Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository - User contributions [en]

SwissBorg Signs Exploit Transaction From Kiln Finance Breach

2025-10-10T23:09:33Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/swissborgsignsexploittransactionfromkilnfinancebreach.php}} {{Unattributed Sources}} SwissBorg Logo/HomepageAn attacker compromised a GitHub access token from Kiln Finance, using it to manipulate the infrastructure and insert a malicious transaction in Kiln's Solana staking API. This altered the withdrawal authority of Solana stakes, which was unknowingly ap..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/swissborgsignsexploittransactionfromkilnfinancebreach.php}}
{{Unattributed Sources}}

[[File:Swissborg.jpg|thumb|SwissBorg Logo/Homepage]]An attacker compromised a GitHub access token from Kiln Finance, using it to manipulate the infrastructure and insert a malicious transaction in Kiln's Solana staking API. This altered the withdrawal authority of Solana stakes, which was unknowingly approved by SwissBorg when it processed the transaction through its Earn program. The result was the improper withdrawal of approximately 193,000 SOL from SwissBorg's platform. Both companies acted swiftly to mitigate the damage, with SwissBorg allocating part of its SOL Treasury to recover user funds and engaging security experts to recover the compromised assets. Kiln Finance contained the breach, rotated keys, and began the precautionary exit of Ethereum validators. Both platforms emphasized their ongoing commitment to security and user protection. SwissBorg has assured users that they will cover all losses.<ref name="swissborgtweet1-21345" /><ref name="kilnfinancetweet-21346" /><ref name="reenablement-21347" /><ref name="kilnfisolincident-21348" /><ref name="swissborgtweet2-21349" /><ref name="withdrawauthoritychange-21350" /><ref name="unstakestarttransaction-21351" /><ref name="firstwithdrawtransaction-21352" /><ref name="exploiteraddress-21353" /><ref name="ceramictokentwitter-21354" /><ref name="officerciatweet-21355" /><ref name="qwackersoltwitter-21356" /><ref name="kilnfiresponds-21357" /><ref name="0xgumshoetwitter-21358" /><ref name="norbertbodzionytwitter-21359" /><ref name="swissborgtwitter-21360" /><ref name="cyrusfazeltwitter-21361" /><ref name="swissborgtwitter-21362" /><ref name="cyrusfazeltwitter-21363" /><ref name="swissborgtwitter-21364" /><ref name="swissborgtwitter-21365" /><ref name="youtubelive-21366" /><ref name="swissborgtwitterx-21367" /><ref name="swissborghomepage-21368" /><ref name="kilnfinancetwitterx-21369" /><ref name="kilnfinancehomepage-21370" /><ref name="swissborgtwitter-21371" />

== About SwissBorg ==
SwissBorg is a European-based crypto investment platform designed to make buying, selling, and managing digital assets easy and cost-effective. Operating in 47 countries and supporting 16 currencies, the application leverages a Smart Engine that scans top exchanges to offer users the best execution price for trades with no hidden fees. Key features include Auto-Invest for dollar-cost averaging, Limit Orders, and the ability to purchase crypto using various payment methods like credit card, Apple Pay, and bank transfers. The platform has amassed over 895,000 verified users and manages more than $2.28 billion in user crypto assets, reinforcing its growing reputation in the digital finance space.

Beyond trading, SwissBorg offers tools for wealth generation, including “Earn” products with up to 15% annual returns, and exclusive pre-sale investment opportunities through “Alpha Early Deals.” Users can diversify through Crypto Bundles—automated portfolios grouped by trending sectors, rebalanced monthly based on market dynamics. The native BORG token powers the ecosystem by providing benefits like reduced fees, boosted yields, and governance rights. By locking BORG, users also unlock exclusive access to investment deals and earn loyalty-based rewards.

SwissBorg stands out for its compliance and security focus, holding licenses in Estonia and France while adhering to European regulations. It’s been featured in top publications like Forbes and Cointelegraph, and continues to expand its offerings through integrations and innovations like Cashback Loyalty Ranks and support for stablecoins like VEUR and VCHF. The platform emphasizes community, promoting decentralization and transparency, and offers access to over 50,000 trading pairs. SwissBorg combines Swiss engineering with user-centric design to empower both new and seasoned crypto investors.
== About Kiln Finance ==
Kiln is an institutional-grade platform that enables hundreds of companies—including custodians, exchanges, ETP issuers, wallets, and data providers—to generate yield from digital assets through staking and DeFi integration. With over $16 billion in assets staked and 6% of Ethereum’s network secured through Kiln, it plays a leading role in democratizing staking. The platform supports more than 50 proof-of-stake (PoS) networks and over 10 DeFi protocols, allowing partners to seamlessly integrate yield functionalities into their own products via Kiln’s white-labeled, unified API solutions.

Kiln's core offering revolves around a full-stack infrastructure that includes enterprise-grade validators, real-time data, reporting, and compliance tools. Products like the Kiln Dashboard, Onchain staking, DeFi integration, and the no-code Kiln Widget simplify the launch of customized “Earn” experiences. Treasury managers can stake assets with one click, and institutions benefit from built-in performance monitoring, 24/7 infrastructure uptime, and industry-standard security, including SOC 2 Type II compliance. Through services like restaking and BTC staking, Kiln remains on the cutting edge of innovation in digital asset yield generation.

Designed for scalability and simplicity, Kiln helps partners launch and manage staking offerings within a day, monetizing their platforms while maintaining regulatory and technical excellence. Its broad protocol coverage—from Ethereum, Solana, and Polygon to newer networks like EigenLayer and Ton—ensures compatibility with a wide range of digital assets. Backed by leading investors and trusted by major players in the industry, Kiln is setting the benchmark for secure, compliant, and user-friendly staking infrastructure tailored to institutional needs.

== The Reality ==
Unfortunately, the SwissBorg system appears to be vulnerable.

== What Happened ==
An exploit of a GitHub access token from Kiln allowed an attacker to inject a malicious transaction into Kiln's Solana staking API, which was unknowingly signed by SwissBorg, ultimately enabling the unauthorized withdrawal of 193,000 SOL.
{| class="wikitable"
|+Key Event Timeline - SwissBorg Signs Exploit Transaction From Kiln Finance Breach
!Date
!Event
!Description
|-
|August 31st, 2025 3:55:37 AM MDT
|Withdrawal Authority Switched Over
|Swissborg signs a malicious transaction which unstakes their funds, and transfers the withdrawal authority for all of their stake accounts.
|-
|September 6th, 2025 4:02:59 AM MDT
|Unstaking Transaction Occurs
|A set of transactions start unstaking Swissborg funds from the earn program of Kiln Finance.
|-
|September 8th, 2025 6:22:03 AM MDT
|Withdrawal Transactions Occur
|A set of transactions start withdrawing the Swissborg funds from stake accounts to the exploiter wallet.
|-
|September 8th, 2025 12:25:00 PM MDT
|SwissBorg Announcement Posted
|SwissBorg posts an announcement for their community to acknowledge the incident,
|-
|September 8th, 2025 12:42:00 PM MDT
|SwissBorg Update Posted
|SwissBorg updates their announcement to remove the name of the API which was compromised. All references to KILN are removed from the original tweet.
|-
|September 11th, 2025 10:22:16 AM MDT
|SwissBorg Reach Out To Hacker
|SwissBorg reaches out to the hacker on the Solana blockchain "to see whether [they] would be open to speaking ... about any potential next steps".
|-
|October 7th, 2025 4:14:00 AM MDT
|Kiln Finance Update Posted
|Kiln Finance posts their update to Twitter/X account to report that the compromise is limited to a single customer (SwissBorg) and they have now safely re-enabled all services.
|}

== Technical Details ==
The breach was traced back to the compromise of a GitHub access token belonging to a Kiln infrastructure engineer. The attacker used this token to trigger GitHub Actions CI workflows within Kiln's infrastructure code repository, a process designed to automate deployment tasks. The threat actor’s method was sophisticated and stealthy—creating and then deleting branches to alter a large number of files in order to remain hidden from detection. This allowed them to extract stored secrets and cloud credentials, granting access to Kiln's Amazon Web Services (AWS), Google Cloud Platform (GCP), and bare-metal systems.

With access to these credentials, the attacker injected a malicious payload into a running Kubernetes pod, specifically altering the Kiln Connect API backend. The modification resulted in a malicious transaction being returned alongside legitimate ones. This malicious transaction changed the withdrawal authority of a Solana (SOL) staking account, but only under certain conditions—if the stake account held a balance above 150,000 SOL. The exploit impacted one Kiln customer, who unknowingly signed and approved the malicious transaction when using Kiln’s dashboard to unstake SOL on August 31st. Kiln had previously recommended that customers decode transactions before signing to verify their integrity, a practice that could have prevented this incident. The company provides a decoding tool as part of its user guidelines to mitigate such risks.

The attack was notable for its stealth and precision, evading multiple audits and penetration tests. The threat actor used methods typically associated with state-sponsored actors, including the avoidance of persistent files, code repository alterations, and database modifications. Instead, the attacker focused on executing commands within short-lived cloud workloads, utilizing a large number of different IP addresses to further obscure their tracks. Despite the complexity and stealth of the attack, no further malicious transactions or system modifications were detected beyond the initial breach. Kiln has not been able to determine the exact method by which the GitHub token was compromised, though they are continuing their investigation. The company is working to contain and remediate the situation, and no other customers' funds or assets appear to have been affected.

At this time, there is no conclusive evidence of how the compromise of the employee’s Github access token occurred.

== Total Amount Lost ==
SlowMist reported the loss total as $41.5m USD.

The total amount lost has been estimated at $41,500,000 USD.

== Immediate Reactions ==
Upon detecting a compromise in a partner API impacting their SOL Earn Program, SwissBorg quickly addressed the situation by reassuring users about the security of the platform. They confirmed that the breach, which affected about 193,000 SOL (less than 1% of users), did not jeopardize other funds or programs. To mitigate the damage, SwissBorg immediately allocated a portion of its SOL Treasury to recover a significant part of the affected user balances, with the final figures still being determined. The company also initiated ongoing efforts to recover the compromised funds by engaging white-hat hackers and security partners. SwissBorg emphasized that no other Earn Programs or funds within the app were affected, and the platform's day-to-day operations and financial health remained intact. As part of their communication strategy, SwissBorg assured users that they would reach out directly via email and provide further updates. The CEO, Cyrus, also planned to address the community live on YouTube to offer more transparency and clarity.

Kiln Finance responded swiftly to the unauthorized activity detected on September 8, 2025, by activating their incident response plan. They contained the breach and took precautionary measures, such as disabling possibly affected services and rotating the keys for any impacted validators. Kiln immediately engaged their security partners, including Sygnia, to conduct an in-depth security review and implement a hardening process. Within a short period, Kiln was able to restore all of its services, including the Kiln Enterprise Dashboard, dApp, Widget, DeFi, and Kiln Connect API, as well as resume the deployment of new Ethereum validators. Kiln emphasized the thoroughness of the security review and reassured users that all affected services were safely re-enabled. The company also made it clear that the incident involved unauthorized access to a wallet used for staking operations, and Solana funds had been improperly removed. As a precaution, SwissBorg paused all Solana staking transactions on its platform to prevent further user impact.

== Ultimate Outcome ==
Kiln Finance has taken a series of precautionary measures, including the orderly exit of all Ethereum (ETH) validators to ensure the integrity of staked assets. This decision, based on advice from security experts and collaboration with key stakeholders, aims to reinforce the security of Kiln’s platform and provide further protection to clients. The validator exit process, expected to take between 10 and 42 days depending on the specific validator, does not affect the security of client assets, and rewards will continue to be earned during the exit. After the exit, withdrawals will proceed as scheduled by the network, though the protocol enforces delays that are beyond Kiln's control.

Kiln’s leadership, including Co-founder and CEO Laszlo Szabo, emphasized the swift action taken to mitigate potential risks and safeguard the platform. While some services have been temporarily paused for hardening, Kiln reassured customers that there has been no evidence of additional fund losses beyond the SwissBorg incident. Kiln’s leadership also affirmed that the safety of client assets remains their top priority and assured that transparent communication will continue throughout the exit process. A detailed post-mortem will be shared once the security review is complete. In parallel, Kiln's efforts to strengthen security measures across various layers, including identity management, network security, workflows, and key management, have made the platform more resilient than before.

SwissBorg clarified the exploit occurring on an external DeFi wallet held with a counterparty, not a breach of the SwissBorg platform itself. SwissBorg assured its community that no other strategies were affected, and the funds in other programs remained fully secure. Additionally, any shortfall in the recovery of funds from the incident will be covered by SwissBorg, ensuring that no users suffer a loss.

== Total Amount Recovered ==
SwissBorg has assured all users that they are financially healthy and will fully cover any potential losses on behalf of users.

The total amount recovered is unknown.

== Ongoing Developments ==
Kiln has bolstered its security measures, incorporating key improvements across six strategic areas: zero-trust access, trusted CI/CD pipelines, blast-radius isolation, application/container hardening, continuous monitoring, and validator key protection. These upgrades, which were informed by the recent incident, ensure a more resilient security posture that not only prevents future exploitation of the same techniques but also strengthens defenses to protect against evolving threats in the crypto industry. It remains to be seen if this defense will be sufficient for the future.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="swissborgtweet1-21345">[https://twitter.com/swissborg/status/1965123506477359471 SwissBorg - "SOL Earn Incident & SwissBorg Recovery Plan A partner API was compromised, impacting our SOL Earn Program (~193k SOL, <1% of users). Rest assured, the SwissBorg app remains fully secure and all other funds in Earn programs are 100% safe." - Twitter/X] (Accessed Oct 9, 2025)</ref>

<ref name="kilnfinancetweet-21346">[https://twitter.com/Kiln_finance/status/1975504960646242484 Kiln Finance - "On Sept. 8, 2025, unauthorized activity by a threat actor was detected on the Kiln platform, caused by a compromised GitHub token. After a full review with our security partners, we’ve confirmed no other customers were impacted. All Kiln services have been safely re-enabled." - Twitter/X] (Accessed Oct 9, 2025)</ref>

<ref name="reenablement-21347">[https://www.kiln.fi/post/re-enablement-of-kiln-services-and-security-incident-information Re-enablement of Kiln services and security incident information - Kiln Finance] (Accessed Oct 9, 2025)</ref>

<ref name="kilnfisolincident-21348">[https://www.kiln.fi/post/sol-incident-swissborg---announcement SOL Incident & SwissBorg - Announcement - Kiln Finance] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtweet2-21349">[https://twitter.com/swissborg/status/1966181386999775570 SwissBorg - "" - Twitter/X] (Accessed Oct 9, 2025)</ref>

<ref name="withdrawauthoritychange-21350">[https://solscan.io/tx/5DCPDEVrnVdM4jHgxYGtuuzvSubg15sSpkBCxexfuApRAfXEmNfokiTyj6bxE52QNGVbPnwm9L3YzcEoMHHEpLV Signed Transaction By SwissBorg Changing Withdrawal Authority - SolScan] (Accessed Oct 9, 2025)</ref>

<ref name="unstakestarttransaction-21351">[https://solscan.io/tx/5pHCdNKoYCa6ZFdnD8N5hdheQThVW31DqhgtuY58ibC5K3XXUGGJe4wuEFUyHMbRgKivrwXL5TZCmeemQVxZErUZ The First Unstaking Transaction - SolScan] (Accessed Oct 9, 2025)</ref>

<ref name="firstwithdrawtransaction-21352">[https://solscan.io/tx/CfFAp2GzwxK7B9jD1QPHaCT333czvaXpRMz74HhREyKkvr55HzXeewhVteDirpLP1TKdMtUfVLYm73p26PUWZ4d The First Withdrawal Transaction - SolScan] (Accessed Oct 9, 2025)</ref>

<ref name="exploiteraddress-21353">[https://solscan.io/account/TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1 Swissborg Exploiter Address - SolScan] (Accessed Oct 9, 2025)</ref>

<ref name="ceramictokentwitter-21354">[https://twitter.com/CeramicToken/status/1965183723412095114 @CeramicToken Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="officerciatweet-21355">[https://twitter.com/officer_cia/status/1965134779977761082 Officer CIA - "SwissBorg experienced an incident a few hours ago and 192.6K SOL ($41.5M) was stolen on Solana - @zachxbt" - Twitter/X] (Accessed Oct 9, 2025)</ref>

<ref name="qwackersoltwitter-21356">[https://twitter.com/QwackerSol/status/1965159559460520221 @QwackerSol Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="kilnfiresponds-21357">[https://www.kiln.fi/post/kiln-responds-to-infrastructure-issue-with-validator-exit-funds-remain-protected Kiln Responds to Infrastructure Issue With Validator Exit, Funds Remain Protected - Kiln Finance] (Accessed Oct 9, 2025)</ref>

<ref name="0xgumshoetwitter-21358">[https://twitter.com/0xGumshoe/status/1965122475790094682 @0xGumshoe Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="norbertbodzionytwitter-21359">[https://twitter.com/norbertbodziony/status/1965132499018973257 @norbertbodziony Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitter-21360">[https://twitter.com/swissborg/status/1965285102159888802 @swissborg Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="cyrusfazeltwitter-21361">[https://twitter.com/Cyrus_Fazel/status/1965284154402111623 @Cyrus_Fazel Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitter-21362">[https://twitter.com/swissborg/status/1965476892699754593 @swissborg Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="cyrusfazeltwitter-21363">[https://twitter.com/Cyrus_Fazel/status/1965476329974800511 @Cyrus_Fazel Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitter-21364">[https://twitter.com/swissborg/status/1965491025734209546 @swissborg Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitter-21365">[https://twitter.com/swissborg/status/1965744525659521361 @swissborg Twitter] (Accessed Oct 9, 2025)</ref>

<ref name="youtubelive-21366">[https://www.youtube.com/live/szz0DRKBRU0 SwissBorg CEO and Executives speak live to the community about yesterday's events - SwissBorg] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitterx-21367">[https://twitter.com/swissborg SwissBorg Twitter/X Account] (Accessed Oct 9, 2025)</ref>

<ref name="swissborghomepage-21368">[https://swissborg.com/ SwissBorg Homepage] (Accessed Oct 9, 2025)</ref>

<ref name="kilnfinancetwitterx-21369">[https://twitter.com/Kiln_finance Kiln Finance Twitter/X Account] (Accessed Oct 9, 2025)</ref>

<ref name="kilnfinancehomepage-21370">[https://www.kiln.fi/ Kiln Finance Homepage] (Accessed Oct 9, 2025)</ref>

<ref name="swissborgtwitter-21371">[https://twitter.com/swissborg/status/1968794300734406750 @swissborg Twitter] (Accessed Oct 9, 2025)</ref></references>

File:Swissborg.jpg

2025-10-10T23:09:16Z

Azoundria:

Bunni Rounding Vulnerability Enables Complex Flashloan Attack

2025-10-10T23:08:46Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bunniroundingvulnerabilityenablescomplexflashloanattack.php}} {{Unattributed Sources}} Bunni Logo/HomepageBunni, a decentralized exchange built on Uniswap v4 with innovative liquidity management features, suffered an $8.4 million exploit due to a subtle rounding bug in its withdrawal logic that went undetected despite extensive testing. The attacker used flas..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bunniroundingvulnerabilityenablescomplexflashloanattack.php}}
{{Unattributed Sources}}

[[File:Bunnixyz.jpg|thumb|Bunni Logo/Homepage]]Bunni, a decentralized exchange built on Uniswap v4 with innovative liquidity management features, suffered an $8.4 million exploit due to a subtle rounding bug in its withdrawal logic that went undetected despite extensive testing. The attacker used flashloans and a sequence of small withdrawals to manipulate the pool’s liquidity estimates, enabling a profitable sandwich attack on two pools, while the largest pool was spared due to limited flashloan liquidity. In response, Bunni paused most functions but safely re-enabled withdrawals for users, and is actively pursuing the attacker—who obscured funds through Tornado Cash—by offering incentives for fund return, notifying exchanges, and involving law enforcement. The team is also focused on fixing the vulnerability, enhancing testing frameworks, and preparing for a secure relaunch.<ref name="tenarmortweet-21126" /><ref name="etherscanattacktransaction-21127" /><ref name="etherscanattacker-21128" /><ref name="etherscanattackerfunding-21129" /><ref name="bunnixyztweet2-21130" /><ref name="bunnixyztweet3-21131" /><ref name="bunnixyztweet4-21132" /><ref name="uniscanattacktransaction-21133" /><ref name="bunnixyztweet5-21134" /><ref name="bunnixyztweet6-21135" /><ref name="bunnitwitterx-21136" /><ref name="bunnixyztweet1-21137" /><ref name="bunnixyzlinktree-21138" />

== About Bunni ==
Bunni is a decentralized exchange (DEX) built on Uniswap v4 designed to maximize liquidity provider (LP) profits across all market conditions. It introduces a unique "shapeshifting liquidity" technology that allows LPs to program and automatically adjust their liquidity positions based on market movements, effectively responding to market changes even while they sleep. This dynamic approach helps LPs optimize their returns without constant manual intervention.

Beyond providing flexibility, Bunni also enhances yield by enabling users to earn additional income on idle liquidity through integrations with trusted platforms like Aave and Gearbox. It optimizes swap fee revenue by leveraging auction-managed strategy providers and benefits from Uniswap’s vast and efficient orderflow, ensuring steady fee income.

Moreover, Bunni incorporates advanced protections to minimize common risks for liquidity providers, such as Miner Extractable Value (MEV) and Loss Versus Rebalancing (LVR), through innovative mechanisms like am-AMM and surge fees. The platform empowers developers and LPs to finely control how liquidity is distributed across price ranges and how it shifts in response to market signals, making it a flexible and powerful tool for sophisticated liquidity management.

The smart contract was reportedly audited by "Pashov, Cyfrin, and Trail of Bits".

== The Reality ==
Despite multiple extensive unit tests, fuzz tests (including Medusa), and simulations, the Bunni protocol still managed to launch with a critical vulnerability.

The core vulnerability in Bunni’s smart contract was a subtle rounding error in how the pool’s idle balance was updated during withdrawals. Specifically, when liquidity providers withdrew their shares, the contract reduced the idle balance by a proportional amount but rounded this decrease down (using mulDiv), which was assumed safe because it would err on the side of higher idle balance and thus lower active liquidity—thought to protect the pool by making it more conservative.

Tests did not cover complex sequences of multiple operations interacting over time with the smart contract's rounding behavior. Each rounding decision was safe in isolation, and the tests likely focused on single-operation scenarios rather than long chains of withdrawals combined with swaps.

== What Happened ==
Bunni suffered an $8.4 million exploit caused by a rounding bug in its withdrawal logic, leading to manipulated liquidity estimates.
{| class="wikitable"
|+Key Event Timeline - Bunni Rounding Vulnerability Enables Complex Flashloan Attack
!Date
!Event
!Description
|-
|August 24th, 2025 3:50:23 PM MDT
|Attacker Funds Their Wallet
|The attacker first funds their Ethereum wallet from another wallet.
|-
|August 29th, 2025 1:49:00 PM MDT
|Bunni Last Post Prior
|Bunni makes their last post prior to the exploit talking about how "[r]ehypothecation is a game changer".
|-
|September 1st, 2025 10:35:32 PM MDT
|Unichain Attack Transaction
|An attack transaction is mined an accepted by the Unichain blockchain.
|-
|September 1st, 2025 10:38:23 PM MDT
|Ethereum Attack Transaction
|An attack transaction is mined and accepted into the Ethereum blockchain.
|-
|September 2nd, 2025 12:36:00 AM MDT
|TenArmor Posts Tweet
|TenArmor makes a public post about the exploit transaction, linking to the exploit transaction.
|-
|September 2nd, 2025 1:04:00 AM MDT
|Initial Announcement Posted
|The Bunni team posts an initial announcement that "[t]he Bunni app has been affected by a security exploit. As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon. Thank you for your patience."
|-
|September 2nd, 2025 5:03:00 AM MDT
|Announcement Limiting Exploit
|The Bunni team posts an update to inform the public that they believe that "only two Bunni pools were exploited: USDC/USDT on Ethereum Mainnet and ETH/weETH on Unichain. We’re still investigating. All Bunni's instances are still paused."
|-
|September 4th, 2025 3:37:00 PM MDT
|Complete Analysis Prepared
|The Bunni team posts a "completed analysis of the recent exploit". "Withdrawals have been unpaused, so LPs are now free to withdraw their assets. All other operations remain paused."
|-
|September 14th, 2025 1:23:00 PM MDT
|Timeless Foundation Reward
|According to a new tweet from the Bunni team, "the Timeless Foundation is launching a 108-ETH reward, worth $500,000, to encourage tips that lead to the Bunni protocol attacker's arrest and the return of all stolen funds".
|}

== Technical Details ==
Bunni suffered a sophisticated exploit resulting in the theft of approximately $8.4 million, affecting two liquidity pools: weETH/ETH on Unichain and USDC/USDT on Ethereum. The attacker used a three-step method on the USDC/USDT pool involving flashloans, a series of tiny withdrawals exploiting rounding errors, and a sandwich attack. Initially, the attacker flashborrowed 3 million USDT and pushed the pool’s price to an abnormal level while drastically reducing the active USDC balance. Then, through numerous tiny withdrawals, they exploited rounding inaccuracies to disproportionately decrease the pool's active USDC liquidity, causing a sharp but incorrect reduction in the pool’s total liquidity. Finally, leveraging this manipulated liquidity state, the attacker executed a sandwich attack that artificially inflated the pool’s liquidity, allowing them to extract significant profits before repaying the flashloan.

The core vulnerability stemmed from a subtle but critical rounding error in the smart contract’s withdrawal logic. The contract decreased the pool’s idle balance proportionally when liquidity providers withdrew, rounding down the decrease amount. This was assumed safe when done in isolation, but in a sequence of operations, it allowed the attacker to drastically reduce the pool’s active balance without burning a proportional amount of liquidity shares. This caused the pool’s total liquidity estimate to become artificially low, which was then reversed during the attacker’s swaps, creating an exploitable liquidity increase. Changing the rounding method to round up in these calculations stopped the exploit from being profitable.

The Bunni team noted that the largest pool, Unichain USDC/USD₮0, was spared mainly due to insufficient flashloan liquidity on Unichain, which prevented the attacker from executing the first step there. Post-exploit, the team paused most functions but safely unpaused withdrawals so LPs could reclaim their funds. They are actively pursuing recovery of stolen funds through legal means and exchange cooperation. Moving forward, Bunni aims to strengthen its testing frameworks to cover complex multi-operation scenarios better and explore comprehensive fixes before relaunching. Despite the setback, the team remains committed to innovating and advancing decentralized finance.

== Total Amount Lost ==
The final numbers in the post-mortem which the Bunni protocol published are "~$8.4m". "Two pools were affected: weETH/ETH on Unichain and USDC/USDT on Ethereum."

An initial post by TenArmor reports losses at $2.3m. However, this appears to only include one of the attacks.

The total amount lost has been estimated at $8,400,000 USD.

== Immediate Reactions ==
The Bunni team posted an initial update after pausing the protocol. Early external analyses mistakenly pointed to rebalancing issues, but the team quickly identified that the root cause was a subtle rounding bug during withdrawal operations, which the attacker exploited by combining multiple actions in a way the original code did not anticipate.

The team was initially surprised that the largest pool remained safe and determined that this was due to limited flashloan liquidity on that network—essentially, a matter of luck that prevented a bigger loss.

== Ultimate Outcome ==
After analyzing the exploit, the Bunni team determined that unpausing withdrawals alone would be safe because the exploit relied on swaps, which remain paused. They conducted thorough fork testing, particularly with help from Cyfrin, to ensure withdrawals functioned correctly without risk. Based on these tests, the team unpaused withdrawals across all networks, allowing liquidity providers to safely withdraw their assets while keeping deposits and swaps paused to prevent further exploits.

The Bunni team has taken several steps to pursue the exploiter. Tracing the stolen funds hit a dead end since the wallets were funded via Tornado Cash, making identification difficult. The Bunni team contacted the attacker on-chain, offering to return 90% of the stolen funds if the majority is returned. They also alerted centralized exchanges to block the attacker’s wallets from cashing out the stolen assets. Additionally, they have engaged law enforcement to explore legal options if the funds are not returned, showing a commitment to exhaust all possible avenues for fund recovery. TenArmor has noted that it "appears that the attacker's profit was deposited into Aave".

A bounty of $500,000 USD was paid for the discovery.

== Total Amount Recovered ==
The stolen funds from the Bunni exploit are currently held in two specific wallets. The team tried to trace the attacker by following the funding paths but hit a dead end because the funds were routed through Tornado Cash, which anonymizes transactions.

In response, Bunni has reached out to the attacker on-chain, offering to return 10% of the stolen amount as a reward if the rest is returned. They have also informed centralized exchanges about the attacker’s wallets to block any attempts to cash out the stolen funds. Additionally, Bunni has involved law enforcement to pursue all possible legal actions if the funds aren’t voluntarily returned. The team has committed to exploring every possible avenue to recover the stolen assets.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
Several key aspects of the situation are still ongoing for the Bunni team. The stolen funds remain in attacker-controlled wallets, and despite attempts to trace and identify the exploiter, the use of privacy tools like Tornado Cash has made this challenging. The team continues to pursue fund recovery by reaching out to the attacker with an incentive to return most of the stolen assets, notifying centralized exchanges to prevent the attacker from cashing out, and engaging law enforcement to explore all legal avenues. A bounty of $500,000 is now available for information that leads to the successful arrest of the perpetrators.

On the security front, the Bunni team is actively working on fixing the vulnerabilities that led to the exploit. While they have made an important change to the rounding logic that prevented the exploit from being profitable, they are still exploring whether this fix might introduce new risks. To that end, they report they are enhancing their testing frameworks with more complex and thorough scenarios, including better fuzz and invariant tests, to ensure the protocol is robust against future attacks.

The protocol itself remains partially paused. Withdrawals have been safely re-enabled, allowing liquidity providers to access their funds, but other critical functions like deposits and swaps remain disabled. The team is prioritizing securing the system fully before restoring complete functionality, aiming to protect users and rebuild trust in the platform.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21126">[https://twitter.com/TenArmorAlert/status/1962766519391170988 TenArmor - "Our system has detected a suspicious attack involving #Bunni @bunni_xyz on #ETH, resulting in an approximately loss of $2.3M." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="etherscanattacktransaction-21127">[https://etherscan.io/tx/0x1c27c4d625429acfc0f97e466eda725fd09ebdc77550e529ba4cbdbc33beb97b Attack Transaction - Etherscan] (Accessed Sep 19, 2025)</ref>

<ref name="etherscanattacker-21128">[https://etherscan.io/address/0x0c3d8fa7762ca5225260039ab2d3990c035b458d Attacker Address - Etherscan] (Accessed Sep 19, 2025)</ref>

<ref name="etherscanattackerfunding-21129">[https://etherscan.io/tx/0x047daf0df44f84a042596b46069842a297a1c81ae7b0372c92c8989bb947ebbc Attacker Address Funded - Etherscan] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet2-21130">[https://twitter.com/bunni_xyz/status/1962773674634756450 Bunni - "The Bunni app has been affected by a security exploit. As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon. Thank you for your patience." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet3-21131">[https://twitter.com/bunni_xyz/status/1962833866277744953 Bunni - "Exploit Update: As far as we know, only two Bunni pools were exploited: USDC/USDT on Ethereum Mainnet and ETH/weETH on Unichain. We’re still investigating. All Bunni's instances are still paused." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet4-21132">[https://twitter.com/bunni_xyz/status/1963718005327831449 @bunni_xyz Twitter] (Accessed Sep 19, 2025)</ref>

<ref name="uniscanattacktransaction-21133">[https://uniscan.xyz/tx/0x4776f31156501dd456664cd3c91662ac8acc78358b9d4fd79337211eb6a1d451 Attack Transaction On Unichain] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet5-21134">[https://twitter.com/bunni_xyz/status/1965180574416670876 Bunni - "Bunni’s frontend is unaffected by the NPM package supply chain attack, and https://bunni.xyz is NOT impacted. We advise against onchain transactions for now; no user action required." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet6-21135">[https://twitter.com/bunni_xyz/status/1967308332714303553 Bunni - "Today the Timeless Foundation is launching a 108-ETH reward, worth $500,000, to encourage tips that lead to the Bunni protocol attacker's arrest and the return of all stolen funds." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="bunnitwitterx-21136">[https://twitter.com/bunni_xyz Bunni Twitter/X Account] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyztweet1-21137">[https://twitter.com/bunni_xyz/status/1961516573354807479 Bunni - "Rehypothecation is a game changer." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="bunnixyzlinktree-21138">[https://linktr.ee/Bunnixyz Bunni LinkTree] (Accessed Sep 19, 2025)</ref></references>

File:Bunnixyz.jpg

2025-10-10T23:08:32Z

Azoundria:

Aifeex AIF Token Smart Contract Rewards Mechanism Exploited

2025-10-10T23:07:47Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/aifeexaiftokensmartcontractrewardsmechanismexploited.php}} {{Unattributed Sources}} Aifeex Logo/HomepageThe AIF token, developed by Aifeex Bank, was designed to combine AI and blockchain for decentralized, automated asset management. Despite its advanced features—such as AI-driven trading, transparent smart contracts, and DAO governance—the project faced a..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/aifeexaiftokensmartcontractrewardsmechanismexploited.php}}
{{Unattributed Sources}}

[[File:Aifeex.jpg|thumb|Aifeex Logo/Homepage]]The AIF token, developed by Aifeex Bank, was designed to combine AI and blockchain for decentralized, automated asset management. Despite its advanced features—such as AI-driven trading, transparent smart contracts, and DAO governance—the project faced a significant setback when a vulnerability in its rewards mechanism was exploited. According to security firm TenArmor, the exploit led to an estimated loss of approximately $98,000. While the technical details of the incident remain unclear, it drew attention from multiple blockchain researchers. The project's Twitter/X account appears to have been deleted, and no public response was found on their official website, though their homepage and Telegram remain active. The long-term impact on the project’s credibility and operations remains uncertain.<ref name="tenarmortweet-21148" /><ref name="transactionbscscan-21149" /><ref name="pennysplayertweet-21150" /><ref name="cryptotaffytweet-21151" /><ref name="blockthreatweek34-21152" /><ref name="bscscanaifcontract-21153" /><ref name="dexscreener-21154" /><ref name="apespace-21155" /><ref name="coinranking-21156" /><ref name="binancelaunch-21157" /><ref name="aifeexhomepage-21158" /><ref name="dexview-21159" /><ref name="checkquillai-21160" />

== About Aifeex AIF Token ==
The AIF token, developed by Aifeex Bank, claimed to represent a fusion of artificial intelligence and blockchain technology within the digital financial ecosystem. Designed to offer transparent, efficient, and trustless asset management, AIF was based on a decentralized no-reservation issuance model and powered by an AI-driven automated quantitative trading system. At its core, AIF utilized a proprietary AI model called AIpha, which supported multiple fund strategies tailored to different market conditions. These strategies were intended to provide investors with scientifically grounded and efficient investment solutions, all executed transparently on-chain.

AIF's core functionality centered around an AI quantitative trading engine that leveraged real-time market analysis, multi-strategy execution (such as high-frequency trading and arbitrage), and adaptive risk control using machine learning. Unlike traditional quantitative funds, the execution records of AIF's AI strategies were made accessible through smart contracts, aiming to ensure transparency and fairness. Revenue was generated from AI-driven trading activities and distributed through two main mechanisms: daily dividends in USDT or ETH to token holders, and a buyback-and-burn model intended to reduce circulating supply and enhance long-term token value.

The AIF token operated within a fully on-chain governance framework, where holders could participate in decision-making via a Decentralized Autonomous Organization (DAO). The total token supply was capped at 21 million, with a target deflation down to 210,000 tokens. Additional features included dual liquidity pools and open-source smart contracts audited by third-party firms such as CertiK and SlowMist. The platform also integrated mechanisms like the Market Player Mechanism, which tied token performance to deflationary incentives, and the AI Prediction Robot System, allowing users to invest using USDT and receive automated AI-managed returns. Through these features, AIF was positioned as an example of the potential for AI-integrated DeFi platforms in the evolving digital asset space

== The Reality ==
Unfortunately, the rewards mechanism in the AIF smart contract contained an unknown vulnerability.

== What Happened ==
The AIF token project, which aimed to combine AI and blockchain for decentralized asset management, suffered an estimated $98,000 exploit due to a rewards mechanism vulnerability.
{| class="wikitable"
|+Key Event Timeline - Aifeex AIF Token Smart Contract Rewards Mechanism Exploited
!Date
!Event
!Description
|-
|August 20th, 2025 1:19:24 PM MDT
|Attack Transaction Occurs
|The attack transaction is accepted onto the Binance Smart Chain.
|-
|August 20th, 2025 8:20:00 PM MDT
|TenArmor Tweet Posted
|TenArmor posts a tweet with an initial analysis of the exploit transaction.
|}

== Technical Details ==
According to initial technical analysis by TenArmor, "[i]t appears that the token's reward mechanism was exploited."

The specific details of the exploit do not appear to have been publicly analyzed.

== Total Amount Lost ==
According to TenArmor, there was "an approximately loss of $98K".

The total amount lost has been estimated at $98,000 USD.

== Immediate Reactions ==
The transaction received commentary from Ten Armor and two other researchers (pennysplayer and CryptoTaffy) on Twitter/X. It is unclear if the AifeexAi team responded as their Twitter/X account does not appear to exist.

== Ultimate Outcome ==
The exploit was included in Week 34 of the BlockThreat report. The AifeexAi Twitter/X account does not appear to exist, however the homepage and Telegram continue to operate.

== Total Amount Recovered ==
The Aifeex Twitter/X appears to be deleted, and there was no public response located on their website.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It remains to be seen the end outcome from this project.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21148">[https://twitter.com/TenArmorAlert/status/1958353552390180870 TenArmor - "Our system has detected a suspicious attack involving #AIF on #BSC, resulting in an approximately loss of $98K." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="transactionbscscan-21149">[https://bscscan.com/tx/0xff29f5adb8932591d4f53356e2f8200503b12fef84f105f0ae3954e713bb8d31 AIF Attack Transaction - BSCScan] (Accessed Sep 19, 2025)</ref>

<ref name="pennysplayertweet-21150">[https://twitter.com/pennysplayer/status/1958570445130932700 PennysPlayer - "Lots of set up txs. Anyone gets it?" - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="cryptotaffytweet-21151">[https://twitter.com/CryptoTaffy/status/1961195022927499439 CryptoTaffy - "In an unknown corner, are still doing evil" - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="blockthreatweek34-21152">[https://newsletter.blockthreat.io/p/blockthreat-week-34-2025 BlockThreat - Week 34, 2025] (Accessed Sep 19, 2025)</ref>

<ref name="bscscanaifcontract-21153">[https://bscscan.com/token/0x4ac9427ebafdd2aac3b514fd77cf168737f5d999 AIF Smart Contract - BSCScan] (Accessed Sep 19, 2025)</ref>

<ref name="dexscreener-21154">[https://dexscreener.com/bsc/0x4ac9427ebafdd2aac3b514fd77cf168737f5d999 AIF Token - DexScreener] (Accessed Sep 19, 2025)</ref>

<ref name="apespace-21155">[https://apespace.io/bsc/0x4ac9427ebafdd2aac3b514fd77cf168737f5d999 AIF Token - ApeSpace] (Accessed Sep 19, 2025)</ref>

<ref name="coinranking-21156">[https://coinranking.com/coin/DS4XMozRGQWF+aif-aif AIF Token - CoinRanking] (Accessed Sep 19, 2025)</ref>

<ref name="binancelaunch-21157">[https://www.binance.com/en/square/post/28497419200114 AIF Aifeex On-Chain Decentralized Version - Immutable Data - Coming Soon to Trade - Binance Square] (Accessed Sep 19, 2025)</ref>

<ref name="aifeexhomepage-21158">[https://www.aifeex.com/ Aifeex Homepage] (Accessed Sep 19, 2025)</ref>

<ref name="dexview-21159">[https://www.dexview.com/bsc/0x4Ac9427ebafDd2aAc3B514fD77cf168737f5D999 AIF/USDT - DexView] (Accessed Sep 19, 2025)</ref>

<ref name="checkquillai-21160">[https://check.quillai.network/bsc/0x4ac9427ebafdd2aac3b514fd77cf168737f5d999 AIF (AIF) - Check QuillAI] (Accessed Sep 19, 2025)</ref></references>

File:Aifeex.jpg

2025-10-10T23:07:32Z

Azoundria:

DX3 AI Bot Exchange Function Price Manipulation Vulnerability

2025-10-10T23:06:53Z

Azoundria:

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/dx3aibotexchangefunctionpricemanipulationvulnerability.php}}
{{Unattributed Sources}}

[[File:D3xaibot.jpg|thumb|D3X AI Bot Logo/Homepage]]D3XAI is a Binance Smart Chain-based project that promoted itself as an AI-driven decentralized trading platform, promising advanced market analysis, automated strategies, and a decentralized user-controlled ecosystem. Central to its offering was the D3X AIBOT, claiming to use AI for real-time trading and offered token rewards for participation. However, the platform's closed-source smart contract was exploited through a price manipulation vulnerability, reportedly resulting in losses of around $159,000, as confirmed by blockchain security firms TenArmor and BlockSec. The exploit was linked to the platform relying on an externally manipulable spot price from a UniswapV2 pair. As of now, the project has not publicly acknowledged the incident, no recovery efforts have been announced, and the platform’s future remains uncertain.<ref name="tenarmortweet-21167" /><ref name="transactionbscscan-21168" /><ref name="blocksecteamtweet-21169" /><ref name="blocksecattack-21170" /><ref name="cryptojptranstweet-21171" /><ref name="unnamed-21172" /><ref name="panewscntwitter-21173" />

== About D3X Smart Contract ==
D3XAI is a project on the Binance Smart Chain (BSC) that claims to offer a next-generation decentralized trading platform powered by artificial intelligence. According to its promotional materials, the platform aims to leverage AI for deep market analysis, strategy optimization, and automated trade execution, with the goal of improving efficiency and accuracy for both novice and professional traders.

The platform promises to aggregate liquidity from over 24 major blockchains and support more than 2,000 trading pairs, including spot and leveraged contracts. It also advertises a user-friendly interface, API support for algorithmic trading, and a decentralized structure where users retain full control over their assets. However, how well these features perform in practice or how extensively they're adopted remains to be seen.

A central component of the ecosystem is the so-called D3X AIBOT—an AI-powered trading bot that undergoes a 15-day pre-training phase before becoming active. Once deployed, each bot is said to autonomously analyze market data, recognize patterns, monitor price fluctuations and sentiment, and execute trades accordingly. These bots are described as forming a decentralized AI compute network, contributing to the platform's overall intelligence and trading capabilities.

In return for participating in this network, users running AIBOTs can earn $D3XAI tokens, which are advertised as convertible to other assets like $D3XAT or USDT.

== The Reality ==
The smart contract for D3X was closed source. The platform unfortunately had a price manipulation vulnerability. The project markets this as a way to "earn with computing power," but—as with many crypto-based projects—the actual utility, token value, and long-term sustainability of the reward system remain largely speculative and dependent on broader adoption.

As with any early-stage or DeFi-related platform, it's important for potential users and investors to exercise caution, verify claims, and assess both the technical implementation and real-world performance before getting involved.

== What Happened ==
D3XAI, a Binance Smart Chain project promoting AI-driven decentralized trading, suffered a ~$159K loss due to a price manipulation exploit in its closed-source smart contract.
{| class="wikitable"
|+Key Event Timeline - DX3 AI Bot Exchange Function Price Manipulation Vulnerability
!Date
!Event
!Description
|-
|August 16th, 2025 2:44:25 AM MDT
|Attack Transaction
|The attack transaction is accepted by the BSC network onto their blockchain.
|-
|August 16th, 2025 4:18:00 AM MDT
|BlockSec Posts Notice
|BlockSec posts an alert on Twitter/X about the exploit.
|-
|August 17th, 2025 9:14:00 PM MDT
|TenArmor Tweet Posted
|TenArmor posts a tweet about the exploit.
|}

== Technical Details ==
Description by TenArmor: "It appears that the exchange() function of the contract 0xb8ad relies on the #d3xat token spot price from a UniswapV2 pair, which was exploited by the attacker through a price manipulation attack."

Description from BlockSec: "Although the contract is not open-source, preliminary analysis indicates a likely case of price manipulation due to spot price dependency."

== Total Amount Lost ==
TenArmor reports that the attack resulted "in an approximately loss of $158.9K" while BlockSec reports "an estimated loss of ~$160K".

The total amount lost has been estimated at $159,000 USD.

== Immediate Reactions ==
The incident was publicly reported on by TenArmor and BlockSec. It does not appear that the project itself has acknowledged the exploit.

== Ultimate Outcome ==
The outcome remains to be seen. The project social media remain operational.

== Total Amount Recovered ==
There is no suggestion of any recovery at this time.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It is unclear how this situation will resolve itself.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21167">[https://twitter.com/TenArmorAlert/status/1957279788709671402 TenArmor - "Our system has detected that #D3X AI @D3X_AI on #BSC was attacked, resulting in an approximately loss of $158.9K." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="transactionbscscan-21168">[https://bscscan.com/tx/0x26bcefc152d8cd49f4bb13a9f8a6846be887d7075bc81fa07aa8c0019bd6591f Attack Transaction - BSCScan] (Accessed Sep 22, 2025)</ref>

<ref name="blocksecteamtweet-21169">[https://twitter.com/BlockSecTeam/status/1956661877473476962 BlockSec Team - "Alert! Our system has detected suspicious transactions targeting an unknown contract (named D3XAT) on #BSC, resulting in an estimated loss of ~$160K. Although the contract is not open-source, preliminary analysis indicates a likely case of price manipulation due to spot price dependency." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="blocksecattack-21170">[https://app.blocksec.com/explorer/tx/bsc/0x26bcefc152d8cd49f4bb13a9f8a6846be887d7075bc81fa07aa8c0019bd6591f Attack Transaction - BlockSec] (Accessed Sep 22, 2025)</ref>

<ref name="cryptojptranstweet-21171">[https://twitter.com/CryptoJPTrans/status/1956688198597267878 CryptoJPTrans - "#BlockSec reports that #D3XAT in the BSC ecosystem may have been attacked" - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="unnamed-21172">[https://x.com/PANewsCN/status/1956687367911473634 https://x.com/PANewsCN/status/1956687367911473634] (Accessed Sep 22, 2025)</ref>

<ref name="panewscntwitter-21173">[https://twitter.com/PANewsCN/status/1956687367911473634 @PANewsCN Twitter] (Accessed Sep 22, 2025)</ref></references>

YULI AI Token Contract Pool Spot Price Manipulation Exploit

2025-10-10T23:05:45Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yuliaitokencontractpoolspotpricemanipulationexploit.php}} {{Unattributed Sources}} Binance Security ImageThe YULI AI smart contract, launched on July 22, 2025, was exploited due to a vulnerability that allowed a price manipulation attack. According to TenArmor, the attacker manipulated the YULIAI/USDT V3 pool’s spot price to repeatedly sell YULIAI to..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yuliaitokencontractpoolspotpricemanipulationexploit.php}}
{{Unattributed Sources}}

[[File:Binancesecurity.jpg|thumb|Binance Security Image]]The YULI AI smart contract, launched on July 22, 2025, was exploited due to a vulnerability that allowed a price manipulation attack. According to TenArmor, the attacker manipulated the YULIAI/USDT V3 pool’s spot price to repeatedly sell YULIAI tokens and extract more USDT from the contract, resulting in an estimated loss of $78.8K. The identity of the project’s creators remains unknown, and it is unclear whether an investigation is ongoing or if affected users will receive any support.<ref name="tenarmortweet-21174" /><ref name="attacktransaction-21175" /><ref name="exploiteraddress-21176" /><ref name="exploiterfunding-21177" /><ref name="yuliaitoken-21178" /><ref name="yuliaicreation-21179" />

== About YULI AI ==
The YULI AI smart contract was first created on July 22nd, 2025.

== The Reality ==
Unfortunately, the smart contract was vulnerable to a price manipulation attack.

== What Happened ==
The YULI AI smart contract on Binance Smart Chain was exploited through a price manipulation attack causing a $78.8K loss.
{| class="wikitable"
|+Key Event Timeline - YULI AI Token Contract Pool Spot Price Manipulation Exploit
!Date
!Event
!Description
|-
|July 22nd, 2025 3:25:26 AM MDT
|YULI AI Smart Contract Created
|The YULI AI smart contract is initially created on BSC.
|-
|August 5th, 2025 8:20:04 PM MDT
|Initial Attack Wallet Funding
|The attacker's wallet is initially funded.
|-
|August 13th, 2025 2:02:17 AM MDT
|Attack Transaction Occurred
|The attack transaction is accepted by the Binance smart chain.
|-
|August 13th, 2025 8:24:00 PM MDT
|TenArmor Posts Attack Alert
|TenArmor made a post on Twitter/X about the attack.
|}

== Technical Details ==
TenArmor provided the following analysis: "It appears to be a price manipulation attack, where the contract 0x8262 relies on the YULIAI/USDT V3 pool's spot price for selling YULIAI tokens. After manipulating the pool's YULIAI price, the attacker obtained more USDT from the victim contract by repeated selling YULIAI tokens."

== Total Amount Lost ==
TenArmor reports that there was "an approximately loss of $78.8K".

The total amount lost has been estimated at $79,000 USD.

== Immediate Reactions ==
The incident was reported on by TenArmor.

== Ultimate Outcome ==
It is unclear whether any resolution will be possible.

== Total Amount Recovered ==
There are no public details about who is behind this project.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It is unclear if an investigation is underway or any assistance will be available for affected users.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21174">[https://twitter.com/TenArmorAlert/status/1955817707808432584 TenArmor - "Our system has detected that #YULIAI and an unverified contract 0x8262 on #BSC was attacked, resulting in an approximately loss of $78.8K." - Twitter/X] (Accessed Sep 23, 2025)</ref>

<ref name="attacktransaction-21175">[https://bscscan.com/tx/0xeab946cfea49b240284d3baef24a4071313d76c39de2ee9ab00d957896a6c1c4 Attack Transaction - BSCScan] (Accessed Sep 23, 2025)</ref>

<ref name="exploiteraddress-21176">[https://bscscan.com/address/0x26f8bf8a772b8283bc1ef657d690c19e545ccc0d Exploiter Address - BSCScan] (Accessed Sep 23, 2025)</ref>

<ref name="exploiterfunding-21177">[https://bscscan.com/tx/0xa86f06790a01e3a72af4cdc9331b3bfc84273daaadc296a2c371ce60610d5eed Exploiter Address Funding - BSCScan] (Accessed Sep 23, 2025)</ref>

<ref name="yuliaitoken-21178">[https://bscscan.com/token/0xdf54ee636a308e8eb89a69b6893efa3183c2c1b5 YULI AI Token - BSCScan] (Accessed Sep 23, 2025)</ref>

<ref name="yuliaicreation-21179">[https://bscscan.com/tx/0x0a5786a1448ede4d46868598f0cbd5b2144b067e6b9387f3385e3cca72da32dc YULI AI Token Creation - BSCScan] (Accessed Sep 23, 2025)</ref></references>

HyperDrive Router Set As Operator State Changes Triggered

2025-10-10T23:05:24Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hyperdriveroutersetasoperatorstatechangestriggered.php}} {{Unattributed Sources}} HyperDrive Logo/HomepageHyperDrive, a core stablecoin money market within the Hyperliquid ecosystem, was compromised due to a vulnerability in its contract design. The issue arose from users granting the Router unrestricted operator permissions, allowing attackers to execute a..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hyperdriveroutersetasoperatorstatechangestriggered.php}}
{{Unattributed Sources}}

[[File:Hyperdrive.jpg|thumb|HyperDrive Logo/Homepage]]HyperDrive, a core stablecoin money market within the Hyperliquid ecosystem, was compromised due to a vulnerability in its contract design. The issue arose from users granting the Router unrestricted operator permissions, allowing attackers to execute arbitrary calls on the whitelisted Market contract, which resulted in the manipulation of users' positions. The exploit was traced to a sophisticated threat actor linked to other high-profile attacks. Following the incident, HyperDrive paused all markets and withdrawals, conducted a thorough investigation, and quickly implemented a patch within 48 hours. Funds have been restored to affected accounts, and markets are now fully operational. HyperDrive is committed to transparency and will release a post-mortem report, while also working to reinforce the protocol's security. Affected users were compensated, and the team thanked the community for their support during this time.<ref name="hyperdrivefitweet1-21243" /><ref name="hyperdrivefitweet2-21244" /><ref name="hyperdrivefitweet3-21245" /><ref name="cryptonyarutweet-21246" /><ref name="hyperdrivesetuptransaction-21247" /><ref name="hyperdriveattacktransaction-21248" /><ref name="diemkantweet-21249" /><ref name="vickydiamond21tweet-21250" /><ref name="inaiveaitwitter-21251" /><ref name="principecriptotwitter-21252" /><ref name="kandlefitwitter-21253" /><ref name="cryptosangeettwitter-21254" /><ref name="autumngood35twitter-21255" /><ref name="cheekycryptotwitter-21256" /><ref name="socatisaitwitter-21257" /><ref name="cande21990211twitter-21258" /><ref name="0xtheweb3labstwitter-21259" /><ref name="unchainedpodtwitter-21260" /><ref name="cartelxbttwitter-21261" /><ref name="trustblockhqtwitter-21262" /><ref name="k10ndiketwitter-21263" /><ref name="hyperdrivetwitterx-21264" /><ref name="hyperdrivehomepage-21265" /><ref name="mirrorxyzhyperdrive-21266" />

== About HyperDrive ==
HyperDrive is Hyperliquid's premier stablecoin money market, designed as the core infrastructure for making everything on the HyperCore ecosystem more liquid. The platform aims to be the cornerstone of the fast-growing stablecoin market, which is expected to become one of the largest sectors in crypto. With a focus on sustainable yields, HyperDrive allows users to supply stablecoins for lending, stake $HYPE for rewards, and use Hyperliquid's proprietary strategies, such as the Hyperliquidity Provider (HLP) vault, to generate returns. These strategies ensure that yields are driven by sound, sustainable mechanics, addressing the common issue of declining DeFi yields that plagued the market in 2022.

The stablecoin market has seen explosive growth, with assets like USDC, USDT0, and USDe now exceeding $243 billion in total supply. HyperDrive was built to capitalize on this trend, leveraging the rise of stablecoins in decentralized finance (DeFi) for various uses, from remittances to protecting against hyperinflation. However, the market's early success was marred by unsustainable yields, prompting HyperDrive to focus on long-term, sustainable growth solutions. By using innovative vaults and collateral strategies, such as tokenizing HyperCore vaults and offering managed yield and looping strategies, HyperDrive seeks to transform stablecoin yields into a stable, reliable revenue stream for users.

Looking ahead, HyperDrive envisions becoming the default infrastructure for yield generation in the crypto space. Every crypto wallet is expected to hold stablecoins, which will continuously earn, borrow, and compound through the platform. As Hyperliquid continues to grow, HyperDrive will integrate more stablecoins, tokenization protocols, vaults, and yield opportunities to create a comprehensive ecosystem for maximizing returns. In five years, HyperDrive aims to be the central hub for stablecoin yields, driving value and utility in the crypto world.

== The Reality ==
Unfortunately, the market router was incorrectly set as an operator during deployment, creating the conditions for an exploitable vulnerability.

== What Happened ==
HyperDrive was compromised due to a vulnerability in its contract design allowing unauthorized calls.
{| class="wikitable"
|+Key Event Timeline - HyperDrive Router Set As Operator State Changes Triggered
!Date
!Event
!Description
|-
|August 1st, 2025 10:33:52 PM MDT
|Hyperdrive Router Set As Operator
|A transaction which sets up the permissions vulnerability in the protocol. "During the lending process, the user sets the Router as Operator, but the Router can execute any Call to addresses in the whitelist, and coincidentally the Market is in the whitelist."
|-
|September 27th, 2025 6:54:52 AM MDT
|Hyperdrive Attack Transaction
|The attack transaction which is related to this exploit.
|-
|September 27th, 2025 7:55:00 AM MDT
|Analysis By CryptoNyaRu Posted
|Twitter/X user CryptoNyaRu publishes an initial analysis of the exploit transaction in Chinese, including links to the related transactions viewable in the block explorer.
|-
|September 27th, 2025 8:00:00 AM MDT
|Team Reportedly Aware Of Activity
|The approximate time that the Hyperdrive team became aware of the suspicious activity (assuming that their post is meant to say September and not June).
|-
|September 27th, 2025 6:27:00 PM MDT
|Initial Hyperdrive Announcement
|The Hyperdrive Finance team posts on Twitter/X to announce that they are aware of the exploit, only two markets ("Primary USDT0 Market and the Treasury USDT Market") are affected/vulnerable, and further updates will be available in the future.
|-
|September 28th, 2025 12:38:00 AM MDT
|Intermediate Update Posted
|The HyperDrive team posts an intermediate update on Twitter/X. They "have identified the root cause and corrected the issue. We have also identified the affected accounts and are enacting a compensatory plan shortly. We expect normal market functioning to resume within 24 hours, if not significantly sooner."
|-
|September 28th, 2025 6:29:00 PM MDT
|Hyperdrive Restoration Update
|Hyperdrive posts an update announcing that all markets have now reopened. "All markets are fully operational and funds have been restored to all impacted accounts."
|}

== Technical Details ==
Hyperdrive was compromised because users granted the Router unrestricted operator permissions during borrowing/lending flows, and the Router itself was allowed to make arbitrary calls to any to address on a whitelist — and crucially the Market contract was on that whitelist. In practice this meant that anyone who could trigger the Router could instruct it to call the Market contract on behalf of a user. An attacker used that pathway: a user transaction sets the Router as operator (see tx 0x5456d8...a12cb), the Router’s design allows arbitrary whitelisted to calls and the Market (ID 0x05d2...280c, address 0xa52257...d09) is whitelisted, and a third‑party then invoked the Router to issue calls into the Market that altered those users’ positions (see tx 0xcaf5ea...66a6639). Router address: 0x8D9e168a8Fd102Ea52Ba3Cc43d4C613Bb6c89F32.

Technically the root causes were over‑broad operator approvals on user accounts plus a trust assumption in the Router/whitelist model: the whitelist permitted a privileged contract (the Market) to be called indirectly via a Router that could be set as an operator by any user. That combination allowed a third party to trigger state‑changing Market logic against users’ vaults without the users’ intent. Short mitigations include narrowing operator permissions, removing or restricting the Router’s ability to proxy arbitrary whitelisted calls, moving whitelist checks to require the original caller to be an authorized actor (not just the to target), and adding explicit user consent or timelocks for operator-initiated critical actions.

Twitter/X user Diemkan explained further:

"The fundamental design flaw in Hyperdrive's contracts, where the router could call any whitelisted contract, is a serious security vulnerability. This opens the system up to potential privilege escalation attacks, which is a much deeper issue than just a simple bug.

Adding an LLM agent on top of this flawed architecture would not fix the underlying problem. If the agent has access to the router, it could potentially exploit this privilege flaw to perform unauthorized actions."

== Total Amount Lost ==
The amount lost has varied between $782k and $783k through various sources.

The total amount lost has been estimated at $782,000 USD.

== Immediate Reactions ==
The issue first surfaced on June 27, 2025, around 10:00 PM Singapore time, when suspicious activity was detected in the Primary and Treasury USDT0 markets. In response, the team paused all markets and withdrawals while conducting a thorough investigation with the help of auditors and security specialists. Hyperdrive publicly acknowledged exploit within 12 hours and identified that is was affecting two markets: the Primary USDT0 Market and the Treasury USDT Market. The team began working on a patch to address the vulnerability and exploring various options to mitigate the impact on affected users. Hyperdrive emphasized their commitment to transparency and promised a detailed post-mortem report once the investigation is complete. Hyperdrive reiterated that their long-term vision of building the best protocol on Hyperliquid remains unchanged.

== Ultimate Outcome ==
All markets are now fully operational with funds restored to all affected accounts. Users were remediated and a patch was able to be developed, reviewed, and implemented within 48 hours. Markets resumed normally.

The attack was traced to a sophisticated threat actor associated with high-profile attacks on other protocols.

== Total Amount Recovered ==
Affected users have reportedly been made whole by the HyperDrive team.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
Hyperdrive has committed to releasing a full postmortem in the future. According to the latest update from HyperDrive, "[t]he investigation is currently ongoing and we will reveal more information at the appropriate time."

Hyperdrive expressed gratitude to the security community, its Hyperliquid partners, and especially its users for their support during this challenging period. Users who are still experiencing issues or believe their accounts have not been fully remediated are encouraged to open a support ticket via Hyperdrive's Discord server. The team remains committed to transparency and is focused on reinforcing the protocol's security moving forward.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="hyperdrivefitweet1-21243">[https://twitter.com/hyperdrivedefi/status/1972095669403111519 Hyperdrive Finance - "We are aware of the recent issues affecting the Hyperdrive protocol. At this time, we are able to confirm that the issues affect only two markets: the Primary USDT0 Market and the Treasury USDT Market." - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdrivefitweet2-21244">[https://twitter.com/hyperdrivedefi/status/1972189259504537624 Hyperdrive Finance - "We have identified the root cause and corrected the issue. We have also identified the affected accounts and are enacting a compensatory plan shortly. We expect normal market functioning to resume within 24 hours, if not significantly sooner." - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdrivefitweet3-21245">[https://twitter.com/hyperdrivedefi/status/1972458715354935611 Hyperdrive Finance - "All markets are fully operational and funds have been restored to all impacted accounts." - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="cryptonyarutweet-21246">[https://twitter.com/CryptoNyaRu/status/1971936681617248264 CryptoNyaRu - "During the lending process, the user sets the Router as Operator, but the Router can execute any Call to addresses in the whitelist, and coincidentally the Market is in the whitelist" - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdrivesetuptransaction-21247">[https://hyperevmscan.io/tx/0x5456d89a71c594b922f5753fd992a0fcd0ff366fa68400395fa09e1b773a12cb Hyperdrive Router Set As Operator - HyperEVMScan] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdriveattacktransaction-21248">[https://hyperevmscan.io/tx/0xcaf5ea61c438339431e32a4bcf8b1ce893b873599e6a56b6df37af74066a6639 Hyperdrive Attack Transaction - HyperEVMScan] (Accessed Sep 29, 2025)</ref>

<ref name="diemkantweet-21249">[https://twitter.com/Diemkan/status/1972740475414270413 Diemkan - "In summary, this is a concerning security design issue that needs to be addressed at the core contract level, rather than just adding a new interface on top of it." - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="vickydiamond21tweet-21250">[https://twitter.com/vickydiamond21/status/1972425543397392799 Vicki.hl - "A Hyperliquid-based lending protocol, @hyperdrivedefi lost about $782,000 worth of tokens following a smart contract exploit Saturday night, in the third notable security incident affecting the popular Layer 1 network." - Twitter/X] (Accessed Sep 29, 2025)</ref>

<ref name="inaiveaitwitter-21251">[https://twitter.com/i_naiveai/status/1971941873003778319 @i_naiveai Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="principecriptotwitter-21252">[https://twitter.com/PrincipeCripto/status/1972613372500963433 @PrincipeCripto Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="kandlefitwitter-21253">[https://twitter.com/KandleFi/status/1972559514558959840 @KandleFi Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="cryptosangeettwitter-21254">[https://twitter.com/CryptoSangeet/status/1972731737588511159 @CryptoSangeet Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="autumngood35twitter-21255">[https://twitter.com/autumn_good_35/status/1972639139637186905 @autumn_good_35 Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="cheekycryptotwitter-21256">[https://twitter.com/CheekyCrypto/status/1972361520290889986 @CheekyCrypto Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="socatisaitwitter-21257">[https://twitter.com/SocatisAI/status/1972225278937374897 @SocatisAI Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="cande21990211twitter-21258">[https://twitter.com/Cande21990211/status/1972540260388094393 @Cande21990211 Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="0xtheweb3labstwitter-21259">[https://twitter.com/0xTheWeb3Labs/status/1972679682668556575 @0xTheWeb3Labs Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="unchainedpodtwitter-21260">[https://twitter.com/Unchained_pod/status/1972674988948795726 @Unchained_pod Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="cartelxbttwitter-21261">[https://twitter.com/cartelxbt/status/1972419681945268448 @cartelxbt Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="trustblockhqtwitter-21262">[https://twitter.com/TrustblockHQ/status/1972700410231353437 @TrustblockHQ Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="k10ndiketwitter-21263">[https://twitter.com/K10NDIKE/status/1972537059517554733 @K10NDIKE Twitter] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdrivetwitterx-21264">[https://twitter.com/hyperdrivedefi Hyperdrive Finance Twitter/X Account] (Accessed Sep 29, 2025)</ref>

<ref name="hyperdrivehomepage-21265">[https://hyperdrive.fi/ Hyperdrive Homepage] (Accessed Sep 29, 2025)</ref>

<ref name="mirrorxyzhyperdrive-21266">[https://mirror.xyz/0x0c31773aF12C949f671e138FC28dD7E7289304d3/oWLnxarUEBoMh4TWF3VuB43P1Nb9N6c0IUGI6yEgb5w Hyperdrive - THE Stablecoin Money Market - Mirror.xyz] (Accessed Sep 29, 2025)</ref></references>

File:Hyperdrive.jpg

2025-10-10T23:05:10Z

Azoundria:

HyperVault Founder Nick Olsson Internal Ledger Rug Pull

2025-10-10T23:04:30Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hypervaultfoundernickolssoninternalledgerrugpull.php}} {{Unattributed Sources}} HyperVault Logo/Captured Homepage<ref name="odailynews-21267" /><ref name="peckshieldalerttweet-21268" /><ref name="unknown-5676" /><ref name="hypingbulltweet-21269" /><ref name="hypervaultdevnick-21270" /><ref name="jishkk110118twitter-21271" /><ref name="matiasgladiatortwitter..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hypervaultfoundernickolssoninternalledgerrugpull.php}}
{{Unattributed Sources}}

[[File:Hypervault.jpg|thumb|HyperVault Logo/Captured Homepage]]<ref name="odailynews-21267" /><ref name="peckshieldalerttweet-21268" /><ref name="unknown-5676" /><ref name="hypingbulltweet-21269" /><ref name="hypervaultdevnick-21270" /><ref name="jishkk110118twitter-21271" /><ref name="matiasgladiatortwitter-21272" /><ref name="brutaltradetweet-21273" /><ref name="0xdoolatwitter-21274" /><ref name="itscuatrohuesostwitter-21275" /><ref name="mariapierandreitwitter-21276" /><ref name="thehypeconomisttwitter-21277" /><ref name="ozcryptofficialtwitter-21278" /><ref name="0xthadetwitter-21279" /><ref name="zenith256tweet-21280" /><ref name="hybrafinancetweet-21281" /><ref name="rekthqtweet-21282" /><ref name="hypervaultruggedrekt-21283" />

== About HyperVault ==
"Introducing Hypervault V1! The most efficient yield aggregator on @HyperliquidX The gateway to yield on #HyperEVM Deposits are now open"

== About Nick Olsson ==
Nick Olsson is reportedly the founder of HyperVault.

== The Reality ==
User HypingBull posted on Twitter/X to warn the community on September 4th, multiple weeks prior to the eventual rug pull event. At this time, the team was claiming auditors were underway when auditors had not started performing any audits.

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - HyperVault Founder Nick Olsson Internal Ledger Rug Pull
!Date
!Event
!Description
|-
|September 4th, 2025 1:29:00 PM MDT
|HypingBull Audit Warning
|HypingBull posts a warning to the community. The HyperVault team claimed multiple audits underway with results in mid-September, however reaching out to one of the auditors they were unable to get any confirmation that there was an audit happening. The auditor had not heard of the project before.
|-
|September 25th, 2025 7:27:12 PM MDT
|Vault Contract Ownership Switch
|The ownership of the vault contract is switched in a transaction.
|-
|September 25th, 2025 8:34:00 PM MDT
|Initial Withdrawal Of HYPE
|The first withdrawal of HYPE tokens from the vault contract.
|-
|September 25th, 2025 8:47:00 PM MDT
|Final Withdrawal Of PUMP
|The final withdrawal is for PUMP tokens from the vault contract.
|-
|September 26th, 2025 12:43:00 AM MDT
|HypingBull Update Tweet
|HypingBull posts an update to notify that all social media related to HyperVault has now been removed.
|-
|September 26th, 2025 1:26:00 AM MDT
|PeckShield Tweet Posted
|PeckShield posts an alert tweet noting the withdrawal of $3.6m worth of cryptocurrency. PeckShield shares a screenshot of the HyperVault Twitter/X account having been deleted.
|-
|September 26th, 2025 1:32:00 AM MDT
|Odaily News Report Posted
|The incident is reported on ODaily News.
|-
|September 29th, 2025 7:12:00 PM MDT
|Naim/BrutalTrade Tracing
|Naim (BrutalTrade) traces funds from Circulate Money that went into TornadoCash in 3 deposits, and were then immediately withdrawn in 3 subsequent withdrawals.
|-
|September 30th, 2025 3:47:00 PM MDT
|Rekt News Published Report
|Rekt news publishes an article with a high level overview of the rug pull.
|}

== Technical Details ==
The HyperVault rug pull exploited a combination of technical obfuscation, deceptive marketing, and privileged contract design. Unlike standard DeFi protocols that use transparent ERC-4626 vaults with share tokens to represent user deposits, HyperVault operated using a hidden internal ledger system. This allowed vault balances and ownership to remain opaque, preventing users and explorers from tracking deposits easily. The contract included an onlyHV() function modifier granting elevated privileges under the guise of a safety mechanism. This effectively acted as a master key, enabling the team to redirect control of the vaults to their externally owned address (EOA) and initiate mass withdrawals without resistance or transparency.

The exploit unfolded on September 25, 2025, when the attackers used two main wallets to drain funds from nine vaults into a consolidation wallet. They had pre-funded five wallets with gas fees four days earlier, two of which were used in the actual theft. Approximately 1,126.72 ETH (≈$4.64M) was swapped into $HYPE, bridged from HyperEVM to Ethereum using deBridge, and then laundered via Tornado Cash through four different Ethereum addresses. This well-planned maneuver allowed the attackers to evade immediate detection while community members and forensic analysts like SpecterAnalyst retroactively pieced together the transaction flow. The addresses involved, their movement of funds, and even their bridge timing aligned precisely with the vault drain, confirming the deliberate nature of the rug pull.

Further technical evidence came from a draft audit delivered privately by Zenith Security two days before the rug. It revealed 42 vulnerabilities, six of which were high severity, but the HyperVault team never acknowledged these publicly. Instead, they used the announcement about the pending audit to bolster trust while ignoring the critical issues ultimately raised. After the rug, developers began deleting their GitHub repositories, severing online identities, and removing all social presence. Despite connections drawn across previous projects like ZinoFinance, PerfectSwap, and Zero-G Finance using similar tactics, the team vanished with the funds. Blockchain forensics have since traced the exploit trail in detail, but due to the use of Tornado Cash and anonymous developer infrastructure, recovery remains unlikely.

== Total Amount Lost ==
Losses were reported by SlowMist at $3,610,000 USD. PeckShield originally estimated these losses at $3.6m or 752 ETH.

PeckShield broke down the losses as 36,883,470.75 UPUMP, 107,318.43 USDC, 1214.17 USOL, 11,588.61 kHYPE, 86.0063 UETH, 2.1657 UBTC, 439,863.77 USDT0, 10,702.60 USDe, and 37,060.02 WHYPE. This added up to a total of exactly $3.61m USD.

Rekt reports the loss total as $4.64m USD, while an article by Blockonomi reports a total of $6.3m USD, which reportedly came from HypingBull. It is unclear the discrepancy.

The total amount lost has been estimated at $3,610,000 USD.

== Immediate Reactions ==
Within hours of draining $4.64 million from user vaults, the HyperVault team deleted social media accounts, shut down the Discord server, took their website offline, and removed documentation. The founder, Nick Olsen, who had previously appeared on video calls and used the handle "0xnyck," became unreachable. Several developers connected to the project scrubbed their GitHub accounts or deleted key repositories once identified publicly.

Prominent influencers like HYPEconomist endorsed HyperVault days before the rug, later claiming to be victims themselves. After the collapse, community sentiment turned sharply. Accusations flew, and influencers who promoted the project were labeled enablers or scammers. While some, like Hybra Finance, took responsibility and offered reimbursements to their users, the broader Hyperliquid community was left shaken, frustrated that red flags had been so visible and yet so widely ignored.

Independent investigators like BrutalTrade and security analysts from SpecterAnalyst launched deep-dive investigations. They traced wallet movements, uncovered GitHub and domain registration patterns, and linked HyperVault’s team to past scams like ZinoFinance and PerfectSwap. Their findings highlighted a network of serial scammers using the same playbook under different names. Even innocent parties, like the audit firm Kupia Security, were briefly swept up in the investigation due to incidental blockchain connections.

== Ultimate Outcome ==
Over $4.64 million in user deposits was extracted from HyperVault’s vaults and funneled through a sophisticated laundering pipeline involving deBridge bridges and Tornado Cash, effectively eliminating any realistic path to recovery. More than 1,100 depositors were impacted, many of whom ignored early red flags or placed trust in influencer endorsements and fake audit claims. By the time forensic analysts publicly confirmed the exploit, the operation was already finalized: funds were scattered across anonymized wallets, social channels were deleted, and all digital traces of the team had vanished. Projects like Hybra Finance, which had integrated with HyperVault, issued public apologies and partial user reimbursements, but for the vast majority of victims, the damage was permanent.

The incident shook trust in HyperEVM and exposed recurring patterns of DeFi fraud. The HyperVault rug was not an isolated event, but part of a wider trend of serial scams involving the same team operating under different project names. Investigators linked HyperVault’s developers to earlier exploits in ZinoFinance, Zero-G Finance, and PerfectSwap — all run through similar infrastructure and registered anonymously via Njalla. The exploit prompted a wave of skepticism across the DeFi community, particularly around projects offering unusually high yields with opaque teams.

== Total Amount Recovered ==
Users of Hybra Finance were entitled to a full recovery if they invested in the project after a tweet the project made, and were already users of the Hybra Finance project prior to the tweet.

All others remain awaiting any form of recovery still.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
Analysts like SpecterAnalyst and BrutalTrade are still working to track down the identities of those responsible by following blockchain breadcrumbs and examining the connections between wallets, bridges, and other projects.

While no legal action has been confirmed, the investigations are ongoing. The tools, audit reports, and codebases have been archived by community sleuths for future reference. Many are calling for better vetting practices, more transparent audit processes, and stronger security protocols.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="odailynews-21267">[https://www.odaily.news/en/newsflash/450084 PeckShieldAlert: Hypervault Finance experienced abnormal withdrawals worth approximately $3.6 million - ODaily News] (Accessed Oct 3, 2025)</ref>

<ref name="peckshieldalerttweet-21268">[https://twitter.com/PeckShieldAlert/status/1971476404173930660 PeckShield - "#PeckShieldAlert #Rugpull? We have detected an abnormal withdrawal of ~$3.6M worth of cryptos from @hypervaultfi." - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="unknown-5676">[ ] (Accessed Jan 16, 2022)</ref>

<ref name="hypingbulltweet-21269">[https://twitter.com/hypingbull/status/1971465564561289420 HypingBull - "My suspicions were right. Hypervault just deleted all the social media accounts. Twitter has gone, the Discord has gone too." - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="hypervaultdevnick-21270">[https://opensea.io/collection/hypervault-dev-nick Hypervault Dev Nick - OpenSea NFT Collection] (Accessed Oct 3, 2025)</ref>

<ref name="jishkk110118twitter-21271">[https://twitter.com/jishkk110118/status/1972704547580821806 @jishkk110118 Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="matiasgladiatortwitter-21272">[https://twitter.com/matiasgladiator/status/1973137440081588369 @matiasgladiator Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="brutaltradetweet-21273">[https://twitter.com/BrutalTrade/status/1971931159668891652 Brutal Trade - "His GitHub profile is https://github.com/res-pan, and in a 2024 commit to Zero-G Finance he forgot to hide his email address" - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="0xdoolatwitter-21274">[https://twitter.com/0xdoola/status/1971538425548361822 @0xdoola Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="itscuatrohuesostwitter-21275">[https://twitter.com/itscuatrohuesos/status/1971737937705685208 @itscuatrohuesos Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="mariapierandreitwitter-21276">[https://twitter.com/MariaPierandrei/status/1972630260966686865 @MariaPierandrei Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="thehypeconomisttwitter-21277">[https://twitter.com/theHYPEconomist/status/1971649499698213239 @theHYPEconomist Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="ozcryptofficialtwitter-21278">[https://twitter.com/ozcryptofficial/status/1972928938042077555 @ozcryptofficial Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="0xthadetwitter-21279">[https://twitter.com/0xthade/status/1971993774399410294 @0xthade Twitter] (Accessed Oct 3, 2025)</ref>

<ref name="zenith256tweet-21280">[https://twitter.com/zenith256/status/1971605514334376286 Zenith256 - "We will fully collaborate with the investigation. Based on DocuSign metadata, we have identified an IP address belonging to Nicholas Olsen and will be sharing it with authorities and affected parties. We will also be conducting a full forensic investigation to locate any other information that might be helpful." - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="hybrafinancetweet-21281">[https://twitter.com/HybraFinance/status/1971559148153426155 Hybra Finance - "We are shocked to learn that Hypervault has rugged. Here’s what happened and what we’re doing next" - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="rekthqtweet-21282">[https://twitter.com/RektHQ/status/1973142779451806150 Rekt HQ - "95% APY, zero percent chance of getting your money back. HyperVault's $4.64M rug pulled every classic move - fake audit claims, anon devs with serial scammer histories, privileged contract backdoors. Ghosts left highways - community traced them all." - Twitter/X] (Accessed Oct 3, 2025)</ref>

<ref name="hypervaultruggedrekt-21283">[https://rekt.news/hypervault-rugged HyperVault Rugged - Rekt] (Accessed Oct 3, 2025)</ref></references>

File:Hypervault.jpg

2025-10-10T23:04:16Z

Azoundria:

Corepound AI Yield Aggregator on Core Blockchain Rug Pull

2025-10-10T22:52:08Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/corepoundaiyieldaggregatoroncoreblockchainrugpull.php}} {{Unattributed Sources}} CorepoundCorepound, a yield aggregator built on the Core blockchain, claimed to optimize returns for cryptocurrency holders through AI-driven strategies, smart contract-powered vaults, and features like CoreChest and incentivized multipliers. Users were promised above-average AP..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/corepoundaiyieldaggregatoroncoreblockchainrugpull.php}}
{{Unattributed Sources}}

[[File:Corepound.jpg|thumb|Corepound]]Corepound, a yield aggregator built on the Core blockchain, claimed to optimize returns for cryptocurrency holders through AI-driven strategies, smart contract-powered vaults, and features like CoreChest and incentivized multipliers. Users were promised above-average APYs by staking assets such as $CORE, $USDC, and $WBTC. However, it was later revealed that the Corepound team, which remained anonymous, appears to have orchestrated a rug pull, stealing approximately $400,000 from users. Despite initial efforts to trace the funds, the protocol was reportedly taken offline, and no concrete recovery plans have been disclosed. The community expressed support, but there was limited assistance for those affected. Investigations into the incident are likely ongoing<ref name="communityofcoretweet-21321" /><ref name="attackerprofiledebank-21322" /><ref name="attackeraddressblockchain-21323" /><ref name="attackerattressetherscan-21324" /><ref name="rolexcoretweet-21325" /><ref name="coreecosystemtweet-21326" /><ref name="etherscan1-21327" /><ref name="unknown-5676" /><ref name="defillama-21328" /><ref name="dappradarcorepound-21329" /><ref name="forbescorepound-21330" /><ref name="defibnstweet-21331" />

== About Corepound ==
Corepound claimed to be a yield aggregator built on the Core blockchain, designed to optimize returns for cryptocurrency holders while minimizing risk exposure. The platform claimed to employ AI-driven strategies to automatically compound yields, allowing users to stake assets such as $CORE, $USDC, $USDT, $SolvBTC, and $WBTC in smart contract-powered vaults. These vaults were said to leverage a combination of lending protocols, validator staking, and BTCFi innovations to ensure long-term growth with sustainable rewards. Corepound also promised features like CoreChest, Points, and incentivized multipliers to enhance the user experience, providing a secure and transparent way for users to earn optimized yields while integrating Bitcoin liquidity into the DeFi ecosystem.

As a BTCFi yield aggregator, Corepound was built on Core Dao, a Bitcoin-powered and EVM-compatible chain. While Core Dao was still emerging, Corepound sought to establish itself as a key player within the ecosystem and expand the potential of Bitcoin-focused decentralized applications (Dapps). The platform claimed to offer users above-average annual percentage yields (APY) through vault staking, with high APYs backed by a robust financial system that combined smart contract technology and decision-making from experienced developers to ensure sustainability.

Users could earn on Corepound by staking their assets into vaults through a simple process. After connecting a wallet, users chose a vault, deposited their desired amount (while leaving funds for network fees), and the system automatically compounded rewards. Investment management was made easy, as users could harvest rewards, deposit more, or withdraw at any time, offering them flexibility to grow their assets.

== The Reality ==
Unfortunately, the team behind Corepound appears to have been planning the operation as a way to steal funds from users via an inevitable rug pull.

== What Happened ==
Corepound's anonymous team allegedly executed a rug pull, stealing $400,000 from users by exploiting their trust in the platform's yield aggregation services
{| class="wikitable"
|+Key Event Timeline - Corepound AI Yield Aggregator on Core Blockchain Rug Pull
!Date
!Event
!Description
|-
|May 15th, 2025 10:24:24 PM MDT
|Last Archive Capture
|The last failed capture of the homepage on the internet archive.
|-
|September 23rd, 2025 2:23:00 PM MDT
|Protocol Offline Acknowledgement
|The Core Ecosystem tweets an update to note that the Corepound project has gone offline and advise against any further interaction with the protocol.
|-
|September 24th, 2025 12:22:00 PM MDT
|Community Of Core Response
|The Core Community Twitter/X account posts an official announcement that they did not support the Corepound protocol financially in any way, and that they are recommending that all affected users report the events to their local law enforcement and to the various compliance departments at all major exchanges.
|}

== Technical Details ==
It appears that the team was anonymous and abused their position of trust to steal all assets of users who used their staking protocol.

== Total Amount Lost ==
According to SlowMist, the Corepound protocol reportedly conducted a rug pull and successfully made off with $400,000.

Data from Defi Llama shows a market valuation of $362k on the day prior to the rug pull event.

The total amount lost has been estimated at $362,000 USD.

== Immediate Reactions ==
There was notice that the protocol appears to have gone offline. Some efforts appear to have been undertaken to trace the funds and report to authorities.

== Ultimate Outcome ==
There is no word that the protocol team has been reached, nor of any specific recovery plan being underway.

== Total Amount Recovered ==
The community has expressed some support and notified about the incidents. However, limited assistance appears to have been available for affected users.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There may be ongoing investigation and recovery efforts underway.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="communityofcoretweet-21321">[https://twitter.com/CommunityofCore/status/1970916743628587292 Community Of Core - "We hear you. Core did not financially support Corepound and we're actively working to address the incident. We have talked with the Core team, we will be implementing stricter vetting protocols." - Twitter/X] (Accessed Oct 8, 2025)</ref>

<ref name="attackerprofiledebank-21322">[https://debank.com/profile/0xedfa29a8337b1bbe8a1b897aaf08098b5e0ffabb Attacker Address Profile - Debank] (Accessed Oct 8, 2025)</ref>

<ref name="attackeraddressblockchain-21323">[https://www.blockchain.com/explorer/addresses/eth/0xedfa29a8337b1bbe8a1b897aaf08098b5e0ffabb Attacker Address - Blockchain.com] (Accessed Oct 8, 2025)</ref>

<ref name="attackerattressetherscan-21324">[https://etherscan.io/address/0xedfa29a8337b1bbe8a1b897aaf08098b5e0ffabb Attacker Address - Etherscan] (Accessed Oct 8, 2025)</ref>

<ref name="rolexcoretweet-21325">[https://twitter.com/Rolex_Core/status/1970739724739584282 Rolex_Core - "This time @corepoundxyz scammed Core players, this matter is no small deal. I hope the project team uses all their power to recover users' funds, try not to let the scammers withdraw, and hope that major exchanges learn from @Bybit_Official's lessons. I suggest @Coredao_Org @richrines refer to and draw from the experience of the SlowMist team @evilcos, while summarizing lessons learned to protect $CORE players' assets! Thank you!" - Twitter/X] (Accessed Oct 8, 2025)</ref>

<ref name="coreecosystemtweet-21326">[https://twitter.com/CoreEcosystem/status/1970584860516651113 Core Ecosystem - "It has come to our attention that the Corepound project has gone offline. For security purposes, we strongly advise all users to avoid interacting with the application." - Twitter/X] (Accessed Oct 8, 2025)</ref>

<ref name="etherscan1-21327">[https://etherscan.io/tx/0x3fe044edea33eef43c4a3aa3ceeff5a230c35ff6dd1294ef9c09374cce006eb3 Potentially Part Of Theft - Etherscan] (Accessed Oct 8, 2025)</ref>

<ref name="unknown-5676">[ ] (Accessed Jan 16, 2022)</ref>

<ref name="defillama-21328">[https://defillama.com/protocol/corepound Corepound - Defi Llama] (Accessed Oct 8, 2025)</ref>

<ref name="dappradarcorepound-21329">[https://dappradar.com/dapp/corepound Corepound - DappRadar] (Accessed Oct 8, 2025)</ref>

<ref name="forbescorepound-21330">[https://www.forbes.com/digital-assets/assets/corepound-corp-2/ Corepound - Forbes Digital Assets Profile] (Accessed Oct 8, 2025)</ref>

<ref name="defibnstweet-21331">[https://twitter.com/Defibns/status/1934950706261147894 DefiBNS - "Some people may find it confusing at first to know how to earn from a platform that collects and grows your crypto rewards.@corepoundxyz stands out because it’s made simple for anyone to use, even if you're new to DeFi." - Twitter/X] (Accessed Oct 8, 2025)</ref></references>

File:Corepound.jpg

2025-10-10T22:51:53Z

Azoundria:

Seedify Fund Private Key OFT Contract Compromised Minting

2025-10-10T22:51:23Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/seedifyfundprivatekeyoftcontractcompromisedminting.php}} {{Unattributed Sources}} Seedify Logo/HomepageSeedify.Fund, a Web3 incubator and launchpad, suffered a security breach after a developer was tricked into running malware, likely by a North Korean actor, compromising critical private keys and causing a $1.7 million loss. In response, Seedify launched..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/seedifyfundprivatekeyoftcontractcompromisedminting.php}}
{{Unattributed Sources}}

[[File:Seedifyfund.jpg|thumb|Seedify Logo/Homepage]]Seedify.Fund, a Web3 incubator and launchpad, suffered a security breach after a developer was tricked into running malware, likely by a North Korean actor, compromising critical private keys and causing a $1.7 million loss. In response, Seedify launched the "Phoenix Raise" to replace the compromised token, rebuild liquidity, and compensate affected users. The platform is strengthening its security measures with triple audits for new smart contracts, a bug bounty program, and a public security page. Additionally, Seedify is ensuring a smooth token migration, with a 1:1 conversion ratio for old SFUND tokens and no vesting requirements, while maintaining rewards and staking benefits for the community.<ref name="seedifyfundtweet1-21306" /><ref name="basescanownership-21307" /><ref name="etherscanhacked-21308" /><ref name="BSC hacked funds - BSCScan-21309" /><ref name="zachxbttweet-21310" /><ref name="seedifyfundtweet2-21311" /><ref name="metaalchemisttweet-21312" /><ref name="seedifyfundtweet3-21313" /><ref name="tanuki42tweet-21314" /><ref name="metaalchemisttweet2-21315" /><ref name="seedifyfundtwitterx-21316" /><ref name="seedifyfundhomepage-21317" /><ref name="seedifyfundmediumintroduction-21318" /><ref name="metaalchemisttwitterx-21319" /><ref name="seedifyfundtweet4-21320" />

== About Seedify ==
Seedify.Fund is a prominent Web3 incubator and launchpad dedicated to fostering innovation in the blockchain space. Founded in 2021, its mission is to support and empower early-stage Web3 projects by providing funding, resources, and guidance to developers and entrepreneurs. Seedify focuses on projects related to DeFi, AI, NFTs, Big Data, and Web3 Gaming. Through decentralized mechanisms such as a DAO (Decentralized Autonomous Organization), the platform allows its community to vote on which projects receive funding, ensuring that the process is community-driven and transparent.

A unique aspect of Seedify is its staking system, which offers users the opportunity to stake $SFUND tokens. This allows participants early access to purchase project tokens and become more deeply involved in the projects they support. Stakers also benefit from a variety of reward programs, including token rewards from incubated projects and liquidity mining for those who support the platform’s market activities. By fostering an ecosystem where both investors and innovators can collaborate, Seedify aims to unlock new growth opportunities for Web3 projects.

Beyond funding, Seedify offers a comprehensive incubator designed to help projects reach their full potential. The platform’s decentralized incubator provides expertise in various critical areas such as user experience, marketing, tokenomics, branding, and development. This holistic support system aims to ensure that projects not only get off the ground but also succeed in a competitive and rapidly evolving market. Seedify’s commitment to a decentralized, community-driven approach makes it a standout player in the Web3 ecosystem, providing significant opportunities for both project developers and token holders.

== The Reality ==
Unfortunately, one of the developers of the Seedify project who held access to a critical private key related to the deployment was not fully satisfied with their job and not well researched on the infected interview tactics often employed by North Korean actors.

== What Happened ==
Seedify.Fund's security was compromised when a developer was tricked into running malware during a job interview, allowing a hacker to access critical private keys and steal $1.7 million from liquidity pools.
{| class="wikitable"
|+Key Event Timeline - Seedify Fund Private Key OFT Contract Compromised Minting
!Date
!Event
!Description
|-
|September 23rd, 2025 4:38:15 AM MDT
|Smart Contract Ownership Change
|Through access to one of their developer's private keys, a North Korean hacker was able to transfer ownership of the smart contract. They would shortly thereafter use this level of access to exploit the protocol to mint a large number of SFUND tokens.
|-
|September 23rd, 2025 6:50:00 AM MDT
|Meta Alchemist Notice Posted
|Mea Alchemist, the founder of Seedify Fund, posts that they are aware of the attack on their personal Twitter/X.
|-
|September 23rd, 2025 11:15:00 AM MDT
|Seedify Fund Announces Hack
|The Seedify Fund team posts on Twitter/X to announce their discovery of the hack, and some details of the mechanisms behind it, as provided by ZachXBT.
|}

== Technical Details ==
The hacker address appears to be connected with other contagious interview attacks. It is likely that an agent of North Korea was able to trick one of the workers at Seedify Fund into running malware as a part of a job interview process, which enabled them to compromise the private key.

== Total Amount Lost ==
Losses were reported by SlowMist as $1.7m USD.

The total amount lost has been estimated at $1,700,000 USD.

== Immediate Reactions ==
The founder was online with an announcement and a plan within a few hours of the exploit.

"Our community, many people outside of our community, friends with influence, exchanges, chains, cybersecurity teams, and even @cz_binance himself came for support after the events."

== Ultimate Outcome ==
Despite having already passed audits by one of the most reputable security firms in the industry, the recent security incident has highlighted the need for even stronger measures. As a result, the platform has committed to significantly enhancing its security protocols to ensure the safety of user funds and assets moving forward.

The immediate steps include implementing triple audits for all new smart contracts, such as those related to new tokens, staking, and farming. These contracts will be reviewed by at least three independent security firms to provide additional assurance. Additionally, the platform will conduct a full audit of its permissionless launchpad, covering both frontend and backend infrastructure, with the results being made public before the system is relaunched.

While the hack was damaging, it served as a catalyst for positive change, leading to the launch of the Phoenix Raise—a fresh start for the platform. The goal is to replace the compromised token with a more secure one, rebuild liquidity, strengthen security protocols, and usher Seedify into a new era of permissionless growth. The Phoenix Raise will also ensure that affected community members are compensated and provide a transparent approach to moving forward.

As part of the recovery process, Seedify is implementing a seamless token migration for holders, including those on BNB Chain and centralized exchanges, with compensation and support for staked tokens and farming positions. The new SFUND token will be launched, and liquidity will remain open until migration is complete. Seedify is working closely with exchanges to ensure the migration is smooth and is also enhancing its security measures through multi-audits and bug bounty programs to prevent future incidents. Importantly, there will be no vesting requirements for migration or compensation tokens, and the conversion ratio for old to new SFUND will be 1:1.

While the hack was a setback, Seedify remains committed to its community. The platform's resilience is evident as it continues to offer rewards, farming tiers, and staking benefits unchanged after the migration. The focus is on ensuring security, providing transparent updates, and rebuilding the platform stronger than before, with all audit results and security details shared publicly.

== Total Amount Recovered ==
Seedify has announced they will be replacing tokens purchased prior to the hack on affected chains.

The total amount recovered is unknown.

== Ongoing Developments ==
The Seedify Fund homepage is still displaying the SFUND migration page for users to continue the migration to the new token.

To further reinforce security, the platform is introducing a bounty program that offers public incentives for users to report vulnerabilities, similar to the SAFU-style initiatives seen in other platforms. Finally, a dedicated security page will be launched on the website, where audit results and ongoing security status updates will be publicly accessible, providing transparency and peace of mind to users.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="seedifyfundtweet1-21306">[https://twitter.com/SeedifyFund/status/1970537553515417918 Seedify Fund - "Today at approximately 12:05 UTC, a DPRK state-affiliated group known for many hacks in Web3 gained access to one of our developer’s private keys. Using these, they were able to mint a large amount of SFUND tokens through a bridge contract that had previously passed audit." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="basescanownership-21307">[https://basescan.org/tx/0x1dd7c101c18cd1adc80c4c68ce480862245a7223f8e5182136aed316eae54ac9 Ownership transfer from OFT contract owner to malicious entity - BaseScan] (Accessed Oct 7, 2025)</ref>

<ref name="etherscanhacked-21308">[https://etherscan.io/address/0x14181636dd5bc8c6b8b47f8d0fd1b1e351b84be4#tokentxns ETH hacked funds - EtherScan] (Accessed Oct 7, 2025)</ref>

<ref name="BSC hacked funds - BSCScan-21309">[https://bscscan.com/address/0x14181636dd5bc8c6b8b47f8d0fd1b1e351b84be4#tokentxns Address: 0x14181636...351b84be4 | BscScan] (Accessed Oct 7, 2025)</ref>

<ref name="zachxbttweet-21310">[https://twitter.com/zachxbt/status/1970488338529558795 ZachXBT - "The Seedify theft addresses are tied onchain to past Contagious Interview incidents (DPRK)." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundtweet2-21311">[https://twitter.com/SeedifyFund/status/1971260824028131449 Seedify Fund - "BNB Chain, Centralized Exchanges. All tokens bought on BNB & CEXs (at any time) will migrate 1:1 into the new token. For other chains, migration and compensation will be based on a pre-hack snapshot." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="metaalchemisttweet-21312">[https://twitter.com/meta_alchemist/status/1970839616652488964 Meta Alchemist - "PLAN: The Phoenix Raise. Yesterday, our community and team experienced their hardest day through a hack by DPRK." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundtweet3-21313">[https://twitter.com/SeedifyFund/status/1970922016313139300 Seedify Fund - Community Questions: Migration & The Phoenix Raise - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="tanuki42tweet-21314">[https://twitter.com/tanuki42_/status/1970481782467215566 Tanuki - Link Between Serenity Shield Hacker and SFUND Hacker - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="metaalchemisttweet2-21315">[https://twitter.com/meta_alchemist/status/1970470733017968841 Meta Alchemist - "A drain bridge hack just happened on one of our $SFUND bridges. We are investigating the issue. We had audits on all these contracts, and been running the same bridge contracts for over 3 years." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundtwitterx-21316">[https://twitter.com/SeedifyFund Seedify Fund Twitter/X Account] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundhomepage-21317">[https://seedify.fund/ Seedify Fund Homepage] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundmediumintroduction-21318">[https://blog.seedify.fund/introduction-to-seedify-fund-a411f9d792c Introduction to Seedify.fund - Medium] (Accessed Oct 7, 2025)</ref>

<ref name="metaalchemisttwitterx-21319">[https://twitter.com/meta_alchemist Meta Alchemist, Founder Of Seedify Fund, Twitter/X Account] (Accessed Oct 7, 2025)</ref>

<ref name="seedifyfundtweet4-21320">[https://twitter.com/SeedifyFund/status/1971558389869142204 Seedify Fund - Security Update: What’s Safe, What’s Next, and Our Transparency Commitment - Twitter/X] (Accessed Oct 7, 2025)</ref></references>

File:Seedifyfund.jpg

2025-10-10T22:51:09Z

Azoundria:

UXLINK MultiSig Wallet Single Owner Vulnerability Exploited

2025-10-10T22:50:11Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/uxlinkmultisigwalletsingleownervulnerabilityexploited.php}} {{Unattributed Sources}} UXLINK Logo/HomepageUXLINK, a Web3 social platform designed to connect users, projects, and communities, was recently impacted by a significant security breach involving its multi-signature wallet. A critical flaw in the wallet’s design allowed a single owner to take full c..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/uxlinkmultisigwalletsingleownervulnerabilityexploited.php}}
{{Unattributed Sources}}

[[File:Uxlinkio.jpg|thumb|UXLINK Logo/Homepage]]UXLINK, a Web3 social platform designed to connect users, projects, and communities, was recently impacted by a significant security breach involving its multi-signature wallet. A critical flaw in the wallet’s design allowed a single owner to take full control, leading to unauthorized access and the draining of $11.3 million in funds. Upon discovering the exploit, UXLINK immediately mobilized to contain the damage, working with internal and external security experts and coordinating with centralized (CEXs) and decentralized exchanges (DEXs) to freeze suspicious deposits. The team also reported the incident to law enforcement for legal action and recovery efforts. In response, UXLINK relaunched its token on a new smart contract and is actively working to compensate affected users and recover the stolen assets, while continuing its investigation. Despite the breach, the platform remains operational and committed to transparency and security<ref name="uxlinkofficialtweet1-21293" /><ref name="exploittransaction-21294" /><ref name="exvulsectweet-21295" /><ref name="uxlinktwitterx-21296" /><ref name="uxlinklinktree-21297" /><ref name="uxlinkhomepage-21298" /><ref name="uxlinkbinance-21299" /><ref name="uxlinkupbit-21300" /><ref name="uxlinkkxan-21301" /><ref name="cointelegraphuxlink-21302" /><ref name="coinedition-21303" /><ref name="yahoofinance-21304" /><ref name="uxlinkwhitepaper-21305" />

== About UXLINK ==
UXLINK is a comprehensive Web3 social platform and infrastructure designed to connect people, projects, and communities, fostering mass adoption and developer growth. It enables users to seamlessly enter the Web3 ecosystem with minimal setup. By linking social media accounts like Telegram, X (Twitter), Line, and TikTok, UXLINK allows users to create blockchain wallets and access decentralized applications (dApps) without the usual complexity. The platform’s “One Account, One Gas” feature simplifies blockchain transactions by letting users interact across multiple chains with a single account and the UXLINK token ($UXLINK) to cover all gas fees. This makes it easier for both beginners and experienced users to navigate the Web3 space.

The platform’s ecosystem supports over 500 partners and aims to foster a thriving decentralized economy through tools that enable users to build their own social networks, interact with dApps, and reach Web3 enthusiasts. UXLINK’s social-native Optimistic Rollup chain provides scalability and integration with the One Account One Gas protocol, making it suitable for mass adoption. As of 2023, the platform boasts over 54 million users and has a roadmap to expand its user base to 100 million by 2026, integrating AI-driven growth tools and cross-chain support.

For developers, UXLINK offers a robust infrastructure to build and integrate Web3 applications, and its partner network spans various sectors. The platform’s integration of AI-driven tools, such as XerpaAI for smart content generation and market matching, further enhances its capabilities for both user engagement and developer support. The platform is also set to introduce Fujipay, a decentralized gateway that bridges Web3 with global commerce, offering a payment solution that blends physical and digital transactions.

== The Reality ==
Unfortunately, the multisignature smart contract contained a critical flaw which allowed one single owner to take over full control.

== What Happened ==
UXLINK experienced a security breach due to a flaw in its multi-signature wallet, leading to the theft of $11.3 million.
{| class="wikitable"
|+Key Event Timeline - UXLINK MultiSig Wallet Single Owner Vulnerability Exploited
!Date
!Event
!Description
|-
|September 22nd, 2025 8:55:24 AM MDT
|UXLINK Attack Transaction
|The attack transaction for 106.20 M UXLINK on the arbitrum blockchain.
|-
|September 22nd, 2025 11:40:00 AM MDT
|UXLINK Initial Announcement
|UXLINK reports a security breach involving their multi-signature wallet, and a significant amount of cryptocurrency being illicitly transferred to both centralized and decentralized exchanges (CEXs and DEXs). The team is working with both internal and external security experts to identify the breach’s root cause and mitigate further risks. UXLINK has contacted major CEXs and DEXs, requesting them to freeze suspicious deposits of UXLINK tokens and prevent further movement of the funds. The incident has also been reported to law enforcement and relevant authorities.
|}

== Technical Details ==
ExVulSec:

"ExVul Findings:

The multisig contract design contained a critical flaw: a single Owner take full control;

Owners Private key was leaked or Owners acted maliciously → other Owners were maliciously added and removed;

Attacker address 0x2EF43c1D0c88C071d242B6c2D0430e1751607B87 fully took over the contract and drained funds."

== Total Amount Lost ==
Losses were reported by SlowMist as $11.3m USD.

The total amount lost has been estimated at $11,300,000 USD.

== Immediate Reactions ==
Upon discovering the exploit involving their multi-signature wallet, the team immediately mobilized to assess the extent of the damage and contain the situation. They quickly began working with both internal and external security experts to investigate the breach’s cause and prevent any further unauthorized transfers. UXLINK took urgent action by contacting major centralized (CEXs) and decentralized exchanges (DEXs), requesting that suspicious UXLINK deposits be frozen to halt any further movement of the stolen assets. This rapid coordination with exchanges was aimed at minimizing the impact and securing the funds that had already been compromised. UXLINK reported the incident to law enforcement and relevant authorities, signaling their commitment to taking all necessary legal steps for asset recovery.

== Ultimate Outcome ==
The UXLINK token has relaunched on a new smart contract.

== Total Amount Recovered ==
The protocol has launched a new token, done an effort to make right all affected users, and undertaken a project to recover funds from the attacker.

The total amount recovered has been estimated at $11,300,000 USD.

== Ongoing Developments ==
The project continues to operate. The investigation remains underway.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="uxlinkofficialtweet1-21293">[https://twitter.com/UXLINKofficial/status/1970181382107476362 UXLINK - "We have identified a security breach involving our multi-signature wallet, resulting in a significant amount of cryptocurrency being illicitly transferred to both CEXs and DEXs." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="exploittransaction-21294">[https://arbiscan.io/tx/0x85b43c005bd4762b97d909f4aef7a636f6b4e7cb4734673b4c6b5ab806b2592d UXLINK 106.20 M UXLINK Exploit Transaction - Arbiscan] (Accessed Oct 7, 2025)</ref>

<ref name="exvulsectweet-21295">[https://twitter.com/exvulsec/status/1970400486563160242 ExVulSec - "On Sept 23, the #UXLINK multisig wallet suffered a severe security breach, resulting in the theft of ~$11.3M in assets, which were dispersed across multiple CEXs and DEXs." - Twitter/X] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinktwitterx-21296">[https://twitter.com/UXLINKofficial UXLINK Twitter/X Account] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinklinktree-21297">[https://linktr.ee/uxlink_official UXLINK Link Tree] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinkhomepage-21298">[https://www.uxlink.io/ UXLINK Homepage] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinkbinance-21299">[https://cryptodiffer.com/feed/project-updates/uxlink-uxlink-has-been-listed-on-binance-futures UXLINK (UXLINK) has been listed on Binance Futures - CryptoDiffer] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinkupbit-21300">[https://cryptodiffer.com/feed/project-updates/web3-social-platform-uxlink-uxlink-has-been-listed-on-upbit- Web3 social platform UXLINK (UXLINK) has been listed on Upbit - CryptoDiffer] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinkkxan-21301">[https://www.kxan.com/business/press-releases/globenewswire/9290181/uxlink-announces-strategic-investment-in-lumoz-to-co-develop-social-growth-layer/ UXLINK Announces Strategic Investment in Lumoz to Co-Develop Social Growth Layer - KXAN] (Accessed Oct 7, 2025)</ref>

<ref name="cointelegraphuxlink-21302">[https://cointelegraph.com/press-releases/uxlink-announces-listing-on-eight-major-exchanges-on-july-18 UXLINK announces listing on eight major exchanges on July 18 - CoinTelegraph] (Accessed Oct 7, 2025)</ref>

<ref name="coinedition-21303">[https://coinedition.com/new-concept-in-web3-social-uxlink-launches-its-rws-system-architecture/ New Concept in Web3 Social: UXLINK Launches its “RWS” System Architecture - CoinEdition] (Accessed Oct 7, 2025)</ref>

<ref name="yahoofinance-21304">[https://finance.yahoo.com/news/uxlink-announces-slp-social-liquidity-130000437.html UXLINK Announces SLP (Social Liquidity Provisioning) Dual Funding Pools - Yahoo Finance] (Accessed Oct 7, 2025)</ref>

<ref name="uxlinkwhitepaper-21305">[https://docs.uxlink.io/layer/whitepaper/white-paper UXLINK Whitepaper] (Accessed Oct 7, 2025)</ref></references>

File:Uxlinkio.jpg

2025-10-10T22:49:55Z

Azoundria:

Unknown Base Smart Contract Wrapped Ethereum Attack Theft

2025-10-10T22:49:23Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unknownbasesmartcontractwrappedethereumattacktheft.php}} {{Unattributed Sources}} Base Blockchain Logo/HomepageAn unknown and unverified smart contract was exploited due to a vulnerability. The incident resulted in a loss of approximately $21,000–$22,000, as reported by BlockSec Phalcon and TenArmor. Despite both parties acknowledging the incident, no..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unknownbasesmartcontractwrappedethereumattacktheft.php}}
{{Unattributed Sources}}

[[File:Baseblockchain.jpg|thumb|Base Blockchain Logo/Homepage]]An unknown and unverified smart contract was exploited due to a vulnerability. The incident resulted in a loss of approximately $21,000–$22,000, as reported by BlockSec Phalcon and TenArmor. Despite both parties acknowledging the incident, no detailed analysis of the exploit has been published. The transaction can be viewed on BaseScan, but no additional information about the vulnerability or the victim contract is currently available, and there is no indication that any funds have been recovered. Further details may emerge in the future.<ref name="tenarmortweet-21161" /><ref name="basescantransaction-21162" /><ref name="attackeraddress-21163" /><ref name="phalconxyztweet-21164" /><ref name="victimbasescan-21165" /><ref name="victimcreationbasescan-21166" />

== About Victim Smart Contract ==
The unknown and unverified victim smart contract was created on September 21st, 2024.

== The Reality ==
Unfortunately, the smart contract had a vulnerability.

== What Happened ==
An unknown smart contract was exploited due to an undisclosed vulnerability, resulting in an estimated $21K–$22K loss, with no analysis or fund recovery reported.
{| class="wikitable"
|+Key Event Timeline - Unknown Base Smart Contract Wrapped Ethereum Attack Theft
!Date
!Event
!Description
|-
|September 21st, 2024 1:48:25 PM MDT
|Victim Smart Contract Created
|The victim smart contract is first launched on the Base blockchain.
|-
|September 21st, 2025 10:29:23 PM MDT
|Attack Transaction
|The attack transaction was accepted in to the Base blockchain.
|-
|September 21st, 2025 11:59:00 PM MDT
|Bot By BlockSec Phalcon
|BlockSec Phalcon makes a post about the attack incident.
|-
|September 22nd, 2025 12:42:00 AM MDT
|Post By TenArmor
|TenArmor makes a post on Twitter/X about the incident.
|}

== Technical Details ==
It does not appear that any analysis of the attack has been published.

== Total Amount Lost ==
TenArmor reported that there was "an approximately loss of $22K", while BlockSec Phalcon reported $21k. Reviewing the transaction on BaseScan suggests an amount closer to $21k.

The total amount lost has been estimated at $21,000 USD.

== Immediate Reactions ==
The transaction was picked up and reported on by both BlockSec Phalcon and TenArmor. However, neither prepared any analysis of the exploit.

== Ultimate Outcome ==
There does not appear to be any further details known about the exploit or victim smart contract.

== Total Amount Recovered ==
There is no evidence that any funds have been recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There may be further details available in the future.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21161">[https://twitter.com/TenArmorAlert/status/1970015815979171983 TenArmor - "Our system has detected that #unverified contract 0x506a on #BASE was attacked, resulting in an approximately loss of $22K." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="basescantransaction-21162">[https://basescan.org/tx/0x39ac5354ef57a77f5eaa8221bf6c2852dd72a5614935fcfd6dbc503090e21cf7 Initial Attack Transaction - BaseScan] (Accessed Sep 22, 2025)</ref>

<ref name="attackeraddress-21163">[https://basescan.org/address/0xb6847cad864da092090468f2c90d1849e077bce6 Attacker Address - BaseScan] (Accessed Sep 22, 2025)</ref>

<ref name="phalconxyztweet-21164">[https://twitter.com/Phalcon_xyz/status/1970005105547387243 BlockSec Phalcon - "ALRET! Our system has detected a suspicious transaction targeting an unknown contract on #Base, resulting in a loss of $21K." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="victimbasescan-21165">[https://basescan.org/address/0x506A8aCCd1D772F0A886828E8ffEf26b105E50f3 Victim Smart Contract - BaseScan] (Accessed Sep 22, 2025)</ref>

<ref name="victimcreationbasescan-21166">[https://basescan.org/tx/0x6c94b46c22df3d0123adff4d0746e499f7c451c75ffb44ab218d00d9fe8e97ab Victim Smart Contract Creation - BaseScan] (Accessed Sep 22, 2025)</ref></references>

Yala Protocol Dormant OFTU Unauthorized Mint And Bridge

2025-10-10T22:48:55Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yalaprotocoldormantoftuunauthorizedmintandbridge.php}} {{Unattributed Sources}} Yala Logo/HomepageYala, a platform that allows users to collateralize Bitcoin for its stablecoin $YU, experienced a security breach when a developer exploited temporary deployment keys to set up an unauthorized cross-chain bridge. This hack led to the extraction of approximately 7...."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yalaprotocoldormantoftuunauthorizedmintandbridge.php}}
{{Unattributed Sources}}

[[File:Yalaorg.jpg|thumb|Yala Logo/Homepage]]Yala, a platform that allows users to collateralize Bitcoin for its stablecoin $YU, experienced a security breach when a developer exploited temporary deployment keys to set up an unauthorized cross-chain bridge. This hack led to the extraction of approximately 7.64 million USDC (~1,636 ETH). In response, Yala engaged top security firms, disabled key functions, and implemented safeguards to contain the breach. The platform has since launched a recovery plan that includes burning all illegally minted $YU, restoring liquidity, and allowing users to swap $YU for USDC at a 1:1 ratio. Additionally, Yala will conduct an audit and implement stronger monitoring to prevent future incidents, ensuring user protection and system stability moving forward.<ref name="yalapostmortem-21213" /><ref name="yalaorgtweet1-21214" /><ref name="yalaorgtweet2-21215" /><ref name="yalaorgtweet3-21216" /><ref name="yalaorgtweet4-21217" /><ref name="yalahomepage-21218" /><ref name="yalatwitterx-21219" />

== About Yala Protocol ==
Yala, a platform that allows users to over-collateralize Bitcoin (BTC) in exchange for $YU—its stablecoin—aims to unlock cross-chain liquidity for DeFi protocols and real-world assets (RWAs). Yala emphasizes self-sovereignty, offering low liquidation risk and full exposure to Bitcoin. The platform operates a flywheel model where long-term BTC demand drives liquidity, adoption, and overall growth.

As part of its strategy, Yala provides tailored yield options through its Pro, Lite, and Institution Modes. With a total value locked (TVL) of $184.82 million and a $YU yield of up to 60.01%, users can explore a range of opportunities in DeFi and RWAs, supported by leading partners in the ecosystem. Yala’s mainnet unlocks Bitcoin’s untapped liquidity, facilitating both high yield generation and easy cross-chain movement.

== The Reality ==
Unfortunately, one of the Yala Protocol developers wasn't fully honest.

== What Happened ==
A developer exploited temporary deployment keys to set up an unauthorized cross-chain bridge, extracting 7.64 million USDC (~1,636 ETH) through the Yala protocol.
{| class="wikitable"
|+Key Event Timeline - Yala Protocol Dormant OFTU Unauthorized Mint And Bridge
!Date
!Event
!Description
|-
|August 4th, 2025 8:46:47 AM MDT
|Malicious OFTU Contract Deployed
|A malicious OFTU token contract was deployed on Polygon by the hacker, establishing the foundational infrastructure for the future exploit.
|-
|August 11th, 2025 6:47:22 PM MDT
|Temporary Local Key Deployed
|During the authorized deployment of Yala’s Solana LayerZero OFT, the hacker secretly exploited a temporary local key to create a peer connection from Solana to the trusted OFTU token contract on the Polygon chain. (Context: temporary single-key deployments were required during the initial phases of the contract upgrade process).
|-
|September 13th, 2025 1:20:10 PM MDT
|Dormant Backdoor Activated
|The hacker activated the 40-day dormant backdoor by configuring the final peer connection from the malicious Polygon OFTU contract to Yala's production $YU LayerZero OFT bridge on Solana, allowing the hacker to bridge malicious tokens from Polygon to Solana disguised as legitimate $YU tokens.
|-
|September 13th, 2025 1:44:10 PM MDT
|Malicious Tokens Minted
|120,000,000 OFTU (malicious tokens) were minted in four transactions on Polygon.
|-
|September 13th, 2025 2:07:28 PM MDT
|LayerZero to Solana Bridging
|30,000,000 OFTU were bridged via LayerZero to Solana, resulting in 30,000,000 $YU over-minted on Solana.
|-
|September 13th, 2025 2:09:34 PM MDT
|Solana To Ethereum Bridge
|Out of the 30,000,000 in malicious $YU, 10,000,000 $YU were bridged from Solana to Ethereum.
|-
|September 13th, 2025 2:11:52 PM MDT
|Raydium Swap Performed
|2,000,000 $YU were swapped for 1,996,868 USDC on Raydium.
|-
|September 13th, 2025 2:13:35 PM MDT
|Yala PSM Protocol Used
|5,213,000 $YU were converted to USDC through the Yala PSM protocol.
|-
|September 13th, 2025 2:19:23 PM MDT
|USDC Swapped To Ethereum
|7,642,852 USDC were swapped for 1,635.572 ETH in four transactions via Uniswap.
|-
|September 13th, 2025 2:25:06 PM MDT
|USDC Bridge To Ethereum
|1,800,000 USDC were bridged to Ethereum in two transactions via CCTP.
|-
|September 13th, 2025 2:25:27 PM MDT
|YU Were Swapped
|500,000 $YU were swapped for 490,697 USDC on Raydium.
|-
|September 13th, 2025 2:40:49 PM MDT
|Another Ethereum Bridge
|629,955 USDC were bridged to Ethereum via CCTP.
|-
|September 13th, 2025 2:45:47 PM MDT
|TornadoCash Laundering Begins
|Stolen funds began to be laundered through Tornado Cash.
|-
|September 13th, 2025 9:44:00 PM MDT
|Yala Tweet Posted
|Yala posts an update about an "attempted attack that briefly impacted YU's peg".
|-
|September 16th, 2025 5:30:17 AM MDT
|Yala Cubist Wallet Solana
|Hacker sent over-minted 17,500,000 $YU to Yala Cubist wallet on Solana.
|-
|September 16th, 2025 5:37:23 AM MDT
|Yala Cubist Wallet Ethereum
|Hacker sent over-minted 4,787,000 $YU to Yala Cubist wallet on Ethereum.
|-
|September 16th, 2025 12:57:00 PM MDT
|Yala Post-Mortem Published
|Yala Publishes their post-mortem with an overview of the incident, current status, and steps forward.
|-
|September 23rd, 2025 7:06:00 AM MDT
|Yala Back To Normal
|In a tweet announcement, Yala reports that "$YU has fully recovered and the Yala protocol is operating as normal."
|}

== Technical Details ==
"A hacker abused temporary deployment keys during authorized bridge deployment, set up an unauthorized cross-chain bridge, and extracted 7.64M USDC (~1,636 ETH)."

Hacker Addresses:

Polygon: 0x55d67b5e0e1c88f48c8a9d978ea76b9ec9d488a9

Solana: 87pS8qCum6qaSszbvoARBmFg1Mh1cqcE4ZTAsXfejBMz

ETH: 0x29F48B783EF90F81B51242D9a55e022A214274F5

== Total Amount Lost ==
Losses are the amount Already used by hacker: 7,712,999.80006 $YU. Other minted YU were unable to be redeemed.

The total amount lost has been estimated at $7,713,000 USD.

== Immediate Reactions ==
Immediately after detecting suspicious activity, Yala engaged top-tier blockchain security firms, SlowMist and Fuzzland, to conduct a root cause analysis and prevent any further impact. Their expertise was enlisted to understand the exploit thoroughly and begin mitigating the associated risks.

To prevent additional user exposure, Yala promptly disabled the ‘Convert’ and ‘Bridge’ functions, which were identified as potential vectors for the exploit. At the same time, the team worked quickly to contain the breach by halting unauthorized minting and transfers. Protective safeguards were deployed across the platform to secure liquidity and maintain systemic stability during the incident.

Yala also mobilized forensic partners to track on-chain activity and gain a clear picture of how the exploit occurred, who it affected, and whether it had any cross-chain consequences. Upon identifying the individual behind the hack, Yala coordinated efforts with both local and international law enforcement agencies to pursue legal action and support recovery efforts. This rapid, multi-pronged response reflects Yala’s commitment to user safety and the resilience of its ecosystem

== Ultimate Outcome ==
To mitigate the impact of the incident, Yala has established several core principles to guide the recovery process. First and foremost, the platform is committed to protecting all users from any potential losses. As part of this commitment, all illegally generated $YU will be burned, eliminating any unauthorized tokens from circulation.

== Total Amount Recovered ==
Yala has outlined a clear and structured recovery plan following the security breach. On September 23, 2025, all illegally minted $YU will be destroyed, and the liquidity will be fully restored. This will enable all users to swap their $YU for USDC at a 1:1 ratio, ensuring that affected users can recover their assets.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
To further enhance security and prevent future incidents, Yala will implement extra monitoring for admin actions, bridge statuses, and contract updates. The team will act swiftly but with careful consideration to ensure fairness for all users, making sure that the recovery process is as transparent and equitable as possible. This recovery plan reflects Yala’s dedication to maintaining the trust of its users and securing the long-term stability of the platform.

Yala will conduct a thorough audit of contracts and bridge settings, involving both internal engineers and external security experts like Fuzzland and Cubist to ensure the platform's integrity is restored.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="yalapostmortem-21213">[https://blog.yala.org/yala-post-mortem-september-14/ Yala Post Mortem] (Accessed Sep 26, 2025)</ref>

<ref name="yalaorgtweet1-21214">[https://twitter.com/yalaorg/status/1967071910845649348 Yala Protocl - "Our protocol recently experienced an attempted attack that briefly impacted YU’s peg. Thanks to the quick collaboration with @SlowMist_Team and our security partners, we’ve identified the issue and are already rolling out improvements to strengthen the system." - Twitter/X] (Accessed Sep 26, 2025)</ref>

<ref name="yalaorgtweet2-21215">[https://twitter.com/yalaorg/status/1968026376491110701 Yala Protocol - "We’ve published our Post-Mortem Report on the Sept 14 incident. It details the timeline, analysis, and our recovery plan." - Twitter/X] (Accessed Sep 26, 2025)</ref>

<ref name="yalaorgtweet3-21216">[https://twitter.com/yalaorg/status/1970470502620905848 Yala Protocol - "Following the $YU liquidity incident on September 14, 2025, the following measures have now been completed to ensure the continued strength and reliability of the Yala protocol." - Twitter/X] (Accessed Sep 26, 2025)</ref>

<ref name="yalaorgtweet4-21217">[https://twitter.com/yalaorg/status/1970474962222972990 Yala Protocol - "$YU has fully recovered and the Yala protocol is operating as normal." - Twitter/X] (Accessed Sep 26, 2025)</ref>

<ref name="yalahomepage-21218">[https://yala.org/ Yala Homepage] (Accessed Sep 26, 2025)</ref>

<ref name="yalatwitterx-21219">[https://twitter.com/yalaorg Yala Protocol - Twitter/X] (Accessed Sep 26, 2025)</ref></references>

File:Yalaorg.jpg

2025-10-10T22:48:34Z

Azoundria:

Nemo Protocol Unaudited Deployment Public Flash Loan Attack

2025-10-10T22:47:43Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/nemoprotocolunauditeddeploymentpublicflashloanattack.php}} {{Unattributed Sources}} Nemo Protocol Logo/HomepageThe Nemo Protocol, a decentralized finance platform, was exploited after a developer released unaudited code containing vulnerabilities, including a public flash_loan function and a misconfigured query function, leading to a $2.6 million loss. Th..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/nemoprotocolunauditeddeploymentpublicflashloanattack.php}}
{{Unattributed Sources}}

[[File:Nemoprotocol.jpg|thumb|Nemo Protocol Logo/Homepage]]The Nemo Protocol, a decentralized finance platform, was exploited after a developer released unaudited code containing vulnerabilities, including a public flash_loan function and a misconfigured query function, leading to a $2.6 million loss. The exploit drained assets from the SY/PT liquidity pool, and the stolen funds were bridged to Ethereum, making recovery difficult. In response, the team paused the protocol, identified the root cause, and implemented a recovery plan by issuing NEOM debt tokens to compensate users for their losses. Users can exit through a liquidity pool or hold the tokens for future recovery, while Nemo also offered a $380,000 bounty for information leading to the stolen funds' recovery, continuing to work with security professionals to track the assets and restore the protocol.<ref name="suiscan-21332" /><ref name="yahoofinance1-21333" /><ref name="yahoofinance2-21334" /><ref name="theblock-21335" /><ref name="cointelegraph-21336" /><ref name="phemex-21337" /><ref name="mexc-21338" /><ref name="web3isgoinggreat-21339" /><ref name="nemoprotocoltweet-21340" /><ref name="nemopostmortem-21341" /><ref name="nemoprotocoltweet-21342" /><ref name="nemoprotocolhomepage-21343" /><ref name="nemoprotocoltwitterx-21344" />

== About Nemo Protocol ==
Nemo Protocol introduces an innovative yield infrastructure designed to make decentralized finance (DeFi) accessible to everyone. It offers a range of products, including options for normal yield, fixed yield, leveraged yield, and liquidity provision. The protocol is powered by a significant $97.7M in total value locked (TVL) and is audited by Movebit, ensuring a high level of security. Users can choose from different yield models, such as Fixed Yield, where they can buy and hold tokens for a guaranteed return, or Leveraged Yield, which maximizes profits and hedges risks by collecting future yield from underlying assets.

The platform caters to a variety of users, from individual investors to gaming apps looking to leverage DeFi for growth. Its "Yield as a Service" model offers gaming applications the opportunity to boost their growth by bridging DeFi-native yield to their platforms, providing free cash to enhance gaming experiences. For liquidity providers, there is a moderate risk option where they can earn trading fees with minimal impermanent loss, alongside additional incentives for participating in the ecosystem.

Nemo Protocol’s ecosystem includes a comprehensive Yield Trading App that allows users to secure fixed yield with just a few clicks, maximizing their profits or hedging their positions. The platform also maintains a community presence across major social media platforms like Twitter, Telegram, and Discord, fostering engagement and connection with its users. With a focus on simplicity and security, the protocol aims to become a leader in the DeFi space by making advanced yield strategies accessible to everyone, regardless of their experience level.

== The Reality ==
The Nemo Protocol team faced a security issue due to a procedural mistake and development oversight. While the initial code audit was conducted properly, one developer inadvertently released a vulnerable version that included a public flash_loan function and a misconfigured get_sy_amount_in_for_exact_py_out function, both of which were prone to exploits. The flash_loan was initially intended to allow composability with other DeFi protocols but was misused due to reliance on insecure oracles. Additionally, the get_sy_amount_in_for_exact_py_out function, meant to enhance pricing precision, was incorrectly implemented with write capabilities, exposing the protocol to attacks. After receiving MoveBit's initial audit, the team failed to highlight new, unaudited features when submitting the final code, leading to the vulnerability being exploited.

== What Happened ==
Nemo Protocol suffered a $2.6 million exploit due to unaudited code vulnerabilities.
{| class="wikitable"
|+Key Event Timeline - Nemo Protocol Unaudited Deployment Public Flash Loan Attack
!Date
!Event
!Description
|-
|January 5th, 2025
|Significant Procedural Error
|A significant procedural error occurred after we received MoveBit's initial audit report. While addressing the identified issues, we integrated the new, unaudited features (including the 1.public `flash_loan` 2.`get_sy_amount_in_for_exact_py_out` and write without permission) into the final codebase. This mixed version, containing both "fixed issues" and "new unaudited features," was subsequently submitted to MoveBit for final review without explicitly highlighting the scope of the new additions.
|-
|January 6th, 2025
|Unfortunate Developer Decision
|Unfortunately, this developer did not mention this to the Movebit and Nemo teams internally. Instead, he communicated with the Movebit team and obtained the final audit report, only modifying the previous report. At the same time, he did not use the confirmation hash in the audit report for deployment, but instead upgraded and deployed it separately. On January 6, 2025, using the single-signature address 0xf55cc609b13e87470d3da78d39ad6f84458a8059eb06aa66f94103d775e8a663, he deployed contract version 0xcf34697ad898bb0f96b2750653208150d89ead6bf224549bebc2b6654e5c5204, which contained the unaudited features. This version remained active in our production environment until the exploit occurred. The attacker used this vulnerability in this attack.
|-
|April 3rd, 2025
|Multi-Sig Policies Implemented
|The Nemo team formally implemented a new Standard Operating Procedure (SOP) for contract upgrades. This mandated that all mainnet contract upgrades and critical parameter changes must be executed via the Nemo Foundation's multi-signature wallet, a requirement that was also integrated into our audit specifications. Unfortunately, this developer only transferred the cap of the contract with the unaudited code vulnerability mentioned above to the multi-signature management, and did not choose to deploy and hand over the version confirmed in the audit report.
|-
|August 11th, 2025
|Audit Report Not Taken Seriously
|The developer's feedback on this matter is that, at the time, there were two contracts—Nemo Vault and Nemo Market—and priority was given to addressing Nemo Vault. As a result, the repair priority of Nemo Market was affected.
|-
|September 7th, 2025 10:00:00 AM MDT
|Reported Time Of Exploit
|The reported time of the exploit, according to the official post-mortem. The attacker initiated the exploit using the get_sy_amount_in_for_exact_py_out and flash_loan functions.
|-
|September 7th, 2025 10:30:00 AM MDT
|Team Notices Anomaly
|The Nemo Protocol team reportedly notices that there's an anomaly, based on the return of the site exceeding 30x.
|-
|September 7th, 2025 10:50:00 AM MDT
|Protocol Pause Initiated
|The protocol is paused by the team through the multi-sig wallet.
|-
|September 7th, 2025 11:00:00 AM MDT
|Security Team Contact Coordination
|The Nemo Protocol team urgently contacted the Sui Foundation and coordinated with its Security team in addition to other companies who provide security services on Sui. After ruling out a Remove Liquidity bug and a simple oracle attack, we identified the root cause as a combined flash loan and price manipulation exploit. Fund tracing revealed that the majority of stolen funds had been bridged to Ethereum via CCTP.
|-
|September 7th, 2025 4:00:00 PM MDT
|Law Enforcement Agency Filings
|The Nemo Protocol team begins filing reports with various law enforcement agencies. They are also coordinating with security firms, CEXs, and ecosystem partners on liquidity solutions and hacker identification, formulating a white-hat recovery plan, and maintaining communication with our community.
|-
|September 8th, 2025 4:17:00 AM MDT
|Nemo Protocol Public Announcement
|Nemo Protocol announces that they "experienced a security incident occurred last night" and "are investigating the matter and have suspended all smart contract activity for the time being".
|-
|September 20th, 2025 7:59:00 AM MDT
|Recovery Bounty Program Announced
|Nemo Protocol announces a recovery bounty program, with an offer of $380,000 for information which will lead to the recovery of the funds which were taken from the protocol.
|-
|September 29th, 2025 8:59:00 PM MDT
|Nemo Joins Ecosystem Security Expansion
|Nemo Protocol announces that they have joined the Sui ecosystem expansion program, with an aim to help improve the protocol safety on the Sui network. Responses are filled with community criticism and requests for an update on when they can recover their funds.
|}

== Technical Details ==
The breach of the Nemo Protocol occurred when a developer released unaudited code that was vulnerable to exploit through flash loans. This release bypassed critical internal review processes, leading to security flaws in the codebase, including an exposed flash_loan function and a bug in a query function that allowed unauthorized modifications to the smart contract’s internal state. These vulnerabilities enabled hackers to exploit the SY/PT liquidity pool, leading to a significant financial loss of approximately $2.59 million on September 7, 2025. The breach was exacerbated by the use of a single-signature governance model, which allowed the deployment of this unaudited code without proper scrutiny.

The core of the attack involved two key vulnerabilities. First, the flash_loan function, which was intended to be internal, was mistakenly exposed to the public, although it was not the primary attack vector. It acted as an accelerant for the exploit, allowing the attacker to take advantage of other weaknesses. Second, the get_sy_amount_in_for_exact_py_out query function contained a flaw that allowed the attacker to modify the contract’s internal state. This vulnerability stemmed from a failure during the audit process: the developer introduced new, unaudited features into the code between the initial and final audits, which were subsequently deployed to the mainnet. This lapse in the audit process was compounded by the use of a single-signature governance structure that failed to prevent the unaudited code’s deployment.

The exploit unfolded in two phases. In the first phase, the attacker used the flash_loan function in conjunction with other calls to manipulate the internal state, ultimately draining the SY/PT liquidity pool by minting a large amount of SY. In the second phase, the pool’s imbalanced exchange rate created an opportunity for arbitrageurs to extract further assets by using the manipulated price to claim rewards. This attack was not fully mitigated even after the Asymptotic team warned the developer about a related vulnerability, which could have been addressed with their support.

== Total Amount Lost ==
The losses have been widely estimated at $2.6m USD, while CoinTelegraph provides a slightly more refined $2.59m USD.

The total amount lost has been estimated at $2,590,000 USD.

== Immediate Reactions ==
After the discovery of the exploit, the Nemo Protocol team acted swiftly to mitigate the damage by using their multi-sig wallet to initiate a protocol pause. They immediately contacted the Sui Foundation and its security team, along with other security providers in the Sui ecosystem, to investigate the attack. After ruling out a Remove Liquidity bug and a simple oracle attack, the team identified the root cause as a combination of a flash loan and price manipulation exploit. Further fund tracing revealed that most of the stolen assets had been bridged to Ethereum via the CCTP.

The Nemo Protocol team began filing reports with major law enforcement agencies while also coordinating with security firms, centralized exchanges (CEXs), and ecosystem partners to explore liquidity solutions and track down the hackers. At the same time, they formulated a white-hat recovery plan aimed at recovering stolen funds and preventing further exploitation. Throughout the process, the team remained transparent with the community, maintaining open lines of communication and updating stakeholders on the progress of their recovery efforts.

== Ultimate Outcome ==
The stolen assets were soon removed from the Sui network using the Wormhole CCTP bridge into Ethereum following the attack, making them difficult to recover.

The majority of the $2.6 million is in one wallet address that security teams are looking at. Nemo Protocol has ceased smart contract updates permanently, and filed code patched with an emergency audit.

The NEMO Protocol announced a bounty of $380,000 which is available to anyone who provides decisive and verifiable evidence that leads towards the recovery of the funds.

== Total Amount Recovered ==
To address the financial losses from the exploit, Nemo Protocol introduced a recovery mechanism through the issuance of NEOM debt tokens, with each token representing $1 of user loss. Because the protocol lacked the liquidity to fully compensate users in USD, it created a system where users could migrate their remaining assets from the compromised pools into a new contract and receive NEOM tokens equivalent to their losses. This approach allowed users to participate in the recovery process while the protocol worked on regaining funds.

Users holding NEOM tokens were given two options: they could either exit immediately through an automated market maker (AMM) pool, or hold onto their tokens in hopes of future redemption from recovered assets. To facilitate exits, Nemo launched a liquidity pool on a major DEX on Sui, pairing NEOM with USDC. Meanwhile, any funds recovered from the attacker or other sources would be deposited into a redemption pool, allowing token holders to gradually reclaim value over time based on available funds.

The total amount recovered is unknown.

== Ongoing Developments ==
Nemo are also collaborating with blockchain security professionals to track stolen tokens. The user compensation program continues.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="suiscan-21332">[https://suiscan.xyz/mainnet/account/0x01229b3cc8469779d42d59cfc18141e4b13566b581787bf16eb5d61058c1c724/activity https://suiscan.xyz/mainnet/account/0x01229b3cc8469779d42d59cfc18141e4b13566b581787bf16eb5d61058c1c724/activity] (Accessed Oct 8, 2025)</ref>

<ref name="yahoofinance1-21333">[https://finance.yahoo.com/news/nemo-protocol-issues-neom-debt-092823873.html Nemo Protocol Issues NEOM Debt Tokens to Compensate $2.6M Exploit Victims] (Accessed Oct 8, 2025)</ref>

<ref name="yahoofinance2-21334">[https://finance.yahoo.com/news/nemo-protocol-blames-2-6m-083310308.html Nemo Protocol Blames $2.6M Exploit on Developer Who Deployed Unaudited Code] (Accessed Oct 8, 2025)</ref>

<ref name="theblock-21335">[https://www.theblock.co/post/370581/nemo-protocol-debt-token-program-exploit Nemo Protocol launches debt token program for $2.6 million exploit victims] (Accessed Oct 8, 2025)</ref>

<ref name="cointelegraph-21336">[https://cointelegraph.com/news/2-6-million-lost-in-nemo-hack-due-to-unaudited-code-and-ignored-vulnerability Auditor Flagged Issue Before $2.59M Nemo Hack, Team Admits] (Accessed Oct 8, 2025)</ref>

<ref name="phemex-21337">[https://phemex.com/news/article/nemo-protocol-launches-debt-token-plan-for-26m-exploit-victims-18629 Nemo Protocol Launches Debt Token Plan for Exploit Victims] (Accessed Oct 8, 2025)</ref>

<ref name="mexc-21338">[https://www.mexc.com/en-PH/news/nemo-protocol-exploit-unvetted-code-lost-nemo-2-6m/94144 Nemo Protocol Exploit: Unvetted Code Lost Nemo $2.6M.] (Accessed Oct 8, 2025)</ref>

<ref name="web3isgoinggreat-21339">[https://www.web3isgoinggreat.com/single/nemo-protocol-exploit Nemo Protocol exploited for $2.4 million] (Accessed Oct 8, 2025)</ref>

<ref name="nemoprotocoltweet-21340">[https://twitter.com/nemoprotocol/status/1972858790983979485 Nemo Protocol - "Nemo is working as part of @SuiNetwork’s $10M Ecosystem Security Expansion program, to bring: Protection from scams & malicious dApps Real-time exploit alerts Stronger, more resilient contracts Together, Nemo'll keep improving to ensure safety." - Twitter/X] (Accessed Oct 8, 2025)</ref>

<ref name="nemopostmortem-21341">[https://olivine-hydrofoil-637.notion.site/Nemo-Security-Incident-Cause-Process-and-Fund-Tracing-Report-V1-1-26a6b8723d8a80e29cb8cb48fe1390f2 Nemo Security Incident: Cause, Process, and Fund Tracing Report V1.1] (Accessed Oct 8, 2025)</ref>

<ref name="nemoprotocoltweet-21342">[https://twitter.com/nemoprotocol/status/1964996522052911603 Nemo Protocol - "Nemo experienced a security incident occurred last night, impacting the Market pool. We are investigating the matter and have suspended all smart contract activity for the time being. We plan to share when more information becomes available. All Vault assets remain untouched. Our team, together with partners, is actively working on solutions. We need your patience and trust as we ensure Nemo returns to normal operations." - Twitter/X] (Accessed Oct 8, 2025)</ref>

<ref name="nemoprotocolhomepage-21343">[https://www.nemoprotocol.com/ Nemo Protocol Homepage] (Accessed Oct 8, 2025)</ref>

<ref name="nemoprotocoltwitterx-21344">[https://twitter.com/nemoprotocol Nemo Protocol Twitter/X Account] (Accessed Oct 8, 2025)</ref></references>

File:Nemoprotocol.jpg

2025-10-10T22:47:26Z

Azoundria:

Unverified Contract uniswapV3Callback Lacking Access Control

2025-10-10T22:45:13Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unverifiedcontractuniswapv3callbacklackingaccesscontrol.php}} {{Unattributed Sources}} Base Blockchain Logo/HomepageOn August 28th, 2025, an unverified smart contract was deployed on the Base blockchain containing a critical vulnerability: the uniswapV3SwapCallback function lacked proper access control. This allowed an attacker to exploit the contract u..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unverifiedcontractuniswapv3callbacklackingaccesscontrol.php}}
{{Unattributed Sources}}

[[File:Baseblockchain.jpg|thumb|Base Blockchain Logo/Homepage]]On August 28th, 2025, an unverified smart contract was deployed on the Base blockchain containing a critical vulnerability: the uniswapV3SwapCallback function lacked proper access control. This allowed an attacker to exploit the contract using a delegatecall to another contract, resulting in a reported loss of approximately $88.9K. The incident was first analyzed and reported by TenArmor and researcher Weilin (William) Li, and later included in Blockthreat’s Week 36 report. The responsible project remains unidentified, and there is currently no indication of an ongoing investigation or recovery efforts.<ref name="tenarmortweet-21139" /><ref name="basescantransaction-21140" /><ref name="hklst4rtweet-21141" /><ref name="blockthreat-21142" /><ref name="blockscoutrawtrace-21143" /><ref name="victimbasescan-21144" /><ref name="victimcreationbasescan-21145" /><ref name="vulnerablebasescan-21146" /><ref name="deletegatedcreationbasedscan-21147" />

== About Unverified Contract ==
An unverified smart contract was launched on the Base blockchain on August 28th, 2025.

This invokes code in another smart contract via a delegatecall.

== The Reality ==
Unfortunately, the smart contract was launched with a vulnerability where the uniswapV3Callback function lacked access control.

== What Happened ==
An unverified smart contract on the Base blockchain was exploited due to a missing access control in the uniswapV3SwapCallback function, resulting in a reported loss of $88.9K.
{| class="wikitable"
|+Key Event Timeline - Unverified Contract uniswapV3Callback Lacking Access Control
!Date
!Event
!Description
|-
|August 28th, 2025 3:35:11 PM MDT
|Victim Smart Contract Launched
|The victim smart contract is first launched on the Base blockchain.
|-
|August 29th, 2025 5:55:05 AM MDT
|Delegated Smart Contract Launched
|The smart contract starting with 0x1d9e is launched, containing a vulnerability due to the lack of access control on uniswapV3Callback.
|-
|September 1st, 2025 12:38:27 AM MDT
|Base Attack Transaction
|The attack is accepted into the Base blockchain.
|-
|September 1st, 2025 1:13:00 AM MDT
|TenArmor Tweet Posted
|TenArmor posts a tweet with details about the xploit.
|}

== Technical Details ==
According to an initial analysis by TenArmor, "[i]t appears that the uniswapV3SwapCallback function of the contract 0x1d9e lacks access control, which was exploited by the attacker."

== Total Amount Lost ==
TenArmor has reported that there was "an approximately loss of $88.9K".

The total amount lost has been estimated at $89,000 USD.

== Immediate Reactions ==
The incident was reported by TenArmor and researcher Weilin (William) Li.

== Ultimate Outcome ==
It appears that the incident was included in the Blockthreat report for Week 36 of 2025.

== Total Amount Recovered ==
There is limited information available about the smart contract, and no suggestion that any recovery is presently being attempted.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It's unclear which project is behind this address, and whether any investigation is underway.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21139">[https://twitter.com/TenArmorAlert/status/1962413608182128843 TenArmor - "Our system has detected a suspicious attack involving #unverified contract 0x46cbe on #BASE, resulting in an approximately loss of $88.9K." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="basescantransaction-21140">[https://basescan.org/tx/0xdc6658ce341f5699915cf33ef5f4d3d6298c841f4c333d31543f6ec6ff8dd2ea Attack Transaction - BaseScan] (Accessed Sep 19, 2025)</ref>

<ref name="hklst4rtweet-21141">[https://twitter.com/hklst4r/status/1962432786687463699 Weilin (William) Li - "yet another uniswapV3Callback lacking access control." - Twitter/X] (Accessed Sep 19, 2025)</ref>

<ref name="blockthreat-21142">[https://newsletter.blockthreat.io/p/blockthreat-week-36-2025 BlockThreat - Week 36, 2025] (Accessed Sep 19, 2025)</ref>

<ref name="blockscoutrawtrace-21143">[https://base.blockscout.com/tx/0xdc6658ce341f5699915cf33ef5f4d3d6298c841f4c333d31543f6ec6ff8dd2ea?tab=raw_trace Transaction details - Blockscout] (Accessed Sep 19, 2025)</ref>

<ref name="victimbasescan-21144">[https://basescan.org/address/0x46cbe774bd057dfc9b09a5781020e9a6ec9639bb Victim Smart Contract - BaseScan] (Accessed Sep 19, 2025)</ref>

<ref name="victimcreationbasescan-21145">[https://basescan.org/tx/0x31ccb12d43f856b44bdf09a11dfddf47b198596aafae5ddf4108a1641493ceee Victim Smart Contract Creation Transaction - BaseScan] (Accessed Sep 19, 2025)</ref>

<ref name="vulnerablebasescan-21146">[https://basescan.org/address/0x1d9e1b7e57a8c8c6fe8f6eef52d63df399665098 Vulnerable Smart Contract - BaseScan] (Accessed Sep 19, 2025)</ref>

<ref name="deletegatedcreationbasedscan-21147">[https://basescan.org/tx/0xcf9e53e327fa73b0cadb6b5ec1459a5f53ead3a2d719b2c3692f4461877dc2d6 Creation Of Delegated Smart Contract - BaseScan] (Accessed Sep 19, 2025)</ref></references>

DX3 AI Bot Exchange Function Price Manipulation Vulnerability

2025-09-23T17:00:40Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/dx3aibotexchangefunctionpricemanipulationvulnerability.php}} {{Unattributed Sources}} D3X AI Bot Logo/HomepageD3XAI is a Binance Smart Chain-based project that promoted itself as an AI-driven decentralized trading platform, promising advanced market analysis, automated strategies, and a decentralized user-controlled ecosystem. Central to its offering was the..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/dx3aibotexchangefunctionpricemanipulationvulnerability.php}}
{{Unattributed Sources}}

[[File:D3xaibot.jpg|thumb|D3X AI Bot Logo/Homepage]]D3XAI is a Binance Smart Chain-based project that promoted itself as an AI-driven decentralized trading platform, promising advanced market analysis, automated strategies, and a decentralized user-controlled ecosystem. Central to its offering was the D3X AIBOT, claiming to use AI for real-time trading and offered token rewards for participation. However, the platform's closed-source smart contract was exploited through a price manipulation vulnerability, reportedly resulting in losses of around $159,000, as confirmed by blockchain security firms TenArmor and BlockSec. The exploit was linked to the platform relying on an externally manipulable spot price from a UniswapV2 pair. As of now, the project has not publicly acknowledged the incident, no recovery efforts have been announced, and the platform’s future remains uncertain.<ref name="tenarmortweet-21167" /><ref name="transactionbscscan-21168" /><ref name="blocksecteamtweet-21169" /><ref name="blocksecattack-21170" /><ref name="cryptojptranstweet-21171" /><ref name="unnamed-21172" />

== About D3X Smart Contract ==
D3XAI is a project on the Binance Smart Chain (BSC) that claims to offer a next-generation decentralized trading platform powered by artificial intelligence. According to its promotional materials, the platform aims to leverage AI for deep market analysis, strategy optimization, and automated trade execution, with the goal of improving efficiency and accuracy for both novice and professional traders.

The platform promises to aggregate liquidity from over 24 major blockchains and support more than 2,000 trading pairs, including spot and leveraged contracts. It also advertises a user-friendly interface, API support for algorithmic trading, and a decentralized structure where users retain full control over their assets. However, how well these features perform in practice or how extensively they're adopted remains to be seen.

A central component of the ecosystem is the so-called D3X AIBOT—an AI-powered trading bot that undergoes a 15-day pre-training phase before becoming active. Once deployed, each bot is said to autonomously analyze market data, recognize patterns, monitor price fluctuations and sentiment, and execute trades accordingly. These bots are described as forming a decentralized AI compute network, contributing to the platform's overall intelligence and trading capabilities.

In return for participating in this network, users running AIBOTs can earn $D3XAI tokens, which are advertised as convertible to other assets like $D3XAT or USDT.

== The Reality ==
The smart contract for D3X was closed source. The platform unfortunately had a price manipulation vulnerability. The project markets this as a way to "earn with computing power," but—as with many crypto-based projects—the actual utility, token value, and long-term sustainability of the reward system remain largely speculative and dependent on broader adoption.

As with any early-stage or DeFi-related platform, it's important for potential users and investors to exercise caution, verify claims, and assess both the technical implementation and real-world performance before getting involved.

== What Happened ==
D3XAI, a Binance Smart Chain project promoting AI-driven decentralized trading, suffered a ~$159K loss due to a price manipulation exploit in its closed-source smart contract.
{| class="wikitable"
|+Key Event Timeline - DX3 AI Bot Exchange Function Price Manipulation Vulnerability
!Date
!Event
!Description
|-
|August 16th, 2025 2:44:25 AM MDT
|Attack Transaction
|The attack transaction is accepted by the BSC network onto their blockchain.
|-
|August 16th, 2025 4:18:00 AM MDT
|BlockSec Posts Notice
|BlockSec posts an alert on Twitter/X about the exploit.
|-
|August 17th, 2025 9:14:00 PM MDT
|TenArmor Tweet Posted
|TenArmor posts a tweet about the exploit.
|}

== Technical Details ==
Description by TenArmor: "It appears that the exchange() function of the contract 0xb8ad relies on the #d3xat token spot price from a UniswapV2 pair, which was exploited by the attacker through a price manipulation attack."

Description from BlockSec: "Although the contract is not open-source, preliminary analysis indicates a likely case of price manipulation due to spot price dependency."

== Total Amount Lost ==
TenArmor reports that the attack resulted "in an approximately loss of $158.9K" while BlockSec reports "an estimated loss of ~$160K".

The total amount lost has been estimated at $159,000 USD.

== Immediate Reactions ==
The incident was publicly reported on by TenArmor and BlockSec. It does not appear that the project itself has acknowledged the exploit.

== Ultimate Outcome ==
The outcome remains to be seen. The project social media remain operational.

== Total Amount Recovered ==
There is no suggestion of any recovery at this time.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It is unclear how this situation will resolve itself.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21167">[https://twitter.com/TenArmorAlert/status/1957279788709671402 TenArmor - "Our system has detected that #D3X AI @D3X_AI on #BSC was attacked, resulting in an approximately loss of $158.9K." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="transactionbscscan-21168">[https://bscscan.com/tx/0x26bcefc152d8cd49f4bb13a9f8a6846be887d7075bc81fa07aa8c0019bd6591f Attack Transaction - BSCScan] (Accessed Sep 22, 2025)</ref>

<ref name="blocksecteamtweet-21169">[https://twitter.com/BlockSecTeam/status/1956661877473476962 BlockSec Team - "Alert! Our system has detected suspicious transactions targeting an unknown contract (named D3XAT) on #BSC, resulting in an estimated loss of ~$160K. Although the contract is not open-source, preliminary analysis indicates a likely case of price manipulation due to spot price dependency." - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="blocksecattack-21170">[https://app.blocksec.com/explorer/tx/bsc/0x26bcefc152d8cd49f4bb13a9f8a6846be887d7075bc81fa07aa8c0019bd6591f Attack Transaction - BlockSec] (Accessed Sep 22, 2025)</ref>

<ref name="cryptojptranstweet-21171">[https://twitter.com/CryptoJPTrans/status/1956688198597267878 CryptoJPTrans - "#BlockSec reports that #D3XAT in the BSC ecosystem may have been attacked" - Twitter/X] (Accessed Sep 22, 2025)</ref>

<ref name="unnamed-21172">[https://x.com/PANewsCN/status/1956687367911473634 https://x.com/PANewsCN/status/1956687367911473634] (Accessed Sep 22, 2025)</ref></references>

File:D3xaibot.jpg

2025-09-23T16:59:50Z

Azoundria:

Cases Involving Stablecoins

2025-08-27T21:47:09Z

Azoundria:

{{Template:Automated List}}

==2025==
=== July 2025 ===
[[VDS_V-Dimension_BEP20_Smart_Contract_Business_Logic_Flaw|Jul 16th - VDS V-Dimension BEP20 Smart Contract Business Logic Flaw - $13k (Global)]]

[[Plasma_Network_USDT0_Liquidity_Pool_Twitter/X_Takeover|Jul 11th - Plasma Network USDT0 Liquidity Pool Twitter/X Takeover - $Unknown (Global)]]

=== June 2025 ===
[[Resupply_Finance_Vaults_Classic_ERC4626_Donation_Disaster|Jun 25th - Resupply Finance Vaults Classic ERC4626 Donation Disaster - $9.8m (Global)]]

=== May 2025 ===
[[Cork_Protocol_Market_Manipulation_and_Liquidity_Exploit|May 28th - Cork Protocol Market Manipulation and Liquidity Exploit - $12.053m (Global)]]

[[Usual_Money_USDS_Sync_Vault_Pricing_Arbitrage_Exploit|May 27th - Usual Money USDS Sync Vault Pricing Arbitrage Exploit - $43k (Global)]]

[[Curve_Finance_Curve.Fi_DNS_Hijack_Malicious_Frontend|May 12th - Curve Finance Curve.Fi DNS Hijack Malicious Frontend - $Unknown (Global)]]

[[Mobius_DAO_WBNB_Deposit_Price_Miscalculation_Drain|May 11th - Mobius DAO WBNB Deposit Price Miscalculation Drain - $2.157m (Global)]]

[[Curve_Finance_Fake_Airdrop_After_Twitter/X_Compromise|May 5th - Curve Finance Fake Airdrop After Twitter/X Compromise - $0k (Global)]]

=== April 2025 ===
[[Numa_Money_Major_Collateral_Loss_Flash_Loan_Price_Manipulation|Apr 18th - Numa Money Collateral Loss via Flash Loan Price Manipulation - $530k (Global)]]

=== March 2025 ===
[[Abracadabra_Money_Deposit_Fail_Self-Liquidate_Vulnerability|Mar 25th - Abracadabra Money Deposit Fail Self-Liquidate Vulnerability - $12.944m (Global)]]

[[Zoth_mintWithStable_Loan_To_Value_Logic_Flaw_Exploited|Mar 1st - Zoth mintWithStable Loan To Value Logic Flaw Exploited - $285k (Global)]]

=== February 2025 ===
[[BankX_XSD_BurnPoolXSD_Re-Entry_Vulnerability_Exploited_2|Feb 6th - BankX XSD BurnPoolXSD Re-Entry Vulnerability Exploited 2 - $43k (Global)]]

[[Ionic_Money_Fake_LBTC_Collateral_Social_Engineering|Feb 4th - Ionic Money Fake LBTC Collateral Social Engineering - $8.807m (Global)]]

=== January 2025 ===
[[Usual_Money_USD0++_Depegging_When_Backing_Removed|Jan 9th - Usual Money USD0++ Depegging When Backing Removed - $Unknown (Global)]]

==2024==
=== December 2024 ===
[[Vivek_Ramaswamy_Usual_Money_Partnership_Twitter/X_Post|Dec 19th - Vivek Ramaswamy Usual Money Partnership Twitter/X Post - $Unknown (Global)]]

[[Haven_Protocol_Shuts_Down_After_Range_Proof_Vulnerability|Dec 12th - Haven Protocol Shuts Down After Range Proof Vulnerability - $6.097m (Global)]]

=== October 2024 ===
[[Essence_Finance_Chi_Stablecoin_Rug_Pull|Oct 25th - Essence Finance Chi Stablecoin Rug Pull - $20m (Global)]]

[[Tapioca_DAO_Private_Key_Social_Engineering|Oct 18th - Tapioca DAO Private Key Social Engineering - $4.4m (Global)]]

[[HYDT_Protocol_Token_Price_Manipulation_Attack|Oct 9th - HYDT Protocol Token Price Manipulation Attack - $58k (Global)]]

=== September 2024 ===
[[Ethena_Labs_Domain_Registrar_Account_Compromise|Sep 18th - Ethena Labs Domain Registrar Account Compromise - $Unknown (Global)]]

[[Pythia_Finance_Staking_Contract_Vulnerability_And_Rug_Pull|Sep 2nd - Pythia Finance Staking Contract Vulnerability And Rug Pull - $53k (Global)]]

=== August 2024 ===
[[Usual_Money_Discord_Breach_Fake_Airdrop|Aug 30th - Usual Money Discord Breach Fake Airdrop - $Unknown (Global)]]

=== June 2024 ===
[[YOLO_Games_Liquidity_exitPool_Check_Missing|Jun 10th - YOLO Games Liquidity exitPool Check Missing - $1.5m (Global)]]

==2023==
=== September 2023 ===
[[BankX_XSD_BurnPoolXSD_Re-Entry_Vulnerability_Exploited_1|Sep 26th - BankX XSD BurnPoolXSD Re-Entry Vulnerability Exploited 1 - $12k (Global)]]

=== August 2023 ===
[[Zunami_Protocol_Liquidity_Pool_Valuation_Manipulation_Exploit|Aug 13th - Zunami Protocol Liquidity Pool Valuation Manipulation Exploit - $2.127m (Global)]]

=== May 2023 ===
[[Deus_Finance_(DEI_Stablecoin)_Burn_Vulnerability|May 5th - Deus Finance (DEI Stablecoin) Burn Vulnerability - $6.5m (Global)]]

=== February 2023 ===
[[Platypus_Finance_Unchecked_Stablecoin_Collateral|Feb 16th - Platypus Finance Unchecked Stablecoin Collateral - $8.5m (Global)]]

=== January 2023 ===
[[Zunami_Protocol_Stablecoin_Swap_MEV_Sandwich_Attack|Jan 26th - Zunami Protocol Stablecoin Swap MEV Sandwich Attack - $50k (Global)]]

==2022==
=== December 2022 ===
[[Defrost_Finance_V2_Reentrancy_Exploit|Dec 23rd - Defrost Finance V2 Reentrancy Exploit - $174k (Global)]]

=== October 2022 ===
[[OlympusDAO_Bond_Contract_Exploited|Oct 20th - OlympusDAO Bond Contract Exploited - $292k (Global)]]

=== August 2022 ===
[[Acala_Network_aUSD_Infinite_Mint_Depegging|Aug 13th - Acala Network aUSD Infinite Mint Depegging - $6.2m (Global)]]

[[Curve_Finance_DNS_Hijacking|Aug 9th - Curve Finance DNS Hijacking - $Unknown (Global)]]

=== July 2022 ===
[[MetaMask_Large_USDC/USDT_Theft_Setana0|Jul 12th - MetaMask Large USDC/USDT Theft Setana0 - $88k (Global)]]

=== June 2022 ===
[[CoinFlex_flexUSD_Stablecoin_Depegs|Jun 28th - CoinFlex flexUSD Stablecoin Depegs - $120m (Global)]]

=== May 2022 ===
[[DEI_Stablecoin_Depegging|May 15th - DEI Stablecoin Depegging - $74.539m (Global)]]

[[Luna_Terra_Algorithmic_Stablecoin_Crash|May 11th - Luna Terra Algorithmic Stablecoin Crash - $55b (Global)]]

=== April 2022 ===
[[DeusDao_Muon_Price_Manipulation_Hack|Apr 27th - DeusDao Muon Price Manipulation Hack - $Unknown (Global)]]

[[BondAppetite_Stablecoin_Peg_Lost|Apr 18th - BondAppetite Stablecoin Peg Lost - $Unknown (Global)]]

[[Beanstalk_Farms_Stablecoin_Hack|Apr 17th - Beanstalk Farms Stablecoin Hack - $182m (Global)]]

=== March 2022 ===
[[Circle_HubSpot_Data_Breach|Mar 18th - Circle HubSpot Data Breach - $Unknown (United States)]]

[[OpenDAO_USDO_Stable_Coin_Collapses|Mar 7th - OpenDAO USDO Stable Coin Collapses - $24.349m (Global)]]

=== February 2022 ===
[[Flurry_Finance_Vault_Flash_Loan_Attack|Feb 22nd - Flurry Finance Vault Flash Loan Attack - $251k (Global)]]

[[Compound_Finance_Live_Critical_Vulnerability|Feb 22nd - Compound Finance Live Critical Vulnerability - $0k (Global)]]

=== January 2022 ===
[[Float_Protocol_Rari_Capital_Weak_Oracle|Jan 14th - Float Protocol Rari Capital Weak Oracle - $250k (Global)]]

==2021==
=== December 2021 ===
[[Bent_Finance_Malicious_Balance_Injection|Dec 21st - Bent Finance Malicious Balance Injection - $1.78m (Global)]]

[[Charge_DeFi_Flash_Loan_Attack|Dec 18th - Charge DeFi Flash Loan Attack - $1.16m (Global)]]

[[OlympusDAO_V2_Migration_Scams|Dec 17th - OlympusDAO V2 Migration Scams - $20k (Global)]]

[[Brinc_Finance_BRC_Smart_Contract_rescueTokens_Drain|Dec 13th - Brinc Finance BRC Smart Contract rescueTokens Drain - $1.105m (Global)]]

[[Hinge_Romance_Scam_Niki_Hutchinson|Dec 10th - Hinge Romance Scam Niki Hutchinson - $390k (United States)]]

[[8ight_Finance_Private_Key_Leak|Dec 6th - 8ight Finance Private Key Leak - $1.75m (Global)]]

=== November 2021 ===
[[Coffin_Dollar_Stablecoin_Depegs|Nov 18th - Coffin Dollar Stablecoin Depegs - $2.212m (Global)]]

[[Curve_Finance_Governance_Attack|Nov 10th - Curve Finance Governance Attack - $46m (Global)]]

[[Saddle_Finance_MetaSwap_Nerve/Synapse_Bridge_Exploit|Nov 6th - Saddle Finance MetaSwap Nerve/Synapse Bridge Exploit - $8.2m (Global)]]

=== August 2021 ===
[[Curve_Bribe_Exploit|Aug 14th - Curve Bribe Exploit - $117k (Global)]]

[[Punk_Protocol_Reinitialized|Aug 10th - Punk Protocol Reinitialized - $8.95m (Global)]]

[[Zerogoki_Price_Oracle_Compromised|Aug 8th - Zerogoki Price Oracle Compromised - $670k (Global)]]

[[Wault_Finance_Stablecoin_Peg_Logic_Error|Aug 4th - Wault Finance Stablecoin Peg Logic Error - $816k (Global)]]

=== July 2021 ===
[[Midas_Dollar_V2_Peg_Not_Established|Jul 13th - Midas Dollar V2 Peg Not Established - $Unknown (Global)]]

=== June 2021 ===
[[SafeDollar_Reward_Logic_Exploited|Jun 27th - SafeDollar Reward Logic Exploited - $250k (Global)]]

[[StableMagnet_Exit_Scam|Jun 23rd - StableMagnet Exit Scam - $27m (Global)]]

[[SharedStake_TimeLock_Vulnerabilities|Jun 23rd - SharedStake TimeLock Vulnerabilities - $500k (Global)]]

[[Eleven_Finance_Logic_Exploit|Jun 22nd - Eleven Finance Logic Exploit - $4.8m (Global)]]

[[SafeDollar_First_Exploit|Jun 20th - SafeDollar First Exploit - $95k (Global)]]

[[Alchemix_alETH_%22Rug_Put%22|Jun 16th - Alchemix alETH "Rug Put" - $6.53m (Global)]]

[[Iron_Finance_Titan_Stablecoin_Collapses|Jun 16th - Iron Finance Titan Stablecoin Collapses - $2b (Global)]]

[[Unified_Stable_Dollar_Suspended|Jun 15th - Unified Stable Dollar Suspended - $35k (Global)]]

=== May 2021 ===
[[BEarnFi_BVaults_Exploited|May 16th - BEarnFi BVaults Exploited - $17.939m (Global)]]

[[BDollar_V2_(BDOV2)_Dollar_Fails_To_Peg|May 13th - BDollar V2 (BDOV2) Dollar Fails To Peg - $34.096m (Global)]]

[[Iron_Finance_Irony|May 7th - Iron Finance Irony - $11m (Global)]]

=== April 2021 ===
[[Midas_Dollar_Peg_Lost|Apr 19th - Midas Dollar Peg Lost - $1.733m (Global)]]

[[Monster_Slayer_Finance_Rug_Pull|Apr 6th - Monster Slayer Finance Rug Pull - $2.317m (Global)]]

=== March 2021 ===
[[bDollar_(BDO)_Stablecoin_Peg_Lost|Mar 24th - bDollar (BDO) Stablecoin Peg Lost - $120m (Global)]]

[[Iron_Finance_Burned|Mar 16th - Iron Finance Burned - $170k (Global)]]

[[Kava_Labs_Accounting_Logic_Error|Mar 5th - Kava Labs Accounting Logic Error - $0k (Global)]]

[[Curve_Finance_V1_Vulnerability|Mar 4th - Curve Finance V1 Vulnerability - $0k (Global)]]

=== January 2021 ===
[[Dynamic_Set_Dollar_Peg_Lost|Jan 28th - Dynamic Set Dollar Peg Lost - $Unknown (Global)]]

[[freeLiquid_USDFL_Stablecoin_Peg_Lost|Jan 12th - freeLiquid USDFL Stablecoin Peg Lost - $Unknown (Global)]]

[[Stand_Cash_Stablecoin_Not_Stable|Jan 7th - Stand Cash Stablecoin Not Stable - $20m (Global)]]

==2020==
=== December 2020 ===
[[One_Cash_Finance_Not_Stable|Dec 31st - One Cash Finance Not Stable - $5.6m (Global)]]

[[Empty_Set_Dollar_Stablecoin_Collapse|Dec 26th - Empty Set Dollar Stablecoin Collapse - $200k (Global)]]

=== November 2020 ===
[[Compound_Price_Feed_Error|Nov 26th - Compound Price Feed Error - $4m (Global)]]

=== October 2020 ===
[[Curve_Finance_Google_Phish|Oct 11th - Curve Finance Google Phish - $231k (Global)]]

[[DeFi_Saver/imToken_DAI_Reduction|Oct 8th - DeFi Saver/imToken DAI Reduction - $310k (Global)]]

[[AmplyFi.Money_Exit_Scam|Oct 6th - AmplyFi.Money Exit Scam - $885k (Global)]]

=== September 2020 ===
[[Swerve_Finance_Swerves_Finely|Sep 19th - Swerve Finance Swerves Finely - $8m (Global)]]

[[Soft_Yearn_(SFYI)_Rebase_Exploit|Sep 3rd - Soft Yearn (SFYI) Rebase Exploit - $250k (Global)]]

=== July 2020 ===
[[MMM_BSC_Multi-Level_Marketing_Scheme|Jul 25th - MMM BSC Multi-Level Marketing Scheme - $5m (Global)]]

[[Forsage_Multi_Level_Marketing_Scheme|Jul 16th - Forsage Multi Level Marketing Scheme - $874.673m (Global)]]

=== June 2020 ===
[[MakerDao_Web3_DeFi_Phishing|Jun 25th - MakerDao Web3 DeFi Phishing - $100k (Global)]]

[[Atomic_Loans_Close_Call|Jun 24th - Atomic Loans Close Call - $0k (Canada)]]

=== May 2020 ===
[[LMEX_Stock_Exchange|May 27th - LMEX Stock Exchange - $150k (China)]]

[[Bitcoin_Backed_tBTC_Stuck|May 17th - Bitcoin Backed tBTC Stuck - $0k (Global)]]

=== April 2020 ===
[[Curve_Finance_SUSD_Vulnerability|Apr 19th - Curve Finance SUSD Vulnerability - $0k (Global)]]

=== March 2020 ===
[[MakerDao_Abnormal_Liquidations|Mar 12th - MakerDao Abnormal Liquidations - $8.3m (Global)]]

=== February 2020 ===
[[Nexus_Mutual_Fund_Pool_Vulnerable|Feb 24th - Nexus Mutual Fund Pool Vulnerable - $0k (Global)]]

=== January 2020 ===
[[Curve_Drainable_Hack|Jan 25th - Curve Drainable Hack - $0k (Global)]]

==2019==
=== November 2019 ===
[[BitUSD_Stablecoin_Depegged|Nov 6th - BitUSD Stablecoin Depegged - $Unknown (Global)]]

=== October 2019 ===
[[MakerDao_Auction_Lack_of_Validation|Oct 1st - MakerDao Auction Lack of Validation - $7m (Global)]]

=== September 2019 ===
[[DDEX_Exchange_Price_Manipulation|Sep 18th - DDEX Exchange Price Manipulation - $0k (Global)]]

=== June 2019 ===
[[Synthetix_Oracle_Theft_Incident|Jun 25th - Synthetix Oracle Theft Incident - $37m (Global)]]

=== May 2019 ===
[[MakerDAO_Governance_Vulnerability|May 6th - MakerDAO Governance Vulnerability - $100m (Global)]]

==2018==
=== December 2018 ===
[[Basecoin_Shut_Down_By_SEC|Dec 13th - Basecoin Shut Down By SEC - $0k (United States)]]

=== November 2018 ===
[[Tether_Fake_Android_Wallet|Nov 8th - Tether Fake Android Wallet - $Unknown (Global)]]

=== March 2018 ===
[[NuBits_Stablecoin_Depegged|Mar 12th - NuBits Stablecoin Depegged - $70.51m (Global)]]

==2017==
=== November 2017 ===
[[Tether_USDT_Token_Theft|Nov 19th - Tether USDT Token Theft - $30.95m (Global)]]

Centralized Exchange Cases

2025-08-27T21:46:56Z

Azoundria:

{{Template:Automated List}}

==2025==
=== August 2025 ===
[[Coinbase_MainnetSettler_Approve_Bug_Hold_Token_Theft_2|Aug 13th - Coinbase MainnetSettler Approve Bug Hold Token Theft 2 - $300k (United States)]]

=== July 2025 ===
[[WOO_X_Targeted_Development_Environment_Phishing_Attack_Theft|Jul 23rd - WOO X Targeted Development Environment Phishing Attack Theft - $14m (Global)]]

[[CoinDCX_Sophisticated_Server_Breach_Precise_Cross-Chain_Heist|Jul 18th - CoinDCX Sophisticated Server Breach Precise Cross-Chain Heist - $44.3m (India)]]

[[BigONE_Control_Logic_Changed_To_Withdraw_Customer_Funds|Jul 15th - BigONE Control Logic Changed To Withdraw Customer Funds - $27m (Global)]]

=== June 2025 ===
[[Nobitex_Hot_Wallet_Funds_Burned_In_Politically_Motivated_Attack|Jun 17th - Nobitex Hot Wallet Funds Burned In Politically Motivated Attack - $81.7m (Iran)]]

=== May 2025 ===
[[Nexo_Smart_Contract_Exploited_By_Fake_Uniswap_V3_Pool|May 21st - Nexo Smart Contract Exploited By Fake Uniswap V3 Pool - $145k (Global)]]

[[BitoPro_Multiple_Hot_Wallets_Drained_During_System_Upgrade|May 8th - BitoPro Multiple Hot Wallets Drained During System Upgrade - $11.5m (Taiwan)]]

=== April 2025 ===
[[KiloEx_Public_Price_Oracle_Access_Control_Vulnerability|Apr 14th - KiloEx Public Price Oracle Access Control Vulnerability - $7.492m (Global)]]

=== February 2025 ===
[[Infini_Money_Anonymous_Developer_Backdoor_Vault_Theft|Feb 23rd - Infini Money Anonymous Developer Backdoor Vault Theft - $49.517m (Global)]]

[[ByBit_Multi-Sig_Cold_Wallet_Not_Cold_Or_Multi-Sig|Feb 21st - ByBit Multi-Sig Cold Wallet Not Cold Or Multi-Sig - $1.436173b (Global)]]

[[Xeggex_Exchange_Collapses|Feb 3rd - Xeggex Exchange Collapses After Suspicious Withdrawals - $Unknown (Global)]]

=== January 2025 ===
[[Phemex_Hot_Wallet_Access_Control_Vulnerability|Jan 23rd - Phemex Hot Wallet Access Control Vulnerability - $69.089m (Global)]]

==2024==
=== December 2024 ===
[[Coinbase_Support_Data_Breach_Sophisticated_Phishing|Dec 26th - Coinbase Support Data Breach Sophisticated Phishing - $180m (United States)]]

=== November 2024 ===
[[XT.com_Exchange_Hot_Wallet_Breach|Nov 27th - XT.com Exchange Hot Wallet Breach - $1.7m (Global)]]

[[Coinbase_MainnetSettler_Approval_Issue_Hold_Token_Theft_1|Nov 20th - Coinbase MainnetSettler Approval Issue Hold Token Theft 1 - $66k (United States)]]

[[DEXX_Web_Wallet_Private_Key_Leakage|Nov 15th - DEXX Web Wallet Private Key Leakage - $21m (Global)]]

[[CoinPoker_Hot_Wallet_Third-party_Vulnerability|Nov 7th - CoinPoker Hot Wallet Third-party Vulnerability - $2m (Global)]]

=== October 2024 ===
[[M2_Exchange_Access_Control_Vulnerability|Oct 30th - M2 Exchange Access Control Vulnerability - $13.7m (United Arab Emirates)]]

=== September 2024 ===
[[BingX_Massive_Hot_Wallet_Breach|Sep 19th - BingX Massive Hot Wallet Breach - $44.061m (Global)]]

[[Indodax_Withdrawal_System_Exploited|Sep 10th - Indodax Withdrawal System Exploited - $21.996m (Indonesia)]]

=== August 2024 ===
[[Orderly_Network_Discord_Server_Compromised|Aug 29th - Orderly Network Discord Server Compromised - $Unknown (Global)]]

=== June 2024 ===
[[BtcTurk_Hot_Wallet_Network_Attack|Jun 22nd - BtcTurk Hot Wallet Network Attack - $55m (Global)]]

[[Kraken_Exploit_Found/Used_By_CertiK|Jun 5th - Kraken Exploit Found/Used By CertiK - $3m (United States)]]

=== May 2024 ===
[[DMM_Bitcoin_Wallet_Emptied|May 30th - DMM Bitcoin Wallet Emptied - $308.949m (Global)]]

=== April 2024 ===
[[Rain_Exchange_Large_Wallet_Breach|Apr 29th - Rain Exchange Large Wallet Breach - $14.8m (Global)]]

[[FixedFloat_April_Fools_Day_Exploit|Apr 1st - FixedFloat April Fools Day Exploit - $2.8m (Global)]]

=== February 2024 ===
[[FixedFloat_Minor_Technical_Problems|Feb 18th - FixedFloat Minor Technical Problems - $26.1m (Global)]]

==2022==
=== December 2022 ===
[[Midas_Investments_Platform_Closure|Dec 27th - Midas Investments Platform Closure - $63.3m (Global)]]

[[Sajid_Ikram_Romanceless_Pig_Butchering_Scam|Dec 25th - Sajid Ikram Romanceless Pig Butchering Scam - $328k (Global)]]

=== November 2022 ===
[[CoinSquare_Client_Database_Breach|Nov 19th - CoinSquare Client Database Breach - $0k (Canada)]]

[[Gemini_Third_Party_Data_Breach|Nov 14th - Gemini Third Party Data Breach - $0k (Global)]]

[[AAX_Exchange_Collapses|Nov 13th - AAX Exchange Collapses - $100m (Global)]]

[[BlockFi_Withdrawals_Disabled_and_Bankruptcy|Nov 10th - BlockFi Withdrawals Disabled and Bankruptcy - $Unknown (United States)]]

[[FTX_Exchange_Collapse_and_Bankruptcy|Nov 9th - FTX Exchange Collapse and Bankruptcy - $8b (Global)]]

[[Deribit_Hot_Wallet_Breached|Nov 1st - Deribit Hot Wallet Breached - $28m (Global)]]

=== October 2022 ===
[[Celsius_Bankruptcy_Releases_Customer_Data|Oct 5th - Celsius Bankruptcy Releases Customer Data - $0k (United States)]]

=== August 2022 ===
[[Crypto.com_Sends_$10.5m_To_Melbourne_Woman|Aug 30th - Crypto.com Sends $10.5m To Melbourne Woman - $10.5m (Australia)]]

=== July 2022 ===
[[Voyager_Digital_Bankruptcy|Jul 5th - Voyager Digital Bankruptcy - $5.9b (United States)]]

[[Vauld_Platform_Withdrawals_Paused|Jul 4th - Vauld Platform Withdrawals Paused - $197.7m+ (Global)]]

=== June 2022 ===
[[Babel_Finance_Halts_Withdrawals|Jun 17th - Babel Finance Halts Withdrawals - $Unknown (Global)]]

[[Celsius_Platform_Withdrawals_Paused|Jun 12th - Celsius Platform Withdrawals Paused - $11.8b (United States)]]

=== May 2022 ===
[[Binance_Tourist_Billboards_in_Turkey|May 8th - Binance Tourist Billboards in Turkey - $Unknown (Turkey)]]

=== March 2022 ===
[[VeVe_Gems_Acquired_Illegitimately|Mar 22nd - VeVe Gems Acquired Illegitimately - $Unknown (Global)]]

[[BlockFi_Hubspot_Data_Breach|Mar 18th - BlockFi Hubspot Data Breach - $0k (United States)]]

[[NYDIG_HubSpot_Data_Breach|Mar 18th - NYDIG HubSpot Data Breach - $Unknown (United States)]]

[[Circle_HubSpot_Data_Breach|Mar 18th - Circle HubSpot Data Breach - $Unknown (United States)]]

=== February 2022 ===
[[OpenSea_Fake_Verification_Phishing_Emails|Feb 26th - OpenSea Fake Verification Phishing Emails - $Unknown (Global)]]

[[OpenSea_Phishing_Attack|Feb 19th - OpenSea Phishing Attack - $3.4m (Global)]]

[[TopGoal_Hot_Wallet_Breach|Feb 16th - TopGoal Hot Wallet Breach - $1.113m (Global)]]

[[Coinbase_Advanced_Market_Vulnerability|Feb 11th - Coinbase Advanced Market Vulnerability - $0k (United States)]]

[[IRA_Financial_Suspicious_Withdrawals|Feb 8th - IRA Financial Suspicious Withdrawals - $36m (United States)]]

[[PayBito_Customer_Data_Breach|Feb 3rd - PayBito Customer Data Breach - $0k (United States/India)]]

=== January 2022 ===
[[QXTraders_Scam_Investment_First-Stranger|Jan 29th - QXTraders Scam Investment First-Stranger - $2k (Canada)]]

[[EmpiresX_Ponzi_Scheme|Jan 28th - EmpiresX Ponzi Scheme - $100m (United States)]]

[[OpenSea_Old_Contracts_Exploited|Jan 24th - OpenSea Old Contracts Exploited - $1.1m (Global)]]

[[Crypto.com_Withdrawals_Triggered|Jan 17th - Crypto.com Withdrawals Triggered - $34.358m (Singapore)]]

[[Coinbase_Ethereum_Stolen_via_Minecraft_Mod|Jan 16th - Coinbase Ethereum Stolen via Minecraft Mod - $22k (Unknown)]]

[[OpenSea_Forced_Sale_By_Old_Listing|Jan 12th - OpenSea Forced Sale By Old Listing - $48k (Global)]]

[[Token_Tax_API_Key_Breach_SPT0615-JD|Jan 12th - Token Tax API Key Breach SPT0615-JD - $Unknown (United States)]]

[[Witty-Season-3914_Double_Scam_Recovery|Jan 11th - Witty-Season-3914 Double Scam Recovery - $7k (Global)]]

[[LCX_Exchange_Hot_Wallet_Hack|Jan 8th - LCX Exchange Hot Wallet Hack - $7.94m (Liechtenstein)]]

[[OpenSea_Bored_Ape_Old_Contract_Hack|Jan 1st - OpenSea Bored Ape Old Contract Hack - $245k (Global)]]

==2021==
=== December 2021 ===
[[OpenSea_Doodle_Sold_By_Old_Listing|Dec 31st - OpenSea Doodle Sold By Old Listing - $7k (Global)]]

[[Cell_Phone_Repair_Shop_Theft_hoangs2k|Dec 26th - Cell Phone Repair Shop Theft hoangs2k - $73k (Canada)]]

[[CoinRise_Investor_Losses|Dec 22nd - CoinRise Investor Losses - $Unknown (Canada)]]

[[Ascendex_Hot_Wallet_Hack|Dec 11th - Ascendex Hot Wallet Hack - $77.7m (Singapore)]]

[[Hinge_Romance_Scam_Niki_Hutchinson|Dec 10th - Hinge Romance Scam Niki Hutchinson - $390k (United States)]]

[[BitMart_Hot_Wallet_Security_Breach|Dec 4th - BitMart Hot Wallet Security Breach - $196m (Cayman Islands)]]

=== November 2021 ===
[[Coinbase_Shiba_Sim_Swap_Case_ethanhunt444|Nov 30th - Coinbase Shiba Sim Swap Case ethanhunt444 - $2k (Global)]]

[[Bitcoin_Sent_To_Litecoin_Address_deepfloater|Nov 30th - Bitcoin Sent To Litecoin Address deepfloater - $Unknown (Global)]]

[[Coinbase_Bank_Fees_z0mbiechris|Nov 21st - Coinbase Bank Fees z0mbiechris - $6k (United States)]]

[[Coinbase_Account_Breach_Phone_Theft_shotford11|Nov 11th - Coinbase Account Breach Phone Theft shotford11 - $Unknown (United States)]]

[[FomoEX_Ponzi_Scheme|Nov 10th - FomoEX Ponzi Scheme - $Unknown (Global)]]

[[CoinSpot_Account_Hacked_borgy63|Nov 8th - CoinSpot Account Hacked borgy63 - $2k (Australia)]]

[[Robinhood_Massive_Data_Breached|Nov 3rd - Robinhood Massive Data Breached - $0k (United States)]]

=== October 2021 ===
[[Coin-Ether_Coinbase_Ethereum_Doubling_Offer|Oct 31st - Coin-Ether Coinbase Ethereum Doubling Offer - $26k (Global)]]

[[OpenSea_Hashmasks_Fake_Listing|Oct 17th - OpenSea Hashmasks Fake Listing - $Unknown (Global)]]

[[DiamondFxPro/DybitFX_Fake_Bitcoin_Broker_WonderWolf46|Oct 15th - DiamondFxPro/DybitFX Fake Bitcoin Broker WonderWolf46 - $3k (Global)]]

[[ZBG_Global_Pig_Butchering_Scam_ocean_preneur|Oct 14th - ZBG Global Pig Butchering Scam ocean_preneur - $40k (Global)]]

[[Coinbase_Account_Hacked_Live4toys|Oct 11th - Coinbase Account Hacked Live4toys - $16k (United States)]]

[[Ornery_Maintenance_8_Malware_Attack_on_Windows_7|Oct 10th - Ornery_Maintenance_8 Malware Attack on Windows 7 - $2k (Global)]]

[[GravyScale_Fraudulent_Investment|Oct 2nd - GravyScale Fraudulent Investment - $Unknown (Global)]]

[[Coinbase_Ethereum_Address_Typo_Miserable_Earth5856|Oct 1st - Coinbase Ethereum Address Typo Miserable_Earth5856 - $2k (Global)]]

=== September 2021 ===
[[Coinbase_Hack_Despite_2FA_BradlyL|Sep 27th - Coinbase Hack Despite 2FA BradlyL - $3k (Global)]]

[[IDEEX_VIP_Scammed_Out_Of_Life_Savings_sirarteaga|Sep 5th - IDEEX VIP Scammed Out Of Life Savings sirarteaga - $50k (Global)]]

[[CoinPryme_Fraudulent_Investment_Platform|Sep 5th - CoinPryme Fraudulent Investment Platform - $Unknown (Global)]]

[[CME_Group_Fake_Investment_Website_chauchau899|Sep 4th - CME Group Fake Investment Website chauchau899 - $10k (Global)]]

=== August 2021 ===
[[Banksy_Fake_NFT_Sale_on_OpenSea|Aug 31st - Banksy Fake NFT Sale on OpenSea - $336k (Global)]]

[[Bilaxy_Hot_Wallet_Breach|Aug 29th - Bilaxy Hot Wallet Breach - $21.709m (Seychelles)]]

[[OpenSea_sohrobf_Fake_Support_Scam|Aug 25th - OpenSea sohrobf Fake Support Scam - $543k (Global)]]

[[Coinbase_Vidovic_Account_Sim_Swap|Aug 24th - Coinbase Vidovic Account Sim Swap - $169k (United States)]]

[[OpenSea_Fake_Support_Accounts|Aug 23rd - OpenSea Fake Support Accounts - $15k (Global)]]

[[Liquid_Warm_Wallet_Liquidated|Aug 18th - Liquid Warm Wallet Liquidated - $91.35m (Japan)]]

[[LCTP_Global_Pig_Butchering_Scam|Aug 17th - LCTP Global Pig Butchering Scam - $Unknown (Global)]]

=== July 2021 ===
[[CostPayIn_Dating_Scam_UCruz87|Jul 27th - CostPayIn Dating Scam UCruz87 - $12k (Global)]]

[[Bitcomex_Valid_Withdrawals_Pig_Butchering_pf_12345|Jul 23rd - Bitcomex Valid Withdrawals Pig Butchering pf_12345 - $10k (United States)]]

[[EZWebx_Scam_Exchange_jonathan0402|Jul 23rd - EZWebx Scam Exchange jonathan0402 - $Unknown (Global)]]

[[Dogecoin_Investment_Platform_Scam_Biggy437|Jul 23rd - Dogecoin Investment Platform Scam Biggy437 - $15k (Global)]]

[[Coinskale_Dogecoin_Staking_Scam_Website_Tradegrow|Jul 21st - Coinskale Dogecoin Staking Scam Website Tradegrow - $20k (Australia)]]

[[Coinbase_Unauthorized_Bank_Access|Jul 19th - Coinbase Unauthorized Bank Access - $50k (United States)]]

[[Animal_Shelter_Long_Haul_Scammer_lendingaccount|Jul 13th - Animal Shelter Long Haul Scammer lendingaccount - $240k (United States)]]

[[Bitmart_BSV_51%_Attack|Jul 8th - Bitmart BSV 51% Attack - $Unknown (Cayman Islands)]]

[[Overflow0X_Physical_Cryptocurrency_Robbery|Jul 3rd - Overflow0X Physical Cryptocurrency Robbery - $Unknown (Morocco)]]

=== June 2021 ===
[[Raelene_Vandenbosch_Rogers_Kiosk_SIM_Swap_Shakepay_Ledger|Jun 30th - Raelene Vandenbosch Rogers Kiosk SIM Swap Shakepay Ledger - $535k (Canada)]]

[[StakeHound_Got_FireBlocked|Jun 22nd - StakeHound Got FireBlocked - $75m (Switzerland)]]

[[Pension_Investment_Fraud_Teresa_Jackson|Jun 19th - Pension Investment Fraud Teresa Jackson - $155k (Global)]]

[[Coinbase_Lawsuit_People_Locked_From_Accounts|Jun 9th - Coinbase Lawsuit People Locked From Accounts - $Unknown (United States)]]

=== May 2021 ===
[[BlockFi_Sends_Free_Bitcoin|May 19th - BlockFi Sends Free Bitcoin - $10m (United States)]]

[[CoinBase_6000_Users_Robbed|May 15th - CoinBase 6000 Users Robbed - $Unknown (United States)]]

[[Hinge_Dating_App_Xau_Gold_Investments_nholding|May 15th - Hinge Dating App Xau Gold Investments nholding - $25k (Global)]]

[[WaterMine_Ponzi_Scheme|May 11th - WaterMine Ponzi Scheme - $Unknown (Global)]]

[[Coinbase_Deposit_BSC_Wrapped_Ethereum_Spooky007x|May 8th - Coinbase Deposit BSC Wrapped Ethereum Spooky007x - $2k (United States)]]

[[BitBuy_Korea_Exit_Scam|May 3rd - BitBuy Korea Exit Scam - $Unknown (South Korea)]]

[[Coinbase_Phishing_Attacks|May 1st - Coinbase Phishing Attacks - $Unknown (United States)]]

=== April 2021 ===
[[HotBit_Downtime_and_Privacy_Breach|Apr 29th - HotBit Downtime and Privacy Breach - $0k (China)]]

[[VeBitcoin_Shuts_Down|Apr 24th - VeBitcoin Shuts Down - $Unknown (Turkey)]]

[[Thodex_CEO_Flees_Collapse|Apr 22nd - Thodex CEO Flees Collapse - $2b (Turkey)]]

[[AfriCrypt_Platform_%22Hacked%22|Apr 19th - AfriCrypt Platform "Hacked" - $2.3b (South Africa)]]

[[Category_Thin_Jewelry_Cabinet_Seed_Phrase_Theft|Apr 18th - Category_Thin Jewelry Cabinet Seed Phrase Theft - $447k (United States)]]

[[Celsius_Network_Phishing_Attack|Apr 14th - Celsius Network Phishing Attack - $Unknown (United States)]]

[[Coinbase_Blumetti_Account_Sim_Swap|Apr 7th - Coinbase Blumetti Account Sim Swap - $503k (United States)]]

=== March 2021 ===
[[XMiner.io_Cloud_Mining_Scam|Mar 31st - XMiner.io Cloud Mining Scam - $Unknown (Global)]]

[[Nexo_Disabling_Withdrawals_Forcing_Token_Sale|Mar 22nd - Nexo Disabling Withdrawals Forcing Token Sale - $58.35m (Global)]]

[[CoinBase_Account_Compromised_jerecock|Mar 14th - CoinBase Account Compromised jerecock - $11k (Global)]]

[[Coinbase/Gemini_TMobile_Sim_Swapping_HowDoIHummus|Mar 1st - Coinbase/Gemini TMobile Sim Swapping HowDoIHummus - $10k (United States)]]

=== February 2021 ===
[[Pantera_Capital_HubSpot_Data_Breach_and_Pantera_Coin_Fraud|Feb 17th - Pantera Capital HubSpot Data Breach and Coin Fraud - $Unknown (United States)]]

[[Coinseed_Destroyed_By_SEC|Feb 17th - Coinseed Destroyed By SEC - $3m (United States)]]

[[Cryptopia_Liquidation_Hack|Feb 15th - Cryptopia Liquidation Hack - $45k (New Zealand)]]

=== January 2021 ===
[[BuyUCoin_Data_Breach|Jan 21st - BuyUCoin Data Breach - $0k (India)]]

[[Binance_Firo_(ZCoin)_51%_Attack|Jan 19th - Binance Firo (ZCoin) 51% Attack - $4.381m (Global)]]

[[Indodax_Firo_(ZCoin)_51%_Attack|Jan 19th - Indodax Firo (ZCoin) 51% Attack - $400k (Global)]]

==2020==
=== December 2020 ===
[[Altilly_Assets_Hacked|Dec 26th - Altilly Hot Wallets Hacked And Cold Wallets Lost - $6.7m (Sweden)]]

[[Livecoin_Shut_Down_By_Hack|Dec 23rd - Livecoin Shut Down By Hack - $3.3m (Russia)]]

[[Exmo_Assets_Lost|Dec 21st - Exmo Assets Lost - $10.5m (United Kingdom)]]

[[BTC_Markets_Privacy_Breach|Dec 1st - BTC Markets Privacy Breach - $0k (Australia)]]

=== November 2020 ===
[[Celsius_Network_Account_Hacked|Nov 30th - Celsius Network Account Hacked - $82k (United States)]]

[[Bancar_Hack_Theft|Nov 26th - Bancar Hack Theft - $1.9m (Venezuela)]]

[[Celsius_GoDaddy_DNS_Hijacking|Nov 21st - Celsius GoDaddy DNS Hijacking - $0k (United States)]]

[[Bitcoin_Interchange_Exit_Scam|Nov 18th - Bitcoin Interchange Exit Scam - $766k (Zimbabwe)]]

[[Liquid_Data_Leak|Nov 13th - Liquid Data Leak - $0k (Japan)]]

=== October 2020 ===
[[Cred_CCO_Was_UK_Fugitive|Oct 27th - Cred CCO Was UK Fugitive - $330.489m (United States)]]

[[OceanEx_Account_Breached_wassim0|Oct 22nd - OceanEx Account Breached wassim0 - $30k (Canada)]]

[[KuCoin_Fake_Wallet_Site|Oct 3rd - KuCoin Fake Wallet Site - $Unknown (Singapore)]]

=== September 2020 ===
[[KuCoin_Hot_Wallet_Breach|Sep 25th - KuCoin Hot Wallet Breach - $281m (Singapore)]]

[[Robinhood_Account_Hacking_Spree|Sep 25th - Robinhood Account Hacking Spree - $Unknown (United States)]]

[[KuCoin_Fake_Exchange_Website|Sep 23rd - KuCoin Fake Exchange Website - $Unknown (Singapore)]]

[[Sim_Swapping_AT%26T|Sep 20th - Sim Swapping AT&T - $560k (United States)]]

[[Arbistar_Trading_Bot_Overpayment|Sep 12th - Arbistar Trading Bot Overpayment - $1000m (Spain)]]

[[Eterbase_Hot_Wallets_Breached|Sep 8th - Eterbase Hot Wallets Breached - $5.4m (Slovakia)]]

=== August 2020 ===
[[Coinbase_Sim_Swapping_Lawsuit|Aug 26th - Coinbase Sim Swapping Lawsuit - $Unknown (United States)]]

[[Coinbit_Seizure/Investigation|Aug 25th - Coinbit Seizure/Investigation - $85m (South Korea)]]

[[BTC_ERA_Phishing_Attack|Aug 25th - BTC ERA Phishing Attack - $0k (Global)]]

[[CoinBerry_ETransfer_Glitch_Fraud|Aug 24th - CoinBerry ETransfer Glitch Fraud - $1.413m (Canada)]]

[[Mirror_Trading_International|Aug 19th - Mirror Trading International - $885m (South Africa)]]

[[KuCoin_Fraudulent_Website|Aug 19th - KuCoin Fraudulent Website - $Unknown (Singapore)]]

[[Bitfinex/Ethereum_Classic_Second_51%_Attack|Aug 5th - Bitfinex/Ethereum Classic Second 51% Attack - $3.2m (Unknown)]]

=== July 2020 ===
[[OkEx_Ethereum_Classic_51%_Attack|Jul 31st - OkEx Ethereum Classic 51% Attack - $5.6m (Malta)]]

[[2gether_Hacked|Jul 31st - 2gether Hacked - $1.39m (Spain)]]

[[Cashaa_Wallet_Hacked|Jul 11th - Cashaa Wallet Hacked - $3.1m (United Kingdom)]]

=== June 2020 ===
[[GPay/Cryptopoint/XtraderFX_Shut_Down|Jun 23rd - GPay/Cryptopoint/XtraderFX Shut Down - $1.68m (United Kingdom)]]

[[Ledger_Shopify_Data_Breach_2|Jun 16th - Ledger Shopify Data Breach 2 - $Unknown (Global)]]

[[HTS_Coin_Shuts_Down|Jun 15th - HTS Coin Shuts Down - $Unknown (South Korea)]]

[[MiningPoolHub_Ethereum_Theft|Jun 11th - MiningPoolHub Ethereum Theft - $1.282m (United States)]]

[[Good_Cycle_Ponzi_Blackmailed|Jun 10th - Good Cycle Ponzi Blackmailed - $5.279m (South Korea)]]

=== May 2020 ===
[[LMEX_Stock_Exchange|May 27th - LMEX Stock Exchange - $150k (China)]]

[[Coinbase/AT%26T_Account_Sim_Swap_signalme|May 17th - Coinbase/AT&T Account Sim Swap signalme - $4k (United States)]]

[[Ledger_Shopify_Data_Breach_1|May 14th - Ledger Shopify Data Breach 1 - $Unknown (Global)]]

=== April 2020 ===
[[EOS_Ecosystem_Ponzi_Scheme_Collapses|Apr 20th - EOS Ecosystem Ponzi Scheme Collapses - $52m (China)]]

=== February 2020 ===
[[Coinbase_Sim_Swapping_SaltedAvocadosMhh|Feb 25th - Coinbase Sim Swapping SaltedAvocadosMhh - $15k (United States)]]

[[VBITEX_Hacked|Feb 17th - VBITEX Hacked - $Unknown (Unknown)]]

[[Altsbit_Hot_Wallets_Hacked|Feb 6th - Altsbit Hot Wallets Hacked - $317k (Italy)]]

[[FCoin_Collapses|Feb 1st - FCoin Collapses - $125m (China)]]

=== January 2020 ===
[[Binance/Bitcoin_Gold_Double_Spend_Hack|Jan 1st - Binance/Bitcoin Gold Double Spend Hack - $72k (Malta)]]

==2019==
=== December 2019 ===
[[RG_Coins_Shuts_Down|Dec 11th - RG Coins Shuts Down - $7m (Bulgaria)]]

[[Cloud_Token_Wallet_Service|Dec 1st - Cloud Token Wallet Service - $500m (Singapore)]]

=== November 2019 ===
[[Upbit_Hot_Wallet_Hack|Nov 26th - Upbit Hot Wallet Hack - $49.2m (South Korea)]]

[[GateHub_Privacy_Breach|Nov 14th - GateHub Privacy Breach - $0k (United Kingdom)]]

[[BitMEX_Email_Gaffe|Nov 11th - BitMEX Email Gaffe - $0k (Seychelles)]]

[[VinDAX_Exchange_Hacked|Nov 4th - VinDAX Exchange Hacked - $500k (Vietnam)]]

[[BeenTrade_Fake_Crypto_Exchange|Nov 4th - BeenTrade Fake Crypto Exchange - $Unknown (Global)]]

[[IDAX_Global_CEO_Disappears|Nov 1st - IDAX Global CEO Disappears - $Unknown (China)]]

[[Einstein_Exchange|Nov 1st - Einstein Exchange - $12m (Canada)]]

=== October 2019 ===
[[OvexTrade_Withdrawal_Fraud_Platform|Oct 22nd - OvexTrade Withdrawal Fraud Platform - $Unknown (Global)]]

[[WoToken_Wallet_Service|Oct 1st - WoToken Wallet Service - $1.1b (China)]]

=== September 2019 ===
[[Coinhouse_Phishing_Attack|Sep 14th - Coinhouse Phishing Attack - $Unknown (France)]]

[[Cryptopia_Ex-Employee_Theft|Sep 10th - Cryptopia Ex-Employee Theft - $235k (New Zealand)]]

=== August 2019 ===
[[CoinTiger_PTT_%22Cold_Wallet%22_Breach|Aug 17th - CoinTiger PTT "Cold Wallet" Breach - $1.708m (Singapore)]]

[[EZ-BTC/Dave_Smillie|Aug 1st - EZ-BTC/Dave Smillie - $3.9m+ (Canada)]]

=== July 2019 ===
[[InnovaMine_Cloud_Mining_Operation|Jul 15th - InnovaMine Cloud Mining Operation - $7m+ (Global)]]

[[BitPoint_Hot_Wallet_Hack|Jul 11th - BitPoint Hot Wallet Hack - $32.2m (Japan)]]

[[Soxex_Collapse|Jul 4th - Soxex Collapse - $1000k (Unknown)]]

[[Bitmarket_Gone_Without_Warning|Jul 1st - Bitmarket Gone Without Warning - $23m (Poland)]]

=== June 2019 ===
[[QuickBit_Privacy_Breach|Jun 28th - QuickBit Privacy Breach - $0k (Sweden)]]

[[Koinex_Shuts_Down_Regulatory_Uncertainty|Jun 27th - Koinex Shuts Down Regulatory Uncertainty - $Unknown (India)]]

[[Unknown_Platform_Cyber-Squatting|Jun 25th - Unknown Platform Cyber-Squatting - $27.2m (Global)]]

[[Bitrue_Hot_Wallet_Breach|Jun 16th - Bitrue Hot Wallet Breach - $4.5m (Singapore)]]

[[Kraken_Flash_Crash_(Suspected_Theft)|Jun 2nd - Kraken Flash Crash (Suspected Theft) - $10m (United States)]]

[[Bitsane_Exit_Scam|Jun 1st - Bitsane Exit Scam - $155k+ (Ireland)]]

[[PlusToken_Wallet_and_Exchange|Jun 1st - PlusToken Wallet and Exchange - $6b (South Korea)]]

[[Gatehub_Customer_XRP_Wallets_Breached|Jun 1st - Gatehub Customer XRP Wallets Breached - $10.1m (United Kingdom)]]

=== May 2019 ===
[[Remitano_False_XRP_Deposit|May 29th - Remitano False XRP Deposit - $Unknown (Seychelles)]]

[[CoinBase_Sim_Swapping|May 20th - CoinBase Sim Swapping - $100k (United States)]]

[[Binance_Hot_Wallet_Theft|May 7th - Binance Hot Wallet Theft - $41.238m (Malta)]]

[[Bitcoins_Norway_AlphaPoint_Attack|May 7th - Bitcoins Norway AlphaPoint Attack - $500k+ (Norway)]]

[[BitoPro_XRP_Partial_Payment_Theft|May 2nd - BitoPro XRP Partial Payment Theft - $2.122m (Taiwan)]]

[[CoinRoom_Goes_Boom|May 1st - CoinRoom Goes Boom - $Unknown (Poland)]]

=== April 2019 ===
[[BitFinex_and_Crypto_Capital|Apr 26th - BitFinex and Crypto Capital - $880m (Hong Kong)]]

[[Bittrex_AT%26T_Gregg_Bennett_SIM_Swap|Apr 15th - Bittrex AT&T Gregg Bennett SIM Swap - $507k (United States)]]

[[Coinbene_Hack_Cover-Up|Apr 1st - Coinbene Hack Cover-Up - $100m+ (International)]]

=== March 2019 ===
[[BiKi_Password_Tampering|Mar 26th - BiKi Password Tampering - $123k (Singapore)]]

[[DragonEx_Hacking_Theft|Mar 24th - DragonEx Hacking Theft - $7m (Singapore)]]

[[Etbox_Wallet_Hacked|Mar 24th - Etbox Wallet Hacked - $132k (Seychelles)]]

[[Bitcoin_Evolution_Celebrity_Impersonation_Ponzi|Mar 18th - Bitcoin Evolution Celebrity Impersonation Ponzi - $670m (Global)]]

[[Mercatox_EOS_Breach|Mar 15th - Mercatox EOS Breach - $Unknown (United Kingdom)]]

[[Bithumb_EOS/XRP_Hack|Mar 1st - Bithumb EOS/XRP Hack - $19.2m (South Korea)]]

[[Gatecoin_Enters_Liquidation|Mar 1st - Gatecoin Enters Liquidation - $Unknown (Hong Kong)]]

=== February 2019 ===
[[CoinBin_Declares_Bankruptcy|Feb 20th - CoinBin Declares Bankruptcy - $26m (South Korea)]]

[[Coinmama_User_Data_Breached|Feb 15th - Coinmama User Data Breached - $0k (Ireland)]]

[[QuadrigaCX_Bankruptcy|Feb 5th - QuadrigaCX Bankruptcy - $215m+ (Canada)]]

=== January 2019 ===
[[Liqui_Shuts_Down|Jan 28th - Liqui Shuts Down - $0k (Ukraine)]]

[[CoinZest_Accidental_Airdrop|Jan 23rd - CoinZest Accidental Airdrop - $5.3m (South Korea)]]

[[CryptoCashBack_Rewards_Program_Trojan|Jan 18th - CryptoCashBack Rewards Program Trojan - $85k (Global)]]

[[Komid_Fraudulent_Platform_Withdrawals|Jan 17th - Komid Fraudulent Platform Withdrawals - $Unknown (South Korea)]]

[[Cryptopia_Exchange_ERC20_Hack|Jan 14th - Cryptopia Exchange ERC20 Hack - $20.447m (New Zealand)]]

[[Coinbase_Halts_Ethereum_Classic_Trading|Jan 5th - Coinbase Halts Ethereum Classic Trading - $0k (United States)]]

[[Gate.io_Ethereum_Classic_51%_Attack|Jan 1st - Gate.io Ethereum Classic 51% Attack - $271k (Cayman Islands)]]

[[Bitrue_Ethereum_Classic_51%_Attack|Jan 1st - Bitrue Ethereum Classic 51% Attack - $14k (Taiwan/Singapore)]]

==2018==
=== December 2018 ===
[[Coinone_Unauthorized_Customer_Withdrawal|Dec 22nd - Coinone Unauthorized Customer Withdrawal - $48k (South Korea)]]

[[CoinFlux_CEO_Arrested|Dec 15th - CoinFlux CEO Arrested - $Unknown (Romania)]]

=== November 2018 ===
[[Gate.io_Crypto-Stealing_JavaScript|Nov 3rd - Gate.io Crypto-Stealing JavaScript - $Unknown (Marshall Islands)]]

[[Pure_Bit_Exit_Scam|Nov 1st - Pure Bit Exit Scam - $2.8m (South Korea)]]

=== October 2018 ===
[[AT%26T_Coinbase_Gemini_Sim_Swap_Apple's_Robert_Ross|Oct 26th - AT&T Coinbase Gemini Sim Swap Apple's Robert Ross - $1000k (United States)]]

[[Wirex_Account_Hacked_SambucciTony|Oct 17th - Wirex Account Hacked SambucciTony - $Unknown (Global)]]

[[Trade.io|Oct 1st - Trade.io - $8m (Switzerland)]]

[[MapleChange_Exchange_Hacked|Oct 1st - MapleChange Exchange Hacked - $6m (Canada)]]

=== September 2018 ===
[[Zaif_Hacking_Theft|Sep 1st - Zaif Hacking Theft - $60m (Japan)]]

=== July 2018 ===
[[WEX_Collapses|Jul 21st - WEX Collapses - $400m (Russia)]]

=== June 2018 ===
[[Huobi_Account_Breached_Despite_2FA_xemtime|Jun 22nd - Huobi Account Breached Despite 2FA xemtime - $16k (Global)]]

[[Zebpay_Shutdown_In_India|Jun 21st - Zebpay Shutdown In India - $0k (India)]]

[[Binance_Account_Hacked_BeanThe5th|Jun 9th - Binance Account Hacked BeanThe5th - $50k (Global)]]

[[Bithumb_Hacking|Jun 1st - Bithumb Hacking - $32m (South Korea)]]

[[CoinRail_Exchange_Hack|Jun 1st - CoinRail Exchange Hack - $40m (South Korea)]]

=== May 2018 ===
[[AT%26T_Employees_Rob_Seth_Shapiro|May 16th - AT&T Employees Rob Seth Shapiro - $1.8m (Global)]]

[[Binance_Bitcoin_Gold_51%_Attack|May 11th - Binance Bitcoin Gold 51% Attack - $Unknown (Cayman Islands)]]

[[Bithumb_Bitcoin_Gold_51%_Attack|May 11th - Bithumb Bitcoin Gold 51% Attack - $Unknown (South Korea)]]

[[Bitinka_Bitcoin_Gold_51%_Attack|May 11th - Bitinka Bitcoin Gold 51% Attack - $Unknown (Peru)]]

[[Bitfinex_Bitcoin_Gold_51%_Attack|May 11th - Bitfinex Bitcoin Gold 51% Attack - $Unknown (Hong Kong)]]

[[Bittrex_Bitcoin_Gold_Double-Spend|May 1st - Bittrex Bitcoin Gold Double-Spend - $255k+ (Liechtenstein)]]

=== April 2018 ===
[[CoinSecure_Exchange_Hack|Apr 1st - CoinSecure Exchange Hack - $3.3m (India)]]

=== March 2018 ===
[[Coinnest_Platform_CEO_Embezzlement|Mar 15th - Coinnest Platform CEO Embezzlement - $940k (South Korea)]]

[[Binance_Phishing_Campaign|Mar 7th - Binance Phishing Campaign - $8.8m (Singapore)]]

=== February 2018 ===
[[BitGrail_NANO_Hack|Feb 1st - BitGrail NANO Hack - $170m (Italy)]]

=== January 2018 ===
[[USI_Tech_Ponzi_Scheme|Jan 18th - USI Tech Ponzi Scheme - $13.3m+ (Global)]]

[[Unknown_Sim_Swapping_Michael_Terpin|Jan 7th - Unknown Sim Swapping Michael Terpin - $24m (United States)]]

[[CoinsMarkets_Exit_Scam|Jan 5th - CoinsMarkets Exit Scam - $Unknown (Cyprus)]]

[[Canadian_Bitcoins_Robbery|Jan 1st - Canadian Bitcoins Robbery - $0k (Canada)]]

[[Coincheck_NEM_Token_Hack|Jan 1st - Coincheck NEM Token Hack - $530m (Japan)]]

==2017==
=== December 2017 ===
[[BitKRX_Exit_Scam|Dec 25th - BitKRX Exit Scam - $Unknown (South Korea)]]

[[Chain.group_Ponzi_Scheme|Dec 14th - Chain.group Ponzi Scheme - $Unknown (Global)]]

[[Youbit_Exchange_Hack|Dec 1st - Youbit Exchange Hack - $2.65m (South Korea)]]

[[NiceHash_Exchange_Hack|Dec 1st - NiceHash Exchange Hack - $64m (Slovenia)]]

=== November 2017 ===
[[Tether_USDT_Token_Theft|Nov 19th - Tether USDT Token Theft - $30.95m (Global)]]

[[Optioment_Bitcoin_Ponzi_Scheme|Nov 7th - Optioment Bitcoin Ponzi Scheme - $136.313m (Global)]]

[[Exchange_Account_Drained_TMobile_Sim_Swap_Carlos_Tapang|Nov 7th - Exchange Account Drained TMobile Sim Swap Carlos Tapang - $12k (Global)]]

[[Hexabot.top_High_Yield_Investment_Scheme|Nov 4th - Hexabot.top High Yield Investment Scheme - $Unknown (Global)]]

=== September 2017 ===
[[Bitfinex_Phishing_Website|Sep 19th - Bitfinex Phishing Website - $Unknown (Global)]]

=== August 2017 ===
[[Bittrex_Spoofed_Website_Hack_GodOfWhatevers|Aug 26th - Bittrex Spoofed Website Hack GodOfWhatevers - $100k (Liechtenstein)]]

[[Kraken_ETH_SIM_Swap_Jeremiah_Nichol|Aug 17th - Kraken ETH SIM Swap Jeremiah Nichol - $12k (United States)]]

=== July 2017 ===
[[BTC-e_Assets_Seized_By_US_Authorities|Jul 25th - BTC-e Assets Seized By US Authorities - $990m+ (Russia)]]

[[Centra_Tech_Fake_Debit_Card|Jul 25th - Centra Tech Fake Debit Card - $25m (United States)]]

[[Coindash_ICO_Theft|Jul 17th - Coindash ICO Theft - $7.4m (Global)]]

[[Unknown_Ripple_Exchange_Phishing_Scam|Jul 14th - Unknown Ripple Exchange Phishing Scam - $800k (Global)]]

=== June 2017 ===
[[GladiaCoin_Multi-Level_Marketing_Scheme_Collapses|Jun 11th - GladiaCoin Multi-Level Marketing Scheme Collapses - $Unknown (Global)]]

[[Bithumb_Privacy/Phishing_Hack|Jun 1st - Bithumb Privacy/Phishing Hack - $31m (China)]]

[[QuadrigaCX_Contract_Error|Jun 1st - QuadrigaCX Contract Error - $14.7m (Canada)]]

=== April 2017 ===
[[Yapizon_Exchange_Hack|Apr 1st - Yapizon Exchange Hack - $5.3m (South Korea)]]

==2016==
=== October 2016 ===
[[Bitcurex_Exchange_Hack|Oct 13th - Bitcurex Exchange Hack - $1.5m (Poland)]]

=== August 2016 ===
[[Bitfinex_Security_Breach|Aug 3rd - Bitfinex Security Breach - $72m (Hong Kong)]]

=== May 2016 ===
[[Gatecoin_Hack|May 1st - Gatecoin Hack - $2.5m (Hong Kong)]]

=== March 2016 ===
[[CoinTrader/NewNote_Shuts_Down|Mar 1st - CoinTrader/NewNote Shuts Down - $1.5m? (Canada)]]

=== January 2016 ===
[[Cryptsy_Withdrawals_Closed/Bankruptcy|Jan 15th - Cryptsy Withdrawals Closed/Bankruptcy - $4.291m (United States)]]

==2015==
=== December 2015 ===
[[Ripple_Trade_Shut_Down|Dec 15th - Ripple Trade Shut Down - $0k (Global)]]

=== September 2015 ===
[[My_Big_Coin_Fraudulent_Service|Sep 3rd - My Big Coin Fraudulent Service - $6m (United States)]]

=== May 2015 ===
[[Bitfinex_Hot_Wallet_Hack|May 22nd - Bitfinex Hot Wallet Hack - $356k (Hong Kong)]]

=== March 2015 ===
[[Ripple_Trade_Japan_Fraud|Mar 3rd - Ripple Trade Japan Fraud - $1000k (Japan)]]

[[Coinapult_Hot_Wallet_Hack|Mar 1st - Coinapult Hot Wallet Hack - $43k (Panama)]]

[[AllCrypt_WordPress_Exploit_Theft|Mar 1st - AllCrypt WordPress Exploit Theft - $12k (Unknown)]]

=== February 2015 ===
[[BTER_Bitcoin_Heist|Feb 15th - BTER Bitcoin Heist - $1.75m (China)]]

[[Kipcoin_Exchange_Hack|Feb 1st - Kipcoin Exchange Hack - $690k (China)]]

[[MyCoin_Exchange_Bankruptcy|Feb 1st - MyCoin Exchange Bankruptcy - $387m (Hong Kong)]]

=== January 2015 ===
[[796_Exchange_Hack|Jan 27th - 796 Exchange Hack - $230k (China)]]

[[Bitstamp_Hot_Wallet_Hack|Jan 3rd - Bitstamp Hot Wallet Hack - $5.1m (Luxembourg)]]

==2014==
=== October 2014 ===
[[BTC-e_Data_Leak|Oct 15th - BTC-e Data Leak - $0k (Russia)]]

[[Ripple_Trade_Ripple_and_Stellar_Hacking|Oct 8th - Ripple Trade Ripple and Stellar Hacking - $0k (Global)]]

[[JustCoin_Exchange_Ripple_and_Stellar_Hacking|Oct 8th - JustCoin Exchange Ripple and Stellar Hacking - $150k (Norway)]]

[[Mintpal_Exchange_Exit_Scam|Oct 1st - Mintpal Exchange Exit Scam - $1.3m (United Kingdom)]]

=== August 2014 ===
[[BTER_NXT_Token_Theft|Aug 15th - BTER NXT Token Theft - $1.65m (China)]]

[[BitNZ_MailJet_Hack|Aug 1st - BitNZ MailJet Hack - $23k (New Zealand)]]

=== July 2014 ===
[[Cryptsy_Exchange_Hack|Jul 29th - Cryptsy Exchange Hack - $8.516m (United States)]]

[[MintPal_Vericoin_Hack/Rollback|Jul 13th - MintPal Vericoin Hack/Rollback - $2m (United Kingdom)]]

[[Bitcoins_Reserve_Social_Engineering|Jul 4th - Bitcoins Reserve Social Engineering - $63k (Australia)]]

=== March 2014 ===
[[Flexcoin_Hot_Wallet_Hack|Mar 2nd - Flexcoin Hot Wallet Hack - $600k (Canada)]]

[[Bitcurex_Targeted_by_Hacking|Mar 1st - Bitcurex Targeted by Hacking - $844k (Poland)]]

[[CryptoRush_Hack|Mar 1st - CryptoRush Hack - $800k (United States)]]

[[Poloniex_Withdrawal_Hack|Mar 1st - Poloniex Withdrawal Hack - $65k (United States)]]

=== February 2014 ===
[[Mt._Gox_Halts_Trade_Over_Major_Hack|Feb 1st - Mt. Gox Halts Trade Over Major Hack - $300m (Japan)]]

==2013==
=== December 2013 ===
[[Intersango_Exit_Scam|Dec 1st - Intersango Exit Scam - $14k+ (United Kingdom)]]

=== November 2013 ===
[[Sheep_Marketplace_Bitcoin_Theft|Nov 21st - Sheep Marketplace Bitcoin Theft - $5.823m (Czech Republic)]]

[[Inputs.io_Additional_Lish_Attack|Nov 7th - Inputs.io Additional Lish Attack - $57k (Australia)]]

[[BIPS_Wallet_Service|Nov 1st - BIPS Wallet Service - $650k (Denmark)]]

[[Czech_Bitcash.cz_Hacked|Nov 1st - Czech Bitcash.cz Hacked - $200k (Czech Republic)]]

[[Bidextreme.pl_Exchange_Hacked|Nov 1st - Bidextreme.pl Exchange Hacked - $Unknown (Poland)]]

[[Picostocks_“Cold_Wallet”_Hack|Nov 1st - Picostocks “Cold Wallet” Hack - $6m (Marshall Islands)]]

=== October 2013 ===
[[Input.io_“Wallet”_Hack|Oct 23rd - Input.io “Wallet” Hack - $1.267m (Australia)]]

[[Inputs.io_API_Compromised|Oct 23rd - Inputs.io API Compromised - $Unknown (Australia)]]

[[GBL_Exchange_Exit_Scam|Oct 1st - GBL Exchange Exit Scam - $4.1m (China)]]

[[Canadian_Bitcoins_Social_Engineering_Theft|Oct 1st - Canadian Bitcoins Social Engineering Theft - $100k (Canada)]]

=== September 2013 ===
[[CoinLenders_Platform_Closes_With_Funds|Sep 23rd - CoinLenders Platform Closes With Funds - $869k (Australia)]]

=== August 2013 ===
[[Inputs.io_Phishing_Attack|Aug 24th - Inputs.io Phishing Attack - $Unknown (Australia)]]

=== July 2013 ===
[[WeExchange_Ripple_Gateway_Hacked|Jul 15th - WeExchange Ripple Gateway Hacked - $590k (Australia)]]

[[Mt._Gox_User_champbronc2_Hacked|Jul 12th - Mt. Gox User champbronc2 Hacked - $2k (Global)]]

[[Bitfunder_and_WeExchange_Hack|Jul 1st - Bitfunder and WeExchange Hack - $788k (United States)]]

=== May 2013 ===
[[Vircurex_Second_Exchange_Hack|May 10th - Vircurex Second Exchange Hack - $341k (Unknown)]]

=== March 2013 ===
[[Mercado_Bitcoin|Mar 1st - Mercado Bitcoin - $101k (Brazil)]]

=== February 2013 ===
[[Bit_LC_Theft|Feb 1st - Bit LC Theft - $51k (Panama)]]

=== January 2013 ===
[[Vircurex_Exchange_Hack|Jan 1st - Vircurex Exchange Hack - $50m (Germany)]]

==2012==
=== December 2012 ===
[[BitMarket.eu_Custodian_Failure|Dec 1st - BitMarket.eu Custodian Failure - $400k (Poland)]]

=== September 2012 ===
[[Bitfloor_Exchange_Hack|Sep 1st - Bitfloor Exchange Hack - $240k (United States)]]

=== August 2012 ===
[[Kronos.io_Pre-Launch_Bitcoin_Heist|Aug 1st - Kronos.io Pre-Launch Bitcoin Heist - $43k (Italy)]]

=== July 2012 ===
[[BTC-e_Hack|Jul 1st - BTC-e Hack - $42k (Russia)]]

[[Bitcoinica_Another_Hot_Wallet_Hack|Jul 1st - Bitcoinica Another Hot Wallet Hack - $305k (New Zealand)]]

=== June 2012 ===
[[CryptoXChange_Withdrawal_Refused|Jun 7th - CryptoXChange Withdrawal Refused - $115k (Australia)]]

=== May 2012 ===
[[World_Bitcoin_Exchange|May 1st - World Bitcoin Exchange - $25k (Australia)]]

[[Bitcoinica_Hot_Wallet_Hack|May 1st - Bitcoinica Hot Wallet Hack - $91k (New Zealand)]]

=== March 2012 ===
[[Bitcoinica_Linode_Web_Host_Hack|Mar 1st - Bitcoinica Linode Web Host Hack - $228k (New Zealand)]]

==2011==
=== October 2011 ===
[[Mt._Gox_Coins_Destroyed|Oct 28th - Mt. Gox Coins Destroyed - $8k (Japan)]]

[[Bitcoin7_Exchange_Hack/Fraud|Oct 1st - Bitcoin7 Exchange Hack/Fraud - $50k (Unknown)]]

=== July 2011 ===
[[MyBitcoin_Exchange_Hack/Fraud|Jul 29th - MyBitcoin Exchange Hack/Fraud - $1.082m (Unknown)]]

[[Bitomat_Exchange_Wallet.dat_File_Deleted|Jul 1st - Bitomat Exchange Wallet.dat File Deleted - $220k (Poland)]]

=== June 2011 ===
[[MyBitcoin_Username/Password_Breach|Jun 20th - MyBitcoin Username/Password Breach - $72k (Unknown)]]

[[Mt._Gox_Auditor_Theft|Jun 19th - Mt. Gox Auditor Theft - $47k (Japan)]]

All Smart Contract Cases

2025-08-27T21:46:38Z

Azoundria:

Global List of All Cases

2025-08-27T21:46:27Z

Azoundria:

{{Template:Automated List}}

==2025==
=== August 2025 ===
[[HMS_HMagician_Smart_Contract_Burn_Mechanism_Exploited|Aug 24th - HMS HMagician Smart Contract Burn Mechanism Exploited - $95k (Global)]]

[[ABCCApp_USDT_Overclaim_addFixedDay_Access_Control_Missing|Aug 23rd - ABCCApp USDT Overclaim addFixedDay Access Control Missing - $10k (Global)]]

[[Equilibria_Finance_Reward_Mechanism_stk-ePendle_Balance_Hack|Aug 23rd - Equilibria Finance Reward Mechanism stk-ePendle Balance Hack - $63k (Global)]]

[[ShibaSwap_Treasure_Finder_Convert()_EOA_Restriction_Bypass|Aug 22nd - ShibaSwap Treasure Finder Convert() EOA Restriction Bypass - $27k (Global)]]

[[Missing_Access_Control_in_uniswapV3SwapCallback_Function|Aug 20th - Missing Access Control in uniswapV3SwapCallback Function - $40k (Global)]]

[[BNB_Token_Drain_After_Granting_Multicall3_Contract_Approval|Aug 20th - BNB Token Drain After Granting Multicall3 Contract Approval - $36k (Global)]]

[[Coinbase_MainnetSettler_Approve_Bug_Hold_Token_Theft_2|Aug 13th - Coinbase MainnetSettler Approve Bug Hold Token Theft 2 - $300k (United States)]]

[[GrizziFi_milestoneReward_Mechanism_collectRefBonus_Exploit|Aug 13th - GrizziFi milestoneReward Mechanism collectRefBonus Exploit - $61k (Global)]]

[[WXC_Token_Smart_Contract_Token_Burn_Mechanism_Triggered|Aug 10th - WXC Token Smart Contract Token Burn Mechanism Triggered - $31k (Global)]]

=== July 2025 ===
[[SuperRare_updateMerkleRoot_Backwards_Permission_Check_Logic|Jul 28th - SuperRare updateMerkleRoot Backwards Permission Check Logic - $730k (Global)]]

[[imToken_Third_Party_Selling_Pre-Initialized_Secure_Cold_Wallet|Jul 26th - imToken Third Party Selling Pre-Initialized Secure Cold Wallet - $512k (Global)]]

[[WOO_X_Targeted_Development_Environment_Phishing_Attack_Theft|Jul 23rd - WOO X Targeted Development Environment Phishing Attack Theft - $14m (Global)]]

[[Unverified_BSC_Contract_Access_Control_Swap_Vulnerability|Jul 23rd - Unverified BSC Contract Access Control Swap Vulnerability - $612k (Global)]]

[[Stepp2p_Binance_Smart_Chain_Smart_Contract_Exploit_Drain|Jul 19th - Stepp2p Binance Smart Chain Smart Contract Exploit Drain - $44k (Global)]]

[[Swapp_Protocol_Old_Ethereum_Staking_Smart_Contract_Drained|Jul 19th - Swapp Protocol Old Ethereum Staking Smart Contract Drained - $32k (Global)]]

[[CoinDCX_Sophisticated_Server_Breach_Precise_Cross-Chain_Heist|Jul 18th - CoinDCX Sophisticated Server Breach Precise Cross-Chain Heist - $44.3m (India)]]

[[VDS_V-Dimension_BEP20_Smart_Contract_Business_Logic_Flaw|Jul 16th - VDS V-Dimension BEP20 Smart Contract Business Logic Flaw - $13k (Global)]]

[[BigONE_Control_Logic_Changed_To_Withdraw_Customer_Funds|Jul 15th - BigONE Control Logic Changed To Withdraw Customer Funds - $27m (Global)]]

[[Arcadia_Finance_Rebalancer_swapData_Delegated_Power_Abuse|Jul 14th - Arcadia Finance Rebalancer swapData Delegated Power Abuse - $3.6m (Global)]]

[[Plasma_Network_USDT0_Liquidity_Pool_Twitter/X_Takeover|Jul 11th - Plasma Network USDT0 Liquidity Pool Twitter/X Takeover - $Unknown (Global)]]

[[Kinto_Token_Hidden_Off-Network_Proxy_Initialization_Exploit|Jul 9th - Kinto Token Hidden Off-Network Proxy Initialization Exploit - $1.55m (Global)]]

[[GMX_V1_Cross-Contract_Re-Entrancy_Flash_Loan_Attack|Jul 9th - GMX V1 Cross-Contract Re-Entrancy Flash Loan Attack - $40m (Global)]]

[[Texture_Finance_Vault_Rebalance_Missing_Ownership_Check_Theft|Jul 9th - Texture Finance Vault Rebalance Missing Ownership Check Theft - $2.2m (Global)]]

[[Peapods_Finance_aspLONGsUSDe_Price_Manipulation_Attack|Jul 8th - Peapods Finance aspLONGsUSDe Price Manipulation Attack - $200k (Global)]]

[[ERC1967Proxy_Upgrade_0x03b79c24_Function_Access_Control|Jul 5th - ERC1967Proxy Upgrade 0x03b79c24 Function Access Control - $286k (Global)]]

[[Synthetix_Twitter/X_Hacked_Many_Wallets_Phished_Drained|Jul 5th - Synthetix Twitter/X Hacked Many Wallets Phished Drained - $Unknown (Global)]]

[[RANT_Token_Flawed_Contract_Sell_Burn_Liquidity_Pair_Logic|Jul 5th - RANT Token Flawed Contract Sell Burn Liquidity Pair Logic - $204k (Global)]]

[[Future_Protocol_FPC_Token_Burn_Sandwich_Attack_Drain|Jul 2nd - Future Protocol FPC Token Burn Sandwich Attack Drain - $4.7m (Global)]]

=== June 2025 ===
[[Stead_Token_Smart_Contract_Lacks_Proper_Access_Control|Jun 29th - Stead Token Smart Contract Lacks Proper Access Control - $15k (Global)]]

[[PANews_Airdrop_Twitter/X_Account_Hacked|Jun 26th - PANews Airdrop Twitter/X Account Hacked - $Unknown (Global)]]

[[Favrr_Market_Insider_Technical_Issue_During_DEX_Listing|Jun 26th - Favrr Market Insider Technical Issue During DEX Listing - $Unknown (Global)]]

[[Resupply_Finance_Vaults_Classic_ERC4626_Donation_Disaster|Jun 25th - Resupply Finance Vaults Classic ERC4626 Donation Disaster - $9.8m (Global)]]

[[Silo_Finance_Silo_Labs_Pre-Release_Leverage_Contract_Exploit|Jun 25th - Silo Finance Silo Labs Pre-Release Leverage Contract Exploit - $542k (Global)]]

[[MEV_Bot_Fallback_Function_Arbitrary_Call_Vulnerability_Attack|Jun 24th - MEV Bot Fallback Function Arbitrary Call Vulnerability Attack - $2m (Global)]]

[[Rowan_Energy_Blockchain_Closes_Amid_Fraud_Allegations|Jun 24th - Rowan Energy Blockchain Closes Amid Fraud Allegations - $Unknown (Global)]]

[[CoinTelegraph_Website_CTG_Fair_Token_Airdrop_Phishing|Jun 22nd - CoinTelegraph Website CTG Fair Token Airdrop Phishing - $Unknown (Global)]]

[[Infrared_Finance_Copycat_On_Base_Access_Control_Drain_Issue|Jun 22nd - Infrared Finance Copycat On Base Access Control Drain Issue - $43k (Global)]]

[[Hacken_$HAI_Token_Minting_Hyperinflation_Private_Key_Breach|Jun 20th - Hacken $HAI Token Minting Hyperinflation Private Key Breach - $253k (Global)]]

[[CoinMarketCap_Front-End_Compromise_Connect_Wallet_Phishing|Jun 20th - CoinMarketCap Front-End Compromise Connect Wallet Phishing - $22k (Global)]]

[[TokenVault_Old_Smart_Contract_Exploited_Similarly_To_Bankroll|Jun 20th - TokenVault Old Smart Contract Exploited Similarly To Bankroll - $16k (Global)]]

[[Abstract_Chain_Posts_$ABS_Solana_Token_Hacked_Twitter/X|Jun 19th - Abstract Chain Posts $ABS Solana Token Hacked Twitter/X - $Unknown (Global)]]

[[Bankroll_Network_Legacy_Contract_Unlimited_Permissions_Drain|Jun 18th - Bankroll Network Legacy Contract Unlimited Permissions Drain - $65k (Global)]]

[[A16Z_Fake_Solana_Token_Launch_On_Compromised_Twitter/X|Jun 18th - A16Z Fake Solana Token Launch On Compromised Twitter/X - $Unknown (Global)]]

[[ChainSaw_NFT_Replicandy_Peplicator_HEDZ_ZOGZ_Rug_Pull|Jun 17th - ChainSaw NFT Replicandy Peplicator HEDZ ZOGZ Rug Pull - $Unknown (Global)]]

[[Nobitex_Hot_Wallet_Funds_Burned_In_Politically_Motivated_Attack|Jun 17th - Nobitex Hot Wallet Funds Burned In Politically Motivated Attack - $81.7m (Iran)]]

[[Meta_Pool_ERC-4626_mpETH_Mint_Without_ETH_Flaw_Exploited|Jun 17th - Meta Pool ERC-4626 mpETH Mint Without ETH Flaw Exploited - $142k (Global)]]

[[Ledger_Bought_From_Seller_On_Douyin_Results_In_Massive_Theft|Jun 13th - Ledger Bought From Seller On Douyin Results In Massive Theft - $6.5m (Global)]]

[[Echo_Protocol_Malware_Install_Telegram_Verify_Bot_Phishing|Jun 13th - Echo Protocol Malware Install Telegram Verify Bot Phishing - $Unknown (Global)]]

[[Ether_Finance_Discord_Season_5_Rewards_Phishing_Links|Jun 6th - Ether Finance Discord Season 5 Rewards Phishing Links - $Unknown (Global)]]

[[Alex_Lab_Vault_Permission_Flaw_Labubu_Token_Transfer_Drain|Jun 6th - Alex Lab Vault Permission Flaw Labubu Token Transfer Drain - $16.18m (Global)]]

[[Mehdi_Farooq_Alex_Lin_Zoom_Phishing_Drains_Life_Savings|Jun 3rd - Mehdi Farooq Alex Lin Zoom Phishing Drains Life Savings - $Unknown (Global)]]

[[Nervos_Network_Force_Bridge_Drained_Shortly_After_Sunset|Jun 1st - Nervos Network Force Bridge Drained Shortly After Sunset - $3.76m (Global)]]

=== May 2025 ===
[[MegaETH_Nigga_Coin_Launch_After_Twitter/X_Account_Hack|May 31st - MegaETH Nigga Coin Launch After Twitter/X Account Hack - $Unknown (Global)]]

[[Malda_Protocol_Migrator_Contract_Fake_Comptroller_Drain|May 30th - Malda Protocol Migrator Contract Fake Comptroller Drain - $285k (Global)]]

[[Signature_Checker_Fake_Wallet_Address_Security_Tool|May 29th - Signature Checker Fake Wallet Address Security Tool - $Unknown (Global)]]

[[Osiris_Malicious_Browser_Extension_Malware_Link_Swap|May 28th - Osiris Malicious Browser Extension Malware Link Swap - $Unknown (Global)]]

[[Cork_Protocol_Market_Manipulation_and_Liquidity_Exploit|May 28th - Cork Protocol Market Manipulation and Liquidity Exploit - $12.053m (Global)]]

[[Usual_Money_USDS_Sync_Vault_Pricing_Arbitrage_Exploit|May 27th - Usual Money USDS Sync Vault Pricing Arbitrage Exploit - $43k (Global)]]

[[Ethereum_ZeroTransfer_Address_Pollution_Phishing_Twice|May 25th - Ethereum ZeroTransfer Address Pollution Phishing Twice - $2.598m (Global)]]

[[YDT_Yellow_Duck_Token_proxyTransfer_Backdoor_Exploited|May 25th - YDT Yellow Duck Token proxyTransfer Backdoor Exploited - $41k (Global)]]

[[DAOSquare_Treasury_RICE_Exploit_Theft_New_Token_Recovery|May 24th - DAOSquare Treasury RICE Exploit Theft New Token Recovery - $88k (Global)]]

[[KRC_Smart_Contract_Deflationary_Mechanism_Burn_Exploit|May 23rd - KRC Smart Contract Deflationary Mechanism Burn Exploit - $37k (Global)]]

[[Ethereum_EIP_7702_Malicious_Wallet_Draining_Phishing_Attack|May 23rd - Ethereum EIP 7702 Malicious Wallet Draining Phishing Attack - $147k (Global)]]

[[Vesu_Lending_Protocol_Critical_Liquidation_Logic_Rounding_Error|May 22nd - Vesu Lending Protocol Critical Liquidation Logic Rounding Error - $0k (Global)]]

[[Cetus_Protocol_Shift_Left_Overflow_Vulnerability_Exploit_Drain|May 22nd - Cetus Protocol Shift Left Overflow Vulnerability Exploit Drain - $223m (Global)]]

[[Nexo_Smart_Contract_Exploited_By_Fake_Uniswap_V3_Pool|May 21st - Nexo Smart Contract Exploited By Fake Uniswap V3 Pool - $145k (Global)]]

[[IRYS_AI_Programmable_Blockchain_Revolution_Backdoor_Rug_Pull|May 20th - IRYS AI Programmable Blockchain Revolution Backdoor Rug Pull - $70k (Global)]]

[[Sheffield_United_Solana_Token_Barry_Bannan_Bash_Hack|May 19th - Sheffield United Solana Token Barry Bannan Bash Hack - $Unknown (Global)]]

[[Ledger_English_Teacher_encrcne_BTC_ETH_Savings_Stolen|May 18th - Ledger English Teacher encrcne BTC ETH Savings Stolen - $7k (Canada)]]

[[Demex_Nitron_Lending_Market_Oracle_Manipulation_Exploit|May 15th - Demex Nitron Lending Market Oracle Manipulation Exploit - $951k (Global)]]

[[MapleStory_Universe_NXPC_PancakeSwap_Arbitrage_Opportunity|May 14th - MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity - $1.2m (Global)]]

[[Zunami_Protocol_Compromised_Admin_All_Collateral_Drained|May 14th - Zunami Protocol Compromised Admin All Collateral Drained - $500k (Global)]]

[[MOne_Meta_Pro_App_Allows_Anyone_To_Unwrap_Their_ETH|May 14th - MOne Meta Pro App Allows Anyone To Unwrap Their ETH - $26k (Global)]]

[[ZKSync_and_The_Matter_Labs_Twitter/X_Hack_Airdrop_Scam|May 12th - ZKSync and The Matter Labs Twitter/X Hack Airdrop Scam - $Unknown (Global)]]

[[Curve_Finance_Curve.Fi_DNS_Hijack_Malicious_Frontend|May 12th - Curve Finance Curve.Fi DNS Hijack Malicious Frontend - $Unknown (Global)]]

[[AIBlockmind_Block_DevManage_Set_Using_Official_Private_Key|May 12th - AIBlockmind Block DevManage Set Using Official Private Key - $266k (Global)]]

[[X3_Unverified_BSC_Smart_Contract_Suspicious_Attack_Transaction|May 11th - X3 Unverified BSC Smart Contract Suspicious Attack Transaction - $131k (Global)]]

[[Mobius_DAO_WBNB_Deposit_Price_Miscalculation_Drain|May 11th - Mobius DAO WBNB Deposit Price Miscalculation Drain - $2.157m (Global)]]

[[CoinTelegraph_Twitter/X_Phish_TELE_Fake_Token_Launch|May 9th - CoinTelegraph Twitter/X Phish TELE Fake Token Launch - $Unknown (Global)]]

[[LotteryTicket50_Smart_Contract_Nalakuvara_Tokens_Frained|May 9th - LotteryTicket50 Smart Contract Nalakuvara Tokens Frained - $106k (Global)]]

[[LND_Finance_DPRK_Worker_Upgrades_Contract_Drains_Funds|May 8th - LND Finance DPRK Worker Upgrades Contract Drains Funds - $1.27m (Global)]]

[[BitoPro_Multiple_Hot_Wallets_Drained_During_System_Upgrade|May 8th - BitoPro Multiple Hot Wallets Drained During System Upgrade - $11.5m (Taiwan)]]

[[Curve_Finance_Fake_Airdrop_After_Twitter/X_Compromise|May 5th - Curve Finance Fake Airdrop After Twitter/X Compromise - $0k (Global)]]

[[Tron_DAO_Fake_Token_Twitter/X_Account_Compromised|May 2nd - Tron DAO Fake Token Twitter/X Account Compromised - $45k (Global)]]

=== April 2025 ===
[[Hyperliquid_Season_2_Final_Phase_Twitter/X_Compromised|Apr 30th - Hyperliquid Season 2 Final Phase Twitter/X Compromised - $Unknown (Global)]]

[[QuantMaster_Employee_Blames_Smart_Contract_Drain_On_AI|Apr 27th - QuantMaster Employee Blames Smart Contract Drain On AI - $Unknown (Global)]]

[[Aventa_Project_IntelliQuant_Reward_Claim_Flash_Loan_Attack|Apr 27th - Aventa Project IntelliQuant Reward Claim Flash Loan Attack - $8k (Global)]]

[[LIFE_Protocol_Price_Not_Updated_When_Sold_Price_Manipulation|Apr 26th - LIFE Protocol Price Not Updated When Sold Price Manipulation - $51k (Global)]]

[[Loopscale_Spoofed_RateX_Integration_Unauthorized_Loans|Apr 26th - Loopscale Spoofed RateX Integration Unauthorized Loans - $5.893m (Global)]]

[[Term_Finance_tETH_Decimal_Precision_Mismatch_Liquidations|Apr 26th - Term Finance tETH Decimal Precision Mismatch Liquidations - $1.5m (Global)]]

[[Impermax_Finance_V3_Flash_Loan_Fee_Valuation_Flaw_Exploited|Apr 26th - Impermax Finance V3 Flash Loan Fee Valuation Flaw Exploited - $300k (Global)]]

[[ACB_Staking_Reward_Manipulation_Spot_Price_Oracle_Exploit|Apr 23rd - ACB Staking Reward Manipulation Spot Price Oracle Exploit - $84k (Global)]]

[[Zora_BaseSettler_BaseSettlerMetaTxn_Mistakenly_Claimable|Apr 22nd - Zora BaseSettler BaseSettlerMetaTxn Mistakenly Claimable - $141k (Global)]]

[[Numa_Money_Major_Collateral_Loss_Flash_Loan_Price_Manipulation|Apr 18th - Numa Money Collateral Loss via Flash Loan Price Manipulation - $530k (Global)]]

[[BTNFT_Contract_BTT_Rewards_Not_Validating_NFT_Ownership|Apr 18th - BTNFT Contract BTT Rewards Not Validating NFT Ownership - $19k (Global)]]

[[YB_Token_Sandwich_Attack_Due_To_No_Slippage_Protection|Apr 16th - YB Token Sandwich Attack Due To No Slippage Protection - $15k (Global)]]

[[DIN_Twitter/X_Account_Wallet_Drainer_Phishing_Website|Apr 16th - DIN Twitter/X Account Wallet Drainer Phishing Website - $Unknown (Global)]]

[[R0AR_Ecosystem_Insider_Breach_Malicious_Contract_Deployment|Apr 15th - R0AR Ecosystem Insider Breach Malicious Contract Deployment - $780k (Global)]]

[[KiloEx_Public_Price_Oracle_Access_Control_Vulnerability|Apr 14th - KiloEx Public Price Oracle Access Control Vulnerability - $7.492m (Global)]]

[[Marinade_Finance_Reversed_Staking_Protocol_Reward_Logic|Apr 14th - Marinade Finance Reversed Staking Protocol Reward Logic - $5m (Global)]]

[[ZKSync_Unauthorized_Airdrop_Minting_Private_Key_Leakage|Apr 13th - ZKSync Unauthorized Airdrop Minting Private Key Leakage - $5m (Global)]]

[[LibertyCoin_LibertyLife_LibertyUseCase_Price_Manipulation_Attack|Apr 12th - LibertyCoin LibertyLife LibertyUseCase Price Manipulation Attack - $77k (Global)]]

[[Sola_Unverified_Contract_withdrawToken_Lacking_Access_Control|Apr 12th - Sola Unverified Contract withdrawToken Lacking Access Control - $28k (Global)]]

[[Unknown_Contract_uniswapV3SwapCallback_Lacks_Access_Control|Apr 11th - Unknown Contract uniswapV3SwapCallback Lacks Access Control - $62k (Global)]]

[[Morpho_Labs_Bundler3_Misconfiguration_Drains_User_Wallet|Apr 10th - Morpho Labs Bundler3 Misconfiguration Drains User Wallet - $2.601m (Global)]]

[[Emblem_Vault_Jake_Gallen_Goopdate_Malware_Via_Zoom_Call|Apr 9th - Emblem Vault Jake Gallen Goopdate Malware Via Zoom Call - $100k (Global)]]

[[poofknuckle_Ancient_Ethereum_Mixing_Test_Contract_Exploited|Apr 8th - poofknuckle Ancient Ethereum Mixing Test Contract Exploited - $3k (Global)]]

[[Next_Earth_Polygon_Smart_Contract_Reentrancy_Attack|Apr 7th - Next Earth Polygon Smart Contract Reentrancy Attack - $17k (Global)]]

[[MEV_Bot_Tricked_And_Drained_By_Dummy_Token_Swap|Apr 7th - MEV Bot Tricked And Drained By Dummy Token Swap - $210k (Global)]]

[[Mochi_DeFi_Contract_Multiple_Transactions_Suspicious_Attack|Apr 6th - Mochi DeFi Contract Multiple Transactions Suspicious Attack - $49k (Global)]]

[[AIRWA_Access_Control_Public_Burn_Rate_Function_Exploited|Apr 3rd - AIRWA Access Control Public Burn Rate Function Exploited - $34k (Global)]]

[[OPC_Token_Flawed_Sell_Burn_Mechanism_Price_Logic_Exploited|Apr 1st - OPC Token Flawed Sell Burn Mechanism Price Logic Exploited - $108k (Global)]]

[[UPCX_Suspends_Trading_After_Significant_Unauthorized_Activity|Apr 1st - UPCX Suspends Trading After Significant Unauthorized Activity - $0k (Global)]]

=== March 2025 ===
[[SIR_Trading_Transient_Caller_Vulnerable_Vault_Contract|Mar 30th - SIR Trading Transient Caller Vulnerable Vault Contract - $355k (Global)]]

[[Alkimiya_SilicaPools_uint128_Truncation_Unsafe_Downcasting|Mar 28th - Alkimiya SilicaPools uint128 Truncation Unsafe Downcasting - $100k (Global)]]

[[Min_Token_Multi-Level_Marketing_Referral_Logic_Bug_Exploited|Mar 27th - Min Token Multi-Level Marketing Referral Logic Bug Exploited - $21k (Global)]]

[[Abracadabra_Money_Deposit_Fail_Self-Liquidate_Vulnerability|Mar 25th - Abracadabra Money Deposit Fail Self-Liquidate Vulnerability - $12.944m (Global)]]

[[Zoth_ZeUSD_Malicious_Proxy_Upgrade_via_Deployer_Exploit|Mar 21st - Zoth ZeUSD Malicious Proxy Upgrade via Deployer Exploit - $8.512m (Global)]]

[[Watcher.guru_Twitter/X_Compromise_XRP_Price_Manipulation|Mar 20th - Watcher.guru Twitter/X Compromise XRP Price Manipulation - $0k (Global)]]

[[Voltage_Finance_Malicious_Developer_Simple_Staking_Exploit|Mar 17th - Voltage Finance Malicious Developer Simple Staking Exploit - $322k (Global)]]

[[Four.meme_Liquidity_Theft_via_Pre-Launch_Restriction_Bypass|Mar 17th - Four.meme Liquidity Theft via Pre-Launch Restriction Bypass - $130k (Global)]]

[[Kaito_AI_and_Yu_Hu_Twitter/X_Compromised_Short_Selling|Mar 15th - Kaito AI and Yu Hu Twitter/X Compromised Short Selling - $Unknown (Global)]]

[[Berally_Price_Crash_Deployer_Private_Key_Leakage|Mar 14th - Berally Price Crash Deployer Private Key Leakage - $87k (Global)]]

[[1Inch_Resolve_Order_Suffix_Integer_Overflow_Vulnerability|Mar 5th - 1Inch Resolve Order Suffix Integer Overflow Vulnerability - $5m (Global)]]

[[Jupiter_Exchange_WereMeow_Account_Compromise|Mar 5th - Jupiter Exchange WereMeow Account Compromise - $Unknown (Global)]]

[[Pond.fun_Chief_Software_Engineer_Genesis_Drained_Ethereum|Mar 4th - Pond.fun Chief Software Engineer Genesis Drained Ethereum - $230k (Global)]]

[[Zoth_mintWithStable_Loan_To_Value_Logic_Flaw_Exploited|Mar 1st - Zoth mintWithStable Loan To Value Logic Flaw Exploited - $285k (Global)]]

=== February 2025 ===
[[Wemix_Network_Breach_by_Nile_Authentication_Key_Compromise|Feb 28th - Wemix Network Breach by Nile Authentication Key Compromise - $6.22m (Global)]]

[[Suji_Yan_Mask_Network_Founder_Mobile_Wallet_Birthday_Theft|Feb 27th - Suji Yan Mask Network Founder Mobile Wallet Birthday Theft - $3.733m (Global)]]

[[Pump.Fun_$PUMP_Token_From_Twitter/X_Account_Breach|Feb 26th - Pump.Fun $PUMP Token From Twitter/X Account Breach - $100k (Global)]]

[[Infini_Money_Anonymous_Developer_Backdoor_Vault_Theft|Feb 23rd - Infini Money Anonymous Developer Backdoor Vault Theft - $49.517m (Global)]]

[[ByBit_Multi-Sig_Cold_Wallet_Not_Cold_Or_Multi-Sig|Feb 21st - ByBit Multi-Sig Cold Wallet Not Cold Or Multi-Sig - $1.436173b (Global)]]

[[Cardex_Wallets_Drained_Compromised_Private_Session_Key|Feb 17th - Cardex Wallets Drained Compromised Private Session Key - $400k (Global)]]

[[Ai16z_ElizaOS_Founder_Shaw_Twitter/X_Wallet_Drain_Phish|Feb 16th - Ai16z ElizaOS Founder Shaw Twitter/X Wallet Drain Phish - $Unknown (Global)]]

[[ZKLend_Lending_Accumulator_Precision_Loss_Manipulation|Feb 11th - ZKLend Lending Accumulator Precision Loss Manipulation - $9.57m (Global)]]

[[Four.Meme_Extreme_Pricing_Pools_Business_Logic_Flaw|Feb 10th - Four.Meme Extreme Pricing Pools Business Logic Flaw - $183k (Global)]]

[[CashVerse_BNB_To_AdaCash_DepositBNB_Sandwich_Attack|Feb 7th - CashVerse BNB To AdaCash DepositBNB Sandwich Attack - $108k (Global)]]

[[BankX_XSD_BurnPoolXSD_Re-Entry_Vulnerability_Exploited_2|Feb 6th - BankX XSD BurnPoolXSD Re-Entry Vulnerability Exploited 2 - $43k (Global)]]

[[JupiterDAO_$MEOW_Token_Rug_Pull_Jokes_From_Twitter/X|Feb 5th - JupiterDAO $MEOW Token Rug Pull Jokes From Twitter/X - $Unknown (Global)]]

[[Mohammed_Dewji_$TANZANIA_Token_Rug_Pull_On_Twitter/X|Feb 5th - Mohammed Dewji $TANZANIA Token Rug Pull On Twitter/X - $1.48m (Global)]]

[[Dr_Mahathir_Mohamad_MALAYSIA_Twitter/X_Rug_Pull|Feb 5th - Dr Mahathir Mohamad MALAYSIA Twitter/X Rug Pull - $Unknown (Malaysia)]]

[[Ionic_Money_Fake_LBTC_Collateral_Social_Engineering|Feb 4th - Ionic Money Fake LBTC Collateral Social Engineering - $8.807m (Global)]]

[[Xeggex_Exchange_Collapses|Feb 3rd - Xeggex Exchange Collapses After Suspicious Withdrawals - $Unknown (Global)]]

=== January 2025 ===
[[Time_Magazine_TIME_Token_Rug_Pull_Via_Official_Twitter/X|Jan 30th - Time Magazine TIME Token Rug Pull Via Official Twitter/X - $Unknown (Global)]]

[[Tor_Project_$TOR_Token_Rug_Pull_Twitter/X_Compromise|Jan 30th - Tor Project $TOR Token Rug Pull Twitter/X Compromise - $Unknown (Global)]]

[[Dean_Norris_$DEAN_Token_Sophisticated_Deepfakes_On_Twitter/X|Jan 25th - Dean Norris $DEAN Token Sophisticated Deepfakes On Twitter/X - $7m (Global)]]

[[Jair_Messias_Bolsonaro_Brazil_Token_Launch_Via_Twitter/X|Jan 23rd - Jair Messias Bolsonaro Brazil Token Launch Via Twitter/X - $1.3m (Global)]]

[[ODOS_Protocol_Audited_Executor_Validation_Vulnerability|Jan 23rd - ODOS Protocol Audited Executor Validation Vulnerability - $50k (Global)]]

[[Phemex_Hot_Wallet_Access_Control_Vulnerability|Jan 23rd - Phemex Hot Wallet Access Control Vulnerability - $69.089m (Global)]]

[[Nasdaq_Stonks_Token_Rug_Pull_Turns_Into_Community_CTO|Jan 22nd - Nasdaq Stonks Token Rug Pull Turns Into Community CTO - $Unknown (Global)]]

[[AST_Token_Incorrect_Transfer_Logic_When_Removing_Liquidity|Jan 21st - AST Token Incorrect Transfer Logic When Removing Liquidity - $65k (Global)]]

[[AdsPower_Browser_Extension_Code_Injection_Supply_Chain_Attack|Jan 21st - AdsPower Browser Extension Code Injection Supply Chain Attack - $4.7m (Global)]]

[[Ledger_Cofounder_David_Balland_And_Wife_Kidnapped_Extortion|Jan 21st - Ledger Cofounder David Balland And Wife Kidnapped Extortion - $100k (Global)]]

[[MetaMask_Co-Founder_Dan_Finlay_$FINN_Farcaster_Launch|Jan 20th - MetaMask Co-Founder Dan Finlay $FINN Farcaster Launch - $Unknown (Global)]]

[[Stability_AI_STAI_Token_Rug_Pull_Twitter/X_Compromised|Jan 15th - Stability AI STAI Token Rug Pull Twitter/X Compromised - $Unknown (Global)]]

[[ZKsync_Ignite_Airdrop_Phishing_Twitter/X_Compromised|Jan 15th - ZKsync Ignite Airdrop Phishing Twitter/X Compromised - $Unknown (Global)]]

[[DAWN_Internet_Twitter/X_Account_Token_Phishing_Attacks|Jan 14th - DAWN Internet Twitter/X Account Token Phishing Attacks - $Unknown (Global)]]

[[The_Idols_NFT_Self_Reflection_Rewards_Vulnerability|Jan 14th - The Idols NFT Self Reflection Rewards Vulnerability - $324k (Global)]]

[[Mosca_Exit_Program_Double_Withdrawal_Exploit_2|Jan 12th - Mosca Exit Program Double Withdrawal Exploit 2 - $38k (Global)]]

[[Moonray_MNRY_Airdrop_Phishing_Discord_Compromised|Jan 12th - Moonray MNRY Airdrop Phishing Discord Compromised - $Unknown (Global)]]

[[Ryan_Zarick_LayerZero_Token/Airdrop_Twitter/X_Phishing|Jan 12th - Ryan Zarick LayerZero Token/Airdrop Twitter/X Phishing - $Unknown (Global)]]

[[UniLend_Redeem_Underlying_Missing_Health_Factor_Check_Exploit|Jan 12th - UniLend Redeem Underlying Missing Health Factor Check Exploit - $198k (Global)]]

[[BUIDL_BSC_Transfer_Burn_Smart_Contract_Vulnerability|Jan 12th - BUIDL BSC Transfer Burn Smart Contract Vulnerability - $8k (Global)]]

[[Litecoin_On_Solana_Token_Twitter/X_Account_Compromise|Jan 11th - Litecoin On Solana Token Twitter/X Account Compromise - $27k (Global)]]

[[Foresight_Ventures_MingAI_Other_Tokens_Twitter/X_Phishing|Jan 11th - Foresight Ventures MingAI Other Tokens Twitter/X Phishing - $Unknown (Global)]]

[[Aizel_Network_EVA_AI_Token_Rug_Pull_Twitter/X_Phished|Jan 10th - Aizel Network EVA AI Token Rug Pull Twitter/X Phished - $Unknown (Global)]]

[[SuperVerse_Fraudulent_Airdrop_Twitter/X_Compromise|Jan 10th - SuperVerse Fraudulent Airdrop Twitter/X Compromise - $Unknown (Global)]]

[[FortuneWheel_swapProfitFees_Access_Control_Issue|Jan 10th - FortuneWheel swapProfitFees Access Control Issue - $22k (Global)]]

[[Usual_Money_USD0++_Depegging_When_Backing_Removed|Jan 9th - Usual Money USD0++ Depegging When Backing Removed - $Unknown (Global)]]

[[Holoworld_AI_Distribution_Phases_Twitter/X_Hack_Phishing|Jan 9th - Holoworld AI Distribution Phases Twitter/X Hack Phishing - $Unknown (Global)]]

[[Alien_Base_Compound_Liquidity_Yield_Collection_Issue|Jan 9th - Alien Base Compound Liquidity Yield Collection Issue - $38k (Global)]]

[[Horse_Coin_(HORS)_Smart_Contract_Exploited|Jan 8th - Horse Coin (HORS) Smart Contract Exploited - $10k (Global)]]

[[Moby_Trade_Private_Key_Compromised_Whitehat_Rescue|Jan 8th - Moby Trade Private Key Compromised Whitehat Rescue - $2.473m (Global)]]

[[Virtuals_Protocol_Fake_Tokens_Discord_Account_Compromise|Jan 8th - Virtuals Protocol Fake Tokens Discord Account Compromise - $Unknown (Global)]]

[[Orange_Finance_Smart_Contract_Private_Key_Compromised|Jan 7th - Orange Finance Smart Contract Private Key Compromised - $844k (Global)]]

[[IPC_Token_TransferTime_Swap_Contract_Vulnerability|Jan 7th - IPC Token TransferTime Swap Contract Vulnerability - $592k (Global)]]

[[Mosca_Exit_Program_Double_Withdrawal_Exploit_1|Jan 5th - Mosca Exit Program Double Withdrawal Exploit 1 - $20k (Global)]]

[[Centrifuge_$YUMI_AI_Token_Twitter/X_Compromise|Jan 4th - Centrifuge $YUMI AI Token Twitter/X Compromise - $Unknown (Global)]]

[[Solv_Protocol_New_Token_Twitter/X_Account_Phishing|Jan 4th - Solv Protocol New Token Twitter/X Account Phishing - $Unknown (Global)]]

[[Sorra_Contract_Flawed_Reward_Logic_Exploited|Jan 4th - Sorra Contract Flawed Reward Logic Exploited - $43k (Global)]]

[[Babylon_Labs_Phishing_Twitter/X_Account_Compromise|Jan 3rd - Babylon Labs Phishing Twitter/X Account Compromise - $0k (Global)]]

[[Scope_Protocol_(0xScope)_Twitter/X_Scope_Token_Launch|Jan 3rd - Scope Protocol (0xScope) Twitter/X Scope Token Launch - $Unknown (Global)]]

[[NoOnes_Solana_Bridge_Exploit_Hot_Wallets_Drained|Jan 1st - NoOnes Solana Bridge Exploit Hot Wallets Drained - $7.9m (Global)]]

[[Laura_AI_Token_Remove_Liquidity_When_K_Increases_Exploit|Jan 1st - Laura AI Token Remove Liquidity When K Increases Exploit - $48k (Global)]]

==2024==
=== December 2024 ===
[[Superchain_Ecosystem_Twitter/X_Optimism/Base_Airdrop|Dec 30th - Superchain Ecosystem Twitter/X Optimism/Base Airdrop - $Unknown (Global)]]

[[Standing_on_Bizness_(BIZNESS)_SplitLock_Reentrancy_Attack|Dec 27th - Standing on Bizness (BIZNESS) SplitLock Reentrancy Attack - $16k (Global)]]

[[Coinbase_Support_Data_Breach_Sophisticated_Phishing|Dec 26th - Coinbase Support Data Breach Sophisticated Phishing - $180m (United States)]]

[[Yat_Siu_$MOCA_Launch_From_Twitter/X_Account_Compromise|Dec 25th - Yat Siu $MOCA Launch Via Twitter/X Account Compromise - $Unknown (Global)]]

[[Moonhacker_Moonwell_Vault_Unprotected_ExecuteOperation_Call|Dec 23rd - Moonhacker Moonwell Vault Unprotected ExecuteOperation Call - $320k (Global)]]

[[Vivek_Ramaswamy_Usual_Money_Partnership_Twitter/X_Post|Dec 19th - Vivek Ramaswamy Usual Money Partnership Twitter/X Post - $Unknown (Global)]]

[[zkPass_ZKP_Airdrop_Phishing_Via_Hacked_Twitter/X_Account|Dec 19th - zkPass ZKP Airdrop Phishing Via Hacked Twitter/X Account - $Unknown (Global)]]

[[Slurpycoin_Buyback_Mechanism_Sandwich_Arbitrage_Exploit|Dec 18th - Slurpycoin Buyback Mechanism Sandwich Arbitrage Exploit - $3k (Global)]]

[[HarryPotterObamaSonic10Inu_Liquidity_Removal_Price_Manipulation|Dec 17th - HarryPotterObamaSonic10Inu Liquidity Access Vulnerability - $243k (Global)]]

[[Anthropic_Twitter/X_Compromise_Venti_Pump_And_Dump|Dec 17th - Anthropic Twitter/X Compromise Venti Pump And Dump - $100k (Global)]]

[[GemPad_Reentrancy_Exploit_In_Lock_Contract|Dec 16th - GemPad Reentrancy Exploit In Lock Contract - $2.2m (Global)]]

[[BTC24H_Claim_System_Contract_Missing_Eligibility_Check|Dec 16th - BTC24H Claim System Contract Missing Eligibility Check - $86k (Global)]]

[[Decentralized_Finance_(DCF)_Flash_Loan_Price_Manipulation_Attack|Dec 15th - Decentralized Finance (DCF) Flash Loan Price Manipulation Attack - $9k (Global)]]

[[CAT_Protocol_Unauthorized_Token_Creation_Exploit|Dec 15th - CAT Protocol Unauthorized Token Creation Exploit - $Unknown (Global)]]

[[Drake_$ANITA_Token_Promotion_Twitter/X_Compromise|Dec 14th - Drake $ANITA Token Promotion Twitter/X Compromise - $Unknown (Global)]]

[[JHY_Token_Dividend_Tracker_Contract_Vulnerability|Dec 13th - JHY Token Dividend Tracker Contract Vulnerability - $12k (Global)]]

[[Haven_Protocol_Shuts_Down_After_Range_Proof_Vulnerability|Dec 12th - Haven Protocol Shuts Down After Range Proof Vulnerability - $6.097m (Global)]]

[[EVMInk_BNBS_Contract_Remove_Liquidity_Reentrancy_Attack|Dec 11th - EVMInk BNBS Contract Remove Liquidity Reentrancy Attack - $20k (Global)]]

[[LABUBU_Smart_Contract_Self-Transfer_Vulnerability|Dec 10th - LABUBU Smart Contract Self-Transfer Vulnerability - $12k (Global)]]

[[Clober_DEX_Unguarded_Burn_Function_Reentrancy|Dec 10th - Clober DEX Unguarded Burn Function Reentrancy - $486k (Global)]]

[[Cardano_Foundation_Twitter/X_Account_Compromised|Dec 8th - Cardano Foundation Twitter/X Account Compromised - $Unknown (Global)]]

[[MAAT_Protocol_Share_Conversion_Rounding_Error|Dec 6th - MAAT Protocol Share Conversion Rounding Error - $33k (Global)]]

[[Arata_AGI_Ecosystem_Market_Maker_Wallet_Compromised|Dec 5th - Arata AGI Ecosystem Market Maker Wallet Compromised - $400k (Global)]]

[[Feed_Every_Gorilla_(FEG)_SmartDeFi_Wormhole_Bridge_Exploit|Dec 5th - Feed Every Gorilla (FEG) SmartDeFi Wormhole Bridge Exploit - $1000k (Global)]]

[[VestraDAO_Locked_Staking_User_Still_Marked_Active|Dec 4th - VestraDAO Locked Staking User Still Marked Active - $480k (Global)]]

[[RunWay_(BYC)_Burn_Function_Lacks_Access_Control|Dec 2nd - RunWay (BYC) Burn Function Lacks Access Control - $102k (Global)]]

[[GAGAW_Contract_Flawed_Token_Transfer_Logic_Exploited|Dec 2nd - GAGAW Contract Flawed Token Transfer Logic Exploited - $70k (Global)]]

[[BasedBrett_Solana_Brett_Token_Rug_Pulls_Via_Twitter/X|Dec 1st - BasedBrett Solana Brett Token Rug Pulls Via Twitter/X - $18k (Global)]]

[[DeBox_Social_External_EOA_Wallet_Private_Key_Leak|Dec 1st - DeBox Social External EOA Wallet Private Key Leak - $275k (Global)]]

=== November 2024 ===
[[Clipper_Exchange_Asset_Deposit/Withdrawal_Manipulation|Nov 30th - Clipper Exchange Asset Deposit/Withdrawal Manipulation - $458k (Global)]]

[[Spectral_Syntax_V2_Unintended_Infinite_Approval_Oversight|Nov 30th - Spectral Syntax V2 Unintended Infinite Approval Oversight - $250k (Global)]]

[[XT.com_Exchange_Hot_Wallet_Breach|Nov 27th - XT.com Exchange Hot Wallet Breach - $1.7m (Global)]]

[[Pump.Science_Urolithin_B_Token_Github_Compromised_Key|Nov 25th - Pump.Science Urolithin B Token Github Compromised Key - $Unknown (Global)]]

[[DCF_Transfer_Logic_Implementation_Error_Flash_Loan_Exploit|Nov 24th - DCF Transfer Logic Implementation Error Flash Loan Exploit - $442k (Global)]]

[[AkashaLife/AK1111_Free_Public_Minting_Vulnerability|Nov 23rd - AkashaLife/AK1111 Free Public Minting Vulnerability - $32k (Global)]]

[[Sweepr_Token_Smart_Contract_Public_Emergency_Withdraw|Nov 22nd - Sweepr Token Smart Contract Public Emergency Withdraw - $14k (Global)]]

[[JRNY_Crypto_Theft_Private_Key_Leakage|Nov 22nd - JRNY Crypto Theft Private Key Leakage - $4m (Global)]]

[[Matez_Gaming_Token_Smart_Contract_Integer_Truncation|Nov 21st - Matez Gaming Token Smart Contract Integer Truncation - $80k (Global)]]

[[Coinbase_MainnetSettler_Approval_Issue_Hold_Token_Theft_1|Nov 20th - Coinbase MainnetSettler Approval Issue Hold Token Theft 1 - $66k (United States)]]

[[BSCGem_Smart_Contract_Inflation_Function_Exploited|Nov 20th - BSCGem Smart Contract Inflation Function Exploited - $17k (Global)]]

[[MFT_Token_Contract_Flawed_Transfer_Logic|Nov 17th - MFT Token Contract Flawed Transfer Logic - $34k (Global)]]

[[Polter_Finance_Unaudited_Contract_Price_Manipulation|Nov 16th - Polter Finance Unaudited Contract Price Manipulation - $8.7m (Global)]]

[[Giggle_Academy_Fake_Token_X_Account_Hack|Nov 15th - Giggle Academy Fake Token X Account Hack - $Unknown (Global)]]

[[DEXX_Web_Wallet_Private_Key_Leakage|Nov 15th - DEXX Web Wallet Private Key Leakage - $21m (Global)]]

[[GMGN.ai_Website_Malicious_Crawler_And_Flood_Attacks|Nov 15th - GMGN.ai Website Malicious Crawler And Flood Attacks - $Unknown (Global)]]

[[Thala_Labs_V1_Farming_Contract_Vulnerability|Nov 15th - Thala Labs V1 Farming Contract Vulnerability - $25.5m (Global)]]

[[vETH_VirtualToken_Lending_Mechanism_Price_Logic_Error|Nov 14th - vETH VirtualToken Lending Mechanism Price Logic Error - $450k (Global)]]

[[dogwifcoin_(WIF)_Twitter/X_Phishing_Attacks|Nov 13th - dogwifcoin (WIF) Twitter/X Phishing Attacks - $Unknown (Global)]]

[[DeltaPrime_Unchecked_Smart_Contract_Inputs|Nov 11th - DeltaPrime Unchecked Smart Contract Inputs - $4.85m (Global)]]

[[BGM_on_BSC_Batch_Transactions_Price_Manipulation_Exploit|Nov 10th - BGM on BSC Batch Transactions Price Manipulation Exploit - $450k (Global)]]

[[CoinPoker_Hot_Wallet_Third-party_Vulnerability|Nov 7th - CoinPoker Hot Wallet Third-party Vulnerability - $2m (Global)]]

[[Wiz_Khalifa_Twitter/X_Account_$WIZ_Token_Launch|Nov 3rd - Wiz Khalifa Twitter/X Account $WIZ Token Launch - $119k (Global)]]

[[MetaWin_Ethereum/Solana_Frictionless_Hot_Wallet_Exploit|Nov 3rd - MetaWin Ethereum/Solana Frictionless Hot Wallet Exploit - $4.4m (Global)]]

=== October 2024 ===
[[Shoebill_Finance_BTC_Market_Collateral_Oracle_Exploit|Oct 31st - Shoebill Finance BTC Market Collateral Oracle Exploit - $1.52m (Global)]]

[[M2_Exchange_Access_Control_Vulnerability|Oct 30th - M2 Exchange Access Control Vulnerability - $13.7m (United Arab Emirates)]]

[[1Inch_Exchange_DApp_Lottie_Player_Supply_Chain_Attack|Oct 30th - 1Inch Exchange DApp Lottie Player Supply Chain Attack - $723k (Global)]]

[[Sunray_Finance_Malicious_Upgrade_And_Token_Minting|Oct 29th - Sunray Finance Malicious Upgrade And Token Minting - $2.885m (Global)]]

[[Keystone_Hardware_Wallet_Twitter/X_Account_Phishing|Oct 29th - Keystone Hardware Wallet Twitter/X Account Phishing - $Unknown (Global)]]

[[Andy_Ayrey_Compromise_Infinite_Backrooms_Token_Launch|Oct 28th - Andy Ayrey Compromise Infinite Backrooms Token Launch - $602k (Global)]]

[[Essence_Finance_Chi_Stablecoin_Rug_Pull|Oct 25th - Essence Finance Chi Stablecoin Rug Pull - $20m (Global)]]

[[Aark_Digital_Incorrect_Balance_Update_Exploit|Oct 25th - Aark Digital Incorrect Balance Update Exploit - $1.9m (Global)]]

[[Base_Blockchain_Unverified_Compound_Fork_Lending_Exploited|Oct 24th - Base Blockchain Unverified Compound Fork Lending Exploited - $1000k (Global)]]

[[Bitfinex_Proceeds_US_Government_Controlled_Wallets_Breached|Oct 24th - Bitfinex Proceeds US Government Controlled Wallets Breached - $21.39m (Global)]]

[[Cryptobottle_Disabled_Swap_Balance_Check_Vulnerability|Oct 24th - Cryptobottle Disabled Swap Balance Check Vulnerability - $490k (Global)]]

[[Ramses_Exchange_Reward_Distribution_Logic_Vulnerability|Oct 23rd - Ramses Exchange Reward Distribution Logic Vulnerability - $93k (Global)]]

[[SHARPEI_Dispute_About_Public_Figure_Endorsement_Rug_Pull|Oct 23rd - SHARPEI Dispute About Public Figure Endorsement Rug Pull - $3.4m (Global)]]

[[Cryptobottle_CryptoCuvee_Instant_Extraction_Vulnerability|Oct 22nd - Cryptobottle CryptoCuvee Instant Extraction Vulnerability - $31k (Global)]]

[[MuratiAI_X_Account_Airdrop_Phishing_Wallet_Drain|Oct 20th - MuratiAI X Account Airdrop Phishing Wallet Drain - $Unknown (Global)]]

[[Transak_Data_Breach_Via_Stormous_Ransomware_Group|Oct 20th - Transak Data Breach Via Stormous Ransomware Group - $0k (Global)]]

[[Tapioca_DAO_Private_Key_Social_Engineering|Oct 18th - Tapioca DAO Private Key Social Engineering - $4.4m (Global)]]

[[Eigenlayer_Official_X_Account_Reallocation_Phishing|Oct 18th - Eigenlayer Official X Account Reallocation Phishing - $1000k (Global)]]

[[IBXtrade_/_Artic_Promoted_Platform_Rug_Pull|Oct 17th - IBXtrade / Artic Promoted Platform Rug Pull - $21.8m (Global)]]

[[Ambient_Finance_Frontend_DNS_Hijacking|Oct 17th - Ambient Finance Frontend DNS Hijacking - $Unknown (Global)]]

[[Lagrange_X_Account_Phishing_Fake_Token_Launch|Oct 16th - Lagrange X Account Phishing Fake Token Launch - $Unknown (Global)]]

[[Radiant_Capital_Gnosis_Safe_Wallet_Malware|Oct 16th - Radiant Capital Gnosis Safe Wallet Malware - $53m (Global)]]

[[Kabosumama_Instagram_Fake_Cat_Kai_Charity_Phishing|Oct 16th - Kabosumama Instagram Fake Cat Kai Charity Phishing - $Unknown (Global)]]

[[Zulu_Network_Official_X_Airdrop_Phishing|Oct 12th - Zulu Network Official X Airdrop Phishing - $Unknown (Global)]]

[[KOR_Protocol_Official_X_Account_Phishing|Oct 11th - KOR Protocol Official X Account Phishing - $Unknown (Global)]]

[[SPX6900_Official_X_Account_Fake_Token_Launch|Oct 10th - SPX6900 Official X Account Fake Token Launch - $Unknown (Global)]]

[[Ordinals_Wallet_X_Account_ORDI_Token_Phishing|Oct 10th - Ordinals Wallet X Account ORDI Token Phishing - $Unknown (Global)]]

[[HYDT_Protocol_Token_Price_Manipulation_Attack|Oct 9th - HYDT Protocol Token Price Manipulation Attack - $58k (Global)]]

[[Spot_On_Chain_X_Account_Compromise_Phishing|Oct 5th - Spot On Chain X Account Compromise Phishing - $Unknown (Global)]]

[[LEGO_Homepage_Fake_LEGO_Coin_Scam|Oct 4th - LEGO Homepage Fake LEGO Coin Scam - $Unknown (Global)]]

[[Symbiotic_Finance_Official_Twitter_Account_Phishing|Oct 4th - Symbiotic Finance Official Twitter Account Phishing - $Unknown (Global)]]

[[EigenLayer_Email_Phishing_Unauthorized_Transfer|Oct 4th - EigenLayer Email Phishing Unauthorized Transfer - $5.995m (Global)]]

[[Cryptobottle_WithdrawUserLiquidity_Missing_Access_Control|Oct 1st - Cryptobottle WithdrawUserLiquidity Missing Access Control - $6k (Global)]]

[[Fire_Token_Burn_Mechanism_Exploited|Oct 1st - Fire Token Burn Mechanism Exploited - $24k (Global)]]

=== September 2024 ===
[[Bedrock_SigmaSupplier_uniBTC_Forging_Exploit|Sep 26th - Bedrock SigmaSupplier uniBTC Forging Exploit - $2m (Global)]]

[[Onyx_Protocol_Low_Liquidity_NFTLiquidation_Vulnerability|Sep 26th - Onyx Protocol Low Liquidity NFTLiquidation Vulnerability - $3.8m (Global)]]

[[Truflation_TRUF_Token_Malware_Attack|Sep 25th - Truflation TRUF Token Malware Attack - $5m (Global)]]

[[ether.fi_Domain_Name_Failed_Takeover_Attempt|Sep 24th - ether.fi Domain Name Failed Takeover Attempt - $0k (Global)]]

[[Bankroll_Network_Token_Sale_Contract_Exploit|Sep 22nd - Bankroll Network Token Sale Contract Exploit - $230k (Global)]]

[[Immutable_Discord_Server_Account_Compromise|Sep 21st - Immutable Discord Server Account Compromise - $Unknown (Global)]]

[[Compound_Finance_Discord_Server_Phishing|Sep 21st - Compound Finance Discord Server Phishing - $Unknown (Global)]]

[[Shezmu_Unbacked_Collateral_Vulnerability|Sep 20th - Shezmu Unbacked Collateral Vulnerability - $4.9m (Global)]]

[[BingX_Massive_Hot_Wallet_Breach|Sep 19th - BingX Massive Hot Wallet Breach - $44.061m (Global)]]

[[DIN_Twitter_Account_Breach_Ransom_Attempt|Sep 19th - DIN Twitter Account Breach Ransom Attempt - $Unknown (Global)]]

[[Banana_Gun_Telegram_Bot_Wallets_Drained|Sep 19th - Banana Gun Telegram Bot Wallets Drained - $3m (Global)]]

[[Decentraland_Official_Twitter_Account_Compromise|Sep 18th - Decentraland Official Twitter Account Compromise - $Unknown (Global)]]

[[Ethena_Labs_Domain_Registrar_Account_Compromise|Sep 18th - Ethena Labs Domain Registrar Account Compromise - $Unknown (Global)]]

[[DeltaPrime_Arbitrum_Private_Key_Leaked|Sep 15th - DeltaPrime Arbitrum Private Key Leaked - $5.98m (Global)]]

[[BaseBros_Finance_Bridge_Audited_Rug_Pull|Sep 13th - BaseBros Finance Bridge Audited Rug Pull - $130k (Global)]]

[[OTSea_Gray_Hat_Group_Staking_ID_Hack|Sep 12th - OTSea Gray Hat Group Staking ID Hack - $26k (Global)]]

[[Omnipus_Presale_Contract_Vulnerability_Refund|Sep 11th - Omnipus Presale Contract Vulnerability Refund - $30k (Global)]]

[[Indodax_Withdrawal_System_Exploited|Sep 10th - Indodax Withdrawal System Exploited - $21.996m (Indonesia)]]

[[Caterpillar_Token_Flash_Loan_Smart_Contract_Drain|Sep 10th - Caterpillar Token Flash Loan Smart Contract Drain - $1.4m (Global)]]

[[Render_Network_Founder_Jules_Urbach_Twitter_Hacked|Sep 5th - Render Network Founder Jules Urbach Twitter Hacked - $Unknown (Global)]]

[[Fuel_Network_Official_Discord_Rewards_Distribution_Phish|Sep 5th - Fuel Network Official Discord Rewards Distribution Phish - $Unknown (Global)]]

[[NEAR_Protocol_Hacks_Their_Own_Twitter_Again|Sep 4th - NEAR Protocol Hacks Their Own Twitter Again - $0k (Global)]]

[[Jaylen_Brown_Twitter_Compromise_Token_Rug_Pull|Sep 3rd - Jaylen Brown Twitter Compromise Token Rug Pull - $Unknown (Global)]]

[[Penpie_Platform_Reward_Reentrancy_Exploit|Sep 3rd - Penpie Platform Reward Reentrancy Exploit - $27.348m (Global)]]

[[Sei_Network_Official_Discord_Phishing_Link|Sep 3rd - Sei Network Official Discord Phishing Link - $Unknown (Global)]]

[[ChainLink_Official_Discord_Phishing_Links|Sep 3rd - ChainLink Official Discord Phishing Links - $Unknown (Global)]]

[[Pythia_Finance_Staking_Contract_Vulnerability_And_Rug_Pull|Sep 2nd - Pythia Finance Staking Contract Vulnerability And Rug Pull - $53k (Global)]]

=== August 2024 ===
[[Usual_Money_Discord_Breach_Fake_Airdrop|Aug 30th - Usual Money Discord Breach Fake Airdrop - $Unknown (Global)]]

[[Powerledger_Telegram_Channel_Permanently_Lost|Aug 30th - Powerledger Telegram Channel Permanently Lost - $0k (Global)]]

[[Witness_Chain_Official_Discord_Hack_Phishing|Aug 30th - Witness Chain Official Discord Hack Phishing - $Unknown (Global)]]

[[Orderly_Network_Discord_Server_Compromised|Aug 29th - Orderly Network Discord Server Compromised - $Unknown (Global)]]

[[IO.net_Official_Discord_Phishing_Airdrop|Aug 28th - IO.net Official Discord Phishing Airdrop - $Unknown (Global)]]

[[Kylian_Mbappe_Twitter_Account_Compromise|Aug 28th - Kylian Mbappe Twitter Account Compromise - $200k (Global)]]

[[Aave_Periphery_Arbitrary_Call_Vulnerability|Aug 27th - Aave Periphery Arbitrary Call Vulnerability - $56k (Global)]]

[[1inch_Official_Discord_Phishing_Links|Aug 27th - 1inch Official Discord Phishing Links - $Unknown (Global)]]

[[ZkSync_Official_Discord_Compromise_Fake_Airdrop|Aug 25th - ZkSync Official Discord Compromise Fake Airdrop - $Unknown (Global)]]

[[Avalanche_Official_Discord_Compromise_Fake_Airdrop|Aug 25th - Avalanche Official Discord Compromise Fake Airdrop - $Unknown (Global)]]

[[Polygon_Discord_Compromise_Airdrop_Phishing|Aug 24th - Polygon Discord Compromise Airdrop Phishing - $154k (Global)]]

[[Artela_Discord_Compromise_Fake_Airdrop|Aug 23rd - Artela Discord Compromise Fake Airdrop - $Unknown (Global)]]

[[Aquarius_Capital_Twitter_Account_Compromise|Aug 23rd - Aquarius Capital Twitter Account Compromise - $Unknown (Global)]]

[[HFLH_Contract_Relaunched_Claimed_Vulnerability|Aug 22nd - HFLH Contract Relaunched Claimed Vulnerability - $Unknown (Global)]]

[[McDonald's_Instagram_Promotes_Grimace_Memecoin|Aug 21st - McDonald's Instagram Promotes Grimace Memecoin - $700k (Global)]]

[[Maker_DAO_Vault_Ownership_Transfer_Whale_Phishing|Aug 20th - Maker DAO Vault Ownership Transfer Whale Phishing - $55.474m (Global)]]

[[Parcl_Front-End_and_Twitter_Compromised_Phishing|Aug 19th - Parcl Front-End and Twitter Compromised Phishing - $60k (Global)]]

[[Sahara_AI_Official_Discord_Account_Compromised|Aug 19th - Sahara AI Official Discord Account Compromised - $Unknown (Global)]]

[[Avalanche's_Luigi_D'Onorio_DeMeo_Twitter_Hacked|Aug 18th - Avalanche's Luigi D'Onorio DeMeo Twitter Hacked - $Unknown (Global)]]

[[Bitcoin_Whale_4064_BTC_Fortune_Captured|Aug 18th - Bitcoin Whale 4064 BTC Fortune Captured - $237.701m (Global)]]

[[Vow_Currency_Rate_Adjustment_Exploited|Aug 13th - Vow Currency Rate Adjustment Exploited - $1.2m (Global)]]

[[iVest_DAO_Smart_Contract_Transfer_Vulnerability|Aug 11th - iVest DAO Smart Contract Transfer Vulnerability - $172k (Global)]]

[[RARI_Foundation_Discord_Hacked|Aug 8th - RARI Foundation Discord Hacked - $3k (Global)]]

[[Nexera_Private_Key_Compromise_Contract_Upgrade|Aug 6th - Nexera Private Key Compromise Contract Upgrade - $2.092m (Global)]]

[[OMPx_Application_Smart_Contract_Emptied|Aug 6th - OMPx Application Smart Contract Emptied - $11k (Global)]]

[[Ronin_Network_Initialization_Failure_White_Hack|Aug 6th - Ronin Network Initialization Failure White Hack - $11.823m (Global)]]

[[Starknet_Discord_Account_Compromise_Phishing|Aug 1st - Starknet Discord Account Compromise Phishing - $0k (Global)]]

[[Convergence_Finance_Reward_Distributor_Minting_Exploit|Aug 1st - Convergence Finance Reward Distributor Minting Exploit - $212k (Global)]]

=== July 2024 ===
[[Humanity_Protocol_Discord_Malicious_Links|Jul 30th - Humanity Protocol Discord Malicious Links - $Unknown (Global)]]

[[Terra_Money_IBC_Hook_Reentrancy_Vulnerability|Jul 30th - Terra Money IBC Hook Reentrancy Vulnerability - $5.28m (Global)]]

[[AstroPort_Malicious_CosmWasm_Reentrancy_Attack|Jul 30th - AstroPort Malicious CosmWasm Reentrancy Attack - $6.4m (Global)]]

[[Anzen_Finance_Smart_Contract_Decimal_Vulnerability|Jul 30th - Anzen Finance Smart Contract Decimal Vulnerability - $500k (Global)]]

[[Metis_Discord_Account_Compromise|Jul 30th - Metis Discord Account Compromise - $Unknown (Global)]]

[[Casper_Network_Uref_Bypass_Wallet_Draining|Jul 25th - Casper Network Uref Bypass Wallet Draining - $6.7m (Global)]]

[[SAT20_Labs_Twitter_Account_Compromise|Jul 25th - SAT20 Labs Twitter Account Compromise - $Unknown (Global)]]

[[Sorta_Finance_Exit_Scam_Rug_Pull|Jul 25th - Sorta Finance Exit Scam Rug Pull - $Unknown (Global)]]

[[TinTinLand_Twitter_Account_Compromise|Jul 25th - TinTinLand Twitter Account Compromise - $Unknown (Global)]]

[[MonoSwap_Malicious_Kakao_Call_Software|Jul 24th - MonoSwap Malicious Kakao Call Software - $1.3m (Global)]]

[[dYdX_Exchange_DNS_Hijacking_Attack|Jul 23rd - dYdX Exchange DNS Hijacking Attack - $31k (Global)]]

[[Spectra_Finance_Routing_Utility_Command_Exploit|Jul 23rd - Spectra Finance Routing Utility Command Exploit - $550k (Global)]]

[[Base_Dawgz_Fake_Token_Rug_Pull|Jul 23rd - Base Dawgz Fake Token Rug Pull - $113k (Global)]]

[[DeltaPrime_Smart_Contract_Vulnerability|Jul 22nd - DeltaPrime Smart Contract Vulnerability - $1000k (Global)]]

[[Kelp_DAO_DNS_Hijacking_Attack|Jul 22nd - Kelp DAO DNS Hijacking Attack - $Unknown (Global)]]

[[Renzo_Protocol_Discord_Account_Compromise|Jul 22nd - Renzo Protocol Discord Account Compromise - $Unknown (Global)]]

[[UtopiaSphere_Second_Flash_Loan_Exploit|Jul 21st - UtopiaSphere Second Flash Loan Exploit - $521k (Global)]]

[[ETHTrustFund_Silent_Developer_Rug_Pull|Jul 20th - ETHTrustFund Silent Developer Rug Pull - $2.1m (Global)]]

[[Rho_Markets_Price_Oracle_Misconfiguration|Jul 19th - Rho Markets Price Oracle Misconfiguration - $5.164m (Global)]]

[[WazirX_Multi-sig_Wallet_Breach|Jul 18th - WazirX Multi-sig Wallet Breach - $234.9m (Global)]]

[[LiFi_Protocol_Infinite_Approval_Facet_Swap_Exploit|Jul 16th - LiFi Protocol Infinite Approval Facet Swap Exploit - $9.73m (Global)]]

[[MALOU_(NEVER)_Memecoin_Rug_Pull|Jul 16th - MALOU (NEVER) Memecoin Rug Pull - $240k (Global)]]

[[ReHold_Renat_Gafarov_Smart_Contract_Withdrawal|Jul 15th - ReHold Renat Gafarov Smart Contract Withdrawal - $700k (Global)]]

[[Minterest_Flash_Loan_Reentrancy_Exploit|Jul 14th - Minterest Flash Loan Reentrancy Exploit - $1.4m (Global)]]

[[Ethena_Finance_Discord_Server_Account_Compromise|Jul 14th - Ethena Finance Discord Server Account Compromise - $Unknown (Global)]]

[[Dough_Finance_ConnectorDeleverageParaswap_Vulnerability|Jul 12th - Dough Finance ConnectorDeleverageParaswap Vulnerability - $1.81m (Global)]]

[[Unstoppable_Domains_SquareSpace_DNS_Hijacking|Jul 11th - Unstoppable Domains SquareSpace DNS Hijacking - $0k (Global)]]

[[Smart_Bank_Token_(SBT)_Contract_Drained|Jul 11th - Smart Bank Token (SBT) Contract Drained - $56k (Global)]]

[[Compound_Finance_Official_Website_DNS_Hijacking|Jul 11th - Compound Finance Official Website DNS Hijacking - $Unknown (Global)]]

[[OpSec_Staking_Security_Private_Key_Breach|Jul 10th - OpSec Staking Security Private Key Breach - $182k (Global)]]

[[Wasabi_Wallet_Coordinator_Overcharging_Fees|Jul 9th - Wasabi Wallet Coordinator Overcharging Fees - $Unknown (Global)]]

[[Wasabi_Wallet_Installer_Binary_Changed|Jul 9th - Wasabi Wallet Installer Binary Changed - $0k (Global)]]

[[Doja_Cat_Twitter_Account_Compromise|Jul 8th - Doja Cat Twitter Account Compromise - $500k (Global)]]

[[Linking_The_World_(LW)_Transfer_Logic_Issue|Jul 8th - Linking The World (LW) Transfer Logic Issue - $80k (Global)]]

[[Interlay_Official_Twitter_Account_Compromised|Jul 6th - Interlay Official Twitter Account Compromised - $Unknown (Global)]]

[[Bifrost_Private_Key_Treasury_Theft|Jul 6th - Bifrost Private Key Treasury Theft - $1.508m (Global)]]

[[BitTensor_Malicious_PyPi_Private_Key_Leak|Jul 2nd - BitTensor Malicious PyPi Private Key Leak - $8m (Global)]]

[[Sydney_Sweeney_Twitter_SWEENEY_Launch_Hack|Jul 2nd - Sydney Sweeney Twitter SWEENEY Launch Hack - $4m (Global)]]

[[MintRisesPrices_Reentrancy_Attack|Jul 2nd - MintRisesPrices (WMRP) Reentrancy Price Manipulation Attack - $59k (Global)]]

[[TRUMP_(MAGA)_Fake_Token_Rug_Pull|Jul 1st - TRUMP (MAGA) Fake Token Rug Pull - $958k (Global)]]

=== June 2024 ===
[[Pengfei.eth_Link_Phishing_Inferno_Drainer|Jun 30th - Pengfei.eth Link Phishing Inferno Drainer - $137k (Global)]]

[[Authy_Database_Phone_Numbers_Breached|Jun 27th - Authy Database Phone Numbers Breached - $0k (Global)]]

[[Cyber_Phishing_From_Discord_Server_Hack|Jun 26th - Cyber Phishing From Discord Server Hack - $Unknown (Global)]]

[[APEMAGA_Smart_Contract_Drained|Jun 26th - APEMAGA Smart Contract Drained - $32k (Global)]]

[[MetaMax_Arrests_Revenue_Payouts_Stop|Jun 25th - MetaMax Arrests Revenue Payouts Stop - $Unknown (Global)]]

[[Ethereum_Foundation_Mailing_List_Phishing|Jun 22nd - Ethereum Foundation Mailing List Phishing - $0k (Global)]]

[[MakerDAO_Delegate_aEthMKR_Pendle_USDe_Phishing_Attack|Jun 22nd - MakerDAO Delegate aEthMKR Pendle USDe Phishing Attack - $11m (Global)]]

[[CoinStats_AWS_Compromise_Wallets_Drained|Jun 22nd - CoinStats AWS Compromise Wallets Drained - $2m (Global)]]

[[BtcTurk_Hot_Wallet_Network_Attack|Jun 22nd - BtcTurk Hot Wallet Network Attack - $55m (Global)]]

[[50_Cent_Website_And_Twitter_Hack|Jun 21st - 50 Cent Website And Twitter Hack - $722k (Global)]]

[[ChainGPT_Fake_Token_Rug_Pull|Jun 20th - ChainGPT Fake Token Rug Pull - $20k (Global)]]

[[Farcana_Liquidity_Provider_Wallet_Breach|Jun 19th - Farcana Liquidity Provider Wallet Breach - $880k (Global)]]

[[Dyson_Money_Deprecated_Vault_Contract|Jun 17th - Dyson Money Deprecated Vault Contract - $0k (Global)]]

[[AutoChain_Global_Contract_Hacked|Jun 14th - AutoChain Global Contract Hacked - $113k (Global)]]

[[nftperp_Clearing_House_Critical_Bug|Jun 13th - nftperp Clearing House Critical Bug - $694k (Global)]]

[[Holograph_Rogue_Developer_Infinite_Minting|Jun 13th - Holograph Rogue Developer Infinite Minting - $14.4m (Global)]]

[[JokInTheBoxETH_Unstaking_Vulnerability|Jun 10th - JokInTheBoxETH Unstaking Vulnerability - $34k (Global)]]

[[YOLO_Games_Liquidity_exitPool_Check_Missing|Jun 10th - YOLO Games Liquidity exitPool Check Missing - $1.5m (Global)]]

[[UwULend_Oracle_Price_Manipulation|Jun 10th - UwULend Oracle Price Manipulation - $23m (Global)]]

[[Loopring_Official_Guardian_2FA_Vulnerability|Jun 8th - Loopring Official Guardian 2FA Vulnerability - $5m (Global)]]

[[Gemholic_Ecosystem_Rug_Pull|Jun 7th - Gemholic Ecosystem Rug Pull - $3.4m (Global)]]

[[SteamSwap_(STM)_Vulnerable_Reserve_Balance|Jun 6th - SteamSwap (STM) Vulnerable Reserve Balance - $106k (Global)]]

[[Kraken_Exploit_Found/Used_By_CertiK|Jun 5th - Kraken Exploit Found/Used By CertiK - $3m (United States)]]

[[USDT_ANDY_KARRAT_Smidge_Phishing_Inferno_Drainer|Jun 5th - USDT ANDY KARRAT Smidge Phishing Inferno Drainer - $65k (Global)]]

[[NCD_Token_Contract_Vulnerability|Jun 3rd - NCD Token Contract Vulnerability - $20k (Global)]]

[[Velocore_Faulty_Pool_Execution_Logic|Jun 1st - Velocore Faulty Pool Execution Logic - $6.8m (Global)]]

[[BitTensor_User_Wallet_TAO_Theft|Jun 1st - BitTensor User Wallet TAO Theft - $11.2m (Global)]]

[[TURBO_BOBO_GORILLA_Phishing_Inferno_Drainer|Jun 1st - TURBO BOBO GORILLA Phishing Inferno Drainer - $1.55m (Global)]]

=== May 2024 ===
[[TLN_Protocol_Contract_Vulnerability|May 31st - TLN Protocol Contract Vulnerability - $280k (Global)]]

[[MixedSwapRouter_Token_Transfer_Vulnerability|May 31st - MixedSwapRouter Token Transfer Vulnerability - $16k (Global)]]

[[Evolve_Bank_and_Trust_Massive_Data_Breach|May 31st - Evolve Bank and Trust Massive Data Breach - $0k (United States)]]

[[DMM_Bitcoin_Wallet_Emptied|May 30th - DMM Bitcoin Wallet Emptied - $308.949m (Global)]]

[[MetaDragon_NFT_Ownership_Check_Commented|May 29th - MetaDragon NFT Ownership Check Commented - $181k (Global)]]

[[EXcommunity_Smart_Contract_Vulnerability|May 28th - EXcommunity Smart Contract Vulnerability - $37k (Global)]]

[[Orion_Network_Set_Liability_Vulnerability|May 27th - Orion Network Set Liability Vulnerability - $616k (Global)]]

[[Based_Doge_Tax_Vulnerability_Exploited|May 27th - Based Doge Tax Vulnerability Exploited - $17k (Global)]]

[[RedKeysGame_Random_Number_Exploit|May 26th - RedKeysGame Random Number Exploit - $10k (Global)]]

[[Sandbox_Game_Nicola_Sebastiani_Twitter_Hacked|May 26th - Sandbox Game Nicola Sebastiani Twitter Hacked - $Unknown (Global)]]

[[Normie_Smart_Contract_Tax_Vulnerability