (Growth DeFi - REKT) by rekt
- Growth DeFi Exploit by Origin Protocol
-
Project: BT Finance
Date: 2021-02-09
Summary: Exploit similar to Yearn hack.
Impact: $1.7M stolen. Type: Hack
Chain: ETH
References:- BT.Finance Exploit analysis report by BT Finance
- BT.Finance Exploit by Origin Protocol
-
Project: Alpha Homora
Date: 2021-02-12
Summary: Smart contract exploited.
Impact: $38M (USDC, DAI, USDT, WETH) stolen. Type: Hack
Chain: ETH
References:- Alpha Homora V2 Post Mortem by Alpha Homora
- Alpha Finance - REKT by rekt
-
Project: CryptoPunks
Date: 2021-02-24
Summary: Auction was front-run using flash loans.
Impact: Punk #1737 won for 1 Wei. Type: Hack
Chain: ETH
References: -
Project: Furucombo
Date: 2021-02-27
Summary: Exploited by tricking it to use fake AAVE implementation.
Impact: $15M stolen. Type: Hack
Chain: ETH
References:- Furucombo Post-Mortem March 2021 by Furucombo
- Analysis of the Furucombo Hack by SlowMist
- Furucombo - REKT by rekt
- Furucombo exploit internals by Kurt Barry
- Replaying Ethereum Hacks - Furucombo by Cmichel
- 2021-2-27 Furucombo Attack by Origin Protocol
-
Project: Yield Finance
Date: 2021-02-27
Summary: Whitehat hack, $166K DAI lost and later recovered.
Impact: N/A. Type: Hack
Chain: ETH
References: -
Project: Zerion
Date: 2021-03-04 Summary: Tricked into listing a malicious Balancer clone.
Impact: $30K
Type: Hack
Chain: ETH
References:- Post mortem on Zerion’s asset phishing attack by Evgeny Yurtaev
-
Project: PAID Network
Date: 2021-03-05
Summary: Private keys compromised Impact: $160M (PAID) minted and sold. Type: Hack
Chain: ETH
References:- PAID Network Attack Postmortem, March 7, 2021 by PAID
- Analysis of Paid Network’s Hacked Event by SlowMist
-
Project: Kava
Date: 2021-03-05
Summary: Flaw in accounting logic exploited. Impact: No funds were lost. Type: Hack
Chain: ETH
References:- Kava 5 Launch Post-Mortem by Kava
-
Project: DODO
Date: 2021-03-09
Summary: Initialization function was left callable. Impact: $3.8M lost
Type: Hack
Chain: ETH
References:- DODO Pool Incident Postmortem: With a Little Help from Our Friends by DODO Breeder
- DODO - REKT by rekt
-
Project: True Seigniorage Dollar
Date: 2021-03-13
Summary: Upgrade forced by taking over DAO. Impact: 11.8B TSD minted and sold
Type: Hack
Chain: ETH
References: -
Project: Roll
Date: 2021-03-14
Summary: Private keys compromised. Impact: $5.7M lost
Type: Hack
Chain: ETH
References:- Roll - REKT by rekt
- A $5.7 Million Crypto Heist Sent Social Tokens into Free Fall by Tim Hakki (Decrypt)
-
Project: Cream Finance
Date: 2021-03-15
Summary: DApp attacked by hijacking DNS
Impact: Unknown
Type: Hack
Chain: ETH
References: -
Project: PancakeSwap Finance
Date: 2021-03-15
Summary: DApp attacked by hijacking DNS
Impact: Unknown
Type: Hack
Chain: ETH
References: -
Project: Nifty Gateway
Date: 2021-03-15
Summary: Account hijacking
Impact: NFTs stolen
Type: Hack
Chain: ETH
References: -
Project: Iron Finance
Date: 2021-03-16
Summary: vFarm reward misconfiguration
Impact: 170K SIL lost
Type: Hack
Chain: ETH
References:- Iron Finance vFarms incident Post-mortem (16 March 2021) by Iron Finance
-
Project: SIL Finance
Date: 2021-03-18
Summary: Contract permissions exploited.
Impact: $12.1M lost and later returned
Type: Hack
Chain: ETH
References:- Follow Up on the Service Outage & All Funds Are SAFU by SIL finance
-
Project: Uniswap Info
Date: 2021-03-30
Summary: Transaction volume spam by Delta Finance.
Impact: N/A
Type: Hack
Chain: ETH
References:- $11 Billion in ‘Fake’ Uniswap Volume Causes DeFi Project and DEX to Clash by Jeff Benson (Decrypt)
- Exploit analysis by Igor Igamberdiev
-
Project: ForceDAO
Date: 2021-04-04
Summary: Insufficient validation on the deposit function.
Impact: $367K stolen. Whitehat saved $9.6M
Type: Hack
Chain: ETH
References:- xFORCE Exploit Post Mortem by ForceDAO
- Exploit analysis by Igor Igamberdiev
-
Project: Polkatrain
Date: 2021-04-04
Summary: Rebate mechanism exploited.
Impact: $3M (57K DOT) stolen
Type: Hack
Chain: ETH
References: -
Project: Uranium Finance
Date: 2021-04-07
Summary: Logic bug exploited.
Impact: $1.5M stolen
Type: Hack
Chain: ETH
References:- Uranium : post-mortem, v2, compensations by Uranium Finance
- Exploit analysis by @ret2jazzy
-
Project: PancakeSwap Lottery
Date: 2021-04-12
Summary: Lottery exploited by administrator.
Impact: $1.8M stolen
Type: Hack References: -
Project: Uranium Finance
Date: 2021-04-27
Summary: Logic bug exploited.
Impact: $51M stolen
Type: Hack
Chain: ETH
References:- Hack announcement
- Exploit post-mortem by Uranium Finance
- SlowMist: Analysis of Uranium Finance’s Hacked Event by SlowMist
- Exploit analysis by @FrankResearcher
- Uranium Finance - REKT by rekt
-
Project: Spartan Protocol
Date: 2021-05-02
Summary: Logic bug exploited.
Impact: $30M stolen
Type: Hack
Chain: BSC
References:- The Spartan Incident: Root Cause Analysis by PeckShield
- Exploit analysis by @FrankResearcher
- Spartan Pool Hack by Origin Protocol
-
Project: Value DeFi
Date: 2021-05-06
Summary: Reinitialized pool.
Impact: $10M stolen
Type: Hack
Chain: BSC
References:- Value DeFi - Rekt 2 by rekt
- Exploit analysis by @FrankResearcher
-
Project: Value DeFi
Date: 2021-05-08
Summary: Incorrect use of exponents.
Impact: $11M stolen
Type: Hack
Chain: BSC
References:- Value DeFi - Rekt 3 by rekt
- ValueDeFi Incident: Incorrect Weighted Constant Product Invariant Calculation by PeckShield
- Exploit analysis by @FrankResearcher
-
Project: Meebits
Date: 2021-05-08
Summary: Flawed NFT generation.
Impact: Rare $700K NFT generated
Type: Hack
Chain: ETH
References:- Meebits Exploit Analysis and PoC by iphelix
- Ultra-rare Meebit NFT minted via exploit sells for $765,000 by Liam Frost (Cryptoslate)
-
Project: Rari Capital
Date: 2021-05-08
Summary: Composability vuln.
Impact: $10M stolen
Type: Hack
Chain: ETH
References:- 5/8/2021: Rari Capital Ethereum Pool — Post-Mortem by Davic Lucid (Rari Capital)
- (5/8/21) Rari Capital Exploit Timeline & Analysis by Nipun Pitimanaaree (Alpha Finance)
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- Price manipulation attack in reality (again): RariCapital incident by BlockSecTeam
- Rari Capital - REKT by rekt
- Hacker mocking Rari Capital by @dudesahn and @bantg
- Why the Attack Was Possible by @banescusebi and @ridesolo5
- ETH and BSC attacker addresses.
-
Project: xToken Market
Date: 2021-05-12
Summary: Incorrect price calculation.
Impact: $25.5M
Type: Hack References:- Initial Report on xBNTa, xSNXa Exploit by Michael J. Cohen (xToken)
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- xToken - REKT by rekt
-
Project: Vault.sx
Date: 2021-05-14
Summary: Reentrancy exploit.
Impact: $13.5M
Type: Hack References:- EOS vaults.sx hack by cmichel
-
Project: Bearn Finance
Date: 2021-05-16
Summary: Withdrawal logic vulnerability.
Impact: $11M
Type: Hack
Chain: BSC
References:- bVaults’ BUSD Alpaca Strategy Exploit Post-Mortem and bEarn’s Compensation Plan by bEarn Fi
- Bearn.Fi Incident: Inconsistent Asset Denomination Between Vault & Strategy by PeckShield
- bEarn - REKT by rekt
- Bearn.Fi Hack by Origin Protocol
-
Project: Venus Protocol
Date: 2021-05-18
Summary: Price manipulation
Impact: $200M+ liquidated $100M+ debt
Type: Hack
Chain: BSC
References:- Venus Protocol — Incident Post Mortem by Venus Protocol
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- $200 M Venus Protocol hack analysis by QuillHash
-
Project: Pancake Bunny
Date: 2021-05-19
Summary: Minting vulnerability exploited
Impact: 114,631 BNB ($41.8M), 697,245 BUNNY ($8M); 6.97M BUNNY minted and sold, token price collapsed
Type: Hack
Chain: BSC
References:- Official Post Mortem by Pancake Bunny
- PancakeBunny Incident: Root Cause Analysis by PeckShield
- BSC attacker address.
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- SlowMist: PancakeBunny Hack Analysis by SlowMist
- BSC PancakeBunny Exploit Post Mortem by Christoph Michel
- PancakeBunny - REKT by rekt
- Knownsec Blockchain Lab|Binance SmartChain PancakeBunny (BUNNY) Attack Event Analysis by Knownsec Blockchain Lab
- The PancakeBunny Bunny Performance Fee Minting Incident Analysis by WatchPug
- Hack Track: Pancake Bunny Hack by Merkle Science
- Attacker donates to Rekt by rekt
- BSC Flash Loan Attack: PancakeBunny by Amber Group
-
Project: Bogged Finance
Date: 2021-05-22
Summary: Minting vulnerability Impact: $3.6M Type: Hack
Chain: BSC
References:- BOG Flash Loan Attack: What Happened, and what’s next — Token Migration by Bogged Finance
- Bogged Finance Incident: Root Cause Analysis by PeckShield
- Bogged Finance Hack by Origin Protocol
-
Project: AutoShark Finance
Date: 2021-05-24
Summary: Minting vulnerability exploited
Impact: $750K (2.2K WBNB) Type: Hack
Chain: BSC
References:- Autoshark Performance Fee Minting Incident Analysis by WatchPug
- How AutoShark got economically exploited by AutoShark
- AutoShark - REKT by rekt
-
Project: Merlin
Date: 2021-05-26
Summary: Minting vulnerability exploited
Impact: $680K
Type: Hack
Chain: BSC
References:- Our Road Ahead by Merlin Lab
- Merlin Lab Enhanced Security Measures by Merlin Lab
- Merlin Labs - REKT by rekt
- Exploit Analysis by Peckshield
-
Project: Merlin
Date: 2021-05-26
Summary: Price calculation error
Impact: $540K
Type: Hack
Chain: BSC
References:- Our Road Ahead by Merlin Lab
- Merlin Labs - REKT 2 by rekt
-
Project: BurgerSwap
Date: 2021-05-27
Summary: Reentry vulnerability
Impact: $7.2M
Type: Hack
Chain: BSC
References:- BurgerSwap - REKT by rekt
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- Exploit Analysis by Mudit Gupta (@Mudit_Gupta)
- Exploit Analysis by Hayden Adams (@haydenzadams)
- Exploit Analysis by PeckShield
- BurgerSwap Flash Loan Attack | Analysis by QuillHash
-
Project: Wild Credit
Date: 2021-05-27
Summary: Contract reinitialized
Impact: $700K
Type: Hack
Chain: ETH
References:- Exploit Analysis by Mudit Gupta (@Mudit_Gupta)
- Exploit Analysis by Anish Agnihortri (@_anishagnihotri)
-
Project: JulSwap
Date: 2021-05-27
Summary: Price manipulation using flashloans
Impact: $700K
Type: Hack
Chain: BSC
References:- Flash Loan Farming / JULb / BNB by JustLiquidity (JulSwap)
- JulSwap V2 Upgrading Its Oracle Mechanism to Chainlink by JustLiquidity (JulSwap)
- Exploit Analysis by Mudit Gupta (@Mudit_Gupta)
- Exploit Analysis by PeckShield
- Exploit Analysis by WatchPug
-
Project: Belt Finance
Date: 2021-05-29
Summary: Price manipulation using flashloans
Impact: $6.2M
Type: Hack
Chain: BSC
References:- May 29 Incident Report by Belt Finance
- Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
- Exploit Analysis by PeckShield
- Exploit Analysis by Mudit Gupta (@Mudit_Gupta)
- Exploit Analysis by Christoph Michel (@cmichelio)
- Belt Finance Attack Event Analysis by Knownsec Blockchain Lab
- Belt - REKT by rekt
-
Project: PancakeHunny
Date: 2021-06-02
Summary: Price manipulation using flashloans
Impact: $86K
Type: Hack
Chain: BSC
References:- PancakeHunny Preliminary Incident Report by PancakeHunny
- PancakeHunny Performance Fee Minting Attack Analysis by WatchPug
-
Project: Alchemix
Date: 2021-06-06
Summary: Reward calculation error
Impact: $50K Type: Bug
Chain: ETH
References:- Alchemix Farm Migration Post Mortem and alETH Update by Alchemix
- Vulnerability Announcement by Alchemix
-
Project: KetchupSwap, Lokum, YBear, Piggy, CaramelSwap, GoCerberus, Garuda
Date: 2021-06-16
Summary: Improper handling of deflationary tokens
Impact: $50K Type: Bug
Chain: BSC
References: -
Project: Iron Finance
Date: 2021-06-16
Summary: Weak stabilization mechanism
Impact: 0
Type: Bug
Chain: ETH
References:- Iron Finance Post-Mortem by Iron Finance
- Analysis fo the TITAN fall by Jeiwan
- Iron Finance - REKT by rekt
- Incident Analysis by @FinGeekCo
-
Project: Alchemix
Date: 2021-06-16
Summary: Reward calculation error
Impact: $6.53M Type: Hack
Chain: ETH
References:- Alchemix Incident Report by Alchemix
- Known Blockchain Lab | A Thousand Miles of Levee Collapsed in Ant's Den: A Brief Analysis of the Alchemix Incident by Knownsec Blockchain Lab
- SlowMist:Alchemix Hack Analysis by SlowMist
- Alchemix - REKT by rekt
-
Project: Visor Finance
Date: 2021-06-19
Summary: Private key compromise
Impact: $500K
Type: Hack
Chain: ETH
References:- Visor Beta — Incident Report by Visor Finance
-
Project: Impossible Finance
Date: 2021-06-21
Summary: LP contract design flaw
Impact: $700K Type: Hack
Chain: BSC
References:- Impossible Finance v2 Swap Jun 21st Postmortem by Impossible Finance
- Impossible Finance exploit root cause analysis by WatchPug
- One thought of heaven, one thought of hell-Impossible Finance lightning loan attack incident tracking by Knownsec Blockchain Lab
- Exploit Analysis by Mudit Gupta
- Returned funds by Peckshield
-
Project: Eleven Finance
Date: 2021-06-22
Summary: Withdrawal logic error
Impact: $4.5M Type: Hack
Chain: BSC
References:- Eleven Finance Incident: Root Cause Analysis by PeckShield
- Analysis of the lightning loan attack on the machine gun pool related to Nerve in Eleven Finance by Knownsec Blockchain Lab
- Eleven Finance - REKT by rekt
- Returned funds by @JohnDoughBull
-
Project: xWin Finance
Date: 2021-06-24
Summary: Slippage control weakness
Impact: $270K Type: Hack
Chain: BSC
References:- Summary of the Misuse of Flash Loan Against xWIN Protocol by xWin Finance
- xWin Finance Incident: Root Cause Analysis by PeckShield
-
Project: SafeDollar
Date: 2021-06-27
Summary: Reward calculation error
Impact: $250K Type: Hack
Chain: Polygon
References:- SafeDollar Post-Mortem Analysis by SafeDollar
- SafeDollar exploit root cause analysis by WatchPug
- 2021-06-28 SafeDollar by Origin Protocol
- Exploit Analysis by Mudit Gupta (@Mudit_Gupta)
- Exploit Analysis by Peckshield
- SafeDollar - REKT by rekt
-
Project: NFTX
Date: 2021-06-29
Summary: Reward calculation error
Impact: 2 Cryptopunks ($12K) Type: Hack
Chain: Ether
References:- [NFTX v2 PUNK Incident Post Mortem](https://blog.nftx.org/nftx-v2-punk-incident-post-mortem/ by NFTX
-
Project: Merlin
Date: 2021-06-29
Summary: Reward calculation error
Impact: $330K Type: Hack
Chain: BSC
References:- Merlin - REKT by rekt
- Exploit Analysis by PeckShield
-
Project: ChainSwap
Date: 2021-07-02
Summary: Unknown
Impact: $800K Type: Hack
Chain: ETH
References: -
Project: ChainSwap
Date: 2021-07-10
Summary: Cross-chain quota logic error
Impact: $4M Type: Hack
Chain: BSC
References:- ChainSwap Exploit 11 July 2021 Post-Mortem by ChainSwap
- Exploit Analysis by Christoph Michel
- Exploit Analysis by n30
- Important Update: ChainSwap Hack by WilerWorld
- Exploit PoC by tincho
-
Project: AnySwap
Date: 2021-07-10
Summary: Cryptography bug
Impact: $800K Type: Hack
Chain: ETH
References:- Anyswap Multichain Router V3 Exploit Statement by AnySwap
- Exploit Analysis by Christoph Michel
- Can derive the private key? Anyswap cross-chain bridge is analyzed by Knownsec Blockchain Lab
-
Project: DeFiPlaza
Date: 2021-07-11
Summary: Integer overflow
Impact: $1.1M Type: Hack
Chain: ETH
References:- Defi Plaza liquidity loss post-mortem by DeFi Plaza
- Exploit Analysis by Kyle Kistner
- Exploit TX by Etherscan
-
Project: DeFiPie
Date: 2021-07-12
Summary: Reentrancy
Impact: ??? Type: Hack
Chain: BSC
References:- Hacking investigation by Maksim Malikov (DeFiPie)
- Exploit Analysis by PeckShield
-
Project: Axie Infinity
Date: 2021-07-13
Summary: DDoS
Impact: ??? Type: Hack
Chain: ETH
References:- Attack Announcement by Axie Inifinity
-
Project: Ape Rocket
Date: 2021-07-13
Summary: Reward Calculation bug
Impact: $1.2M Type: Hack
Chain: BSC and Polygon
References:- Moving Forward by Ape Rocket
- ApeRocket (BSC) Performance Fee Minting Incident Root Cause Analysis by WatchPug
- ApeRocket (Polygon) Performance Fee Minting Incident Root Cause Analysis by WatchPug
-
Project: Bondly
Date: 2021-07-14
Summary: Admin wallet compromise
Impact: $5.9M Type: Hack
Chain: ETH, BSC, Polygon
References:- Bondly Attack: July 14th 2021 Postmortem by Bondly
- Bondly - REKT by rekt
-
Project: PancakeBunny
Date: 2021-07-16
Summary: Reward Calculation bug
Impact: $2.4M Type: Hack
Chain: Polygon
References:- PolyBUNNY Post-Mortem & Compensation by PancakeBunny
- PancakeBunny - rekt 2 by rekt
-
Project: SupDucks
Date: 2021-07-17
Summary: NFT data leak
Impact: 0 Type: Hack
Chain: ETH
References:- How we bought an NFT before reveal for an 18 ETH profit by Hype.eth
- SupDuck 8439 by OpenSea
-
Project: Array Finance
Date: 2021-07-19
Summary: Price calculation error
Impact: $515K Type: Hack
Chain: ETH
References:- Exploit Announcement and Analysis by Array Finance
- The Analysis of the Array Finance Security Incident by BlockSecTeam
-
Project: Sanshu Inu
Date: 2021-07-20
Summary: Deflation mechanims flaw
Impact: $110K Type: Hack
Chain: ETH
References:- The Analysis of the Sanshu Inu Security Incident by BlockSecTeam
-
Project: THORChain
Date: 2021-07-22
Summary: ETH Router flaw
Impact: $8M
Type: Hack
Chain: ETH
References:- THORChain Incident Analysis by Halborn
- THORChain - REKT 2 by rekt
- Post-mortem: ETH Router Exploits 1 & 2, and premature Return To Trading Incident by THORChain
-
Project: THORChain RUNE
Date: 2021-07-23
Summary: Transaction origin mishandling
Impact: $76K
Type: Hack
Chain: ETH
References:- Unboxing tx.origin. Rune Token case by Adrian Hetman
- Exploit Analysis by THORchain.BULL
- Exploit Analysis by banteg
-
Project: PolyYeld Finance
Date: 2021-07-27
Summary: Improper handling of deflationary tokens
Impact: $250K
Type: Hack
Chain: Polygon
References: -
Project: Levyathan
Date: 2021-07-30
Summary: Leaked private keys and withdrawal bug
Impact: ??
Type: Hack
Chain: BSC
References:- Post Mortem: Levyathan by Levyathan
- Exploit Analysis by Peckshield
- Levyathan - REKT by rekt
-
Project: Popsicle Finance
Date: 2021-08-03
Summary: Reward calculation error
Impact: $20.7M
Type: Hack
Chain: ETH
References:- Popsicle Finance Post Mortem- After Fragola Hack by Popsicle Finance
- Popsicle Finance - REKT by rekt
- The Analysis of the Popsicle Finance Security Incident by Knownsec Blockchain Lab
- Popsicle Finance Exploit: How The Hacker Did It by Breadcrumbs App
- Exploit analysis by Mudit Gupta
- Exploit analysis by PeckShield
- Transaction tracking by AMLbot dashboard (CIA Officer)
-
Project: Wault Finance
Date: 2021-08-04
Summary: Logic error in stablecoin pegging mechanism
Impact: $816K
Type: Hack
Chain: BSC
References:- WUSD Incident Recap and Solution by Wault Finance
- Wault Finance Incident Analysis: $WEX Price Manipulation Using WUSDMaster Contract by Inspex
- Wault Finance Flash Loan Security Incident Analysis by Knownsec Blockchain Lab
-
Project: Casper DeFi
Date: 2021-08-04
Summary: Malicious insider addded a backdoor to mint tokens
Impact: $172K
Type: Hack
Chain: BSC
References:- Casper DeFi Post Mortem After Casper Token Hack by Casper DeFi
-
Project: Zerogoki
Date: 2021-08-08
Summary: Price oracle compromised
Impact: $670K
Type: Hack
Chain: ETH
References:- The analysis of the Zerogoki attack by Knownsec Blockchain Lab
-
Project: Poly Network
Date: 2021-08-10
Summary: Cross-chain message validation error
Impact: $611M
Type: Hack
Chain: ETH, BSC, Polygon, Ontology
References:- The Retrospection of the Poly Network Hack from a Security Researcher perspective by BlockSecTeam
- The Further Analysis of the Poly Network Attack by BlockSecTeam
- The Analysis and Q&A Of Poly Network Being Hacked by SlowMist
- The Root Cause Of Poly Network Being Hacked by SlowMist
- PolyNetwork Bug Review And Patch Analysis by PeckShield
- Poly Network Hack Analysis – Largest Crypto Hack by Mudit Gupta
- Poly Network - REKT by rekt
- Exploit Analysis by Kelvin Flichter
- SlowMist: Tracking possible identification clues related to Poly Network attackers by SlowMist
- Hacker returns Poly Network funds: Ransom deals in the time of DeFi by Breadcrumbs App
- The 600M Poly Network Hack — The biggest hack in Defi history by Breadcrumbs App
- On-chain conversation by Harry Denley
- On-chain conversation and funds movements
-
Project: Punk Protocol
Date: 2021-08-10
Summary: Reinitialized contract Impact: $8.95M
Type: Hack
Chain: ETH References:- Punk Protocol Fair Launch Incident Report by Punk Protocol
- Punk Protocol - REKT by rekt
-
Project: Neko Network
Date: 2021-08-11
Summary: Logic error in a lending protocol Impact: $4M
Type: Hack
Chain: BSC References:- Neko Hacking Incident Report by Maze Protocol
-
Project: CryptoVenetians NFT
Date: 2021-08-11
Summary: Stolen private keys Impact: $5M Type: Hack
Chain: ETH References: -
Project: DAO Maker
Date: 2021-08-12
Summary: Stolen private key Impact: $7M
Type: Hack
Chain: ETH References:- DAO Maker Statement — Thursday, 12th of August by DAO Maker
- The analysis of the DAOMaker attack by BlockSecTeam
-
Project: Ref Finance
Date: 2021-08-14
Summary: Logic error Impact: $3.2M
Type: Hack
Chain: NEAR References:- Exploit analysis by Ref Finance
-
Project: Curve Bribe
Date: 2021-08-14
Summary: Unknown Impact: $117K Type: Hack
Chain: ETH References:- Exploit announcement by Yearn Security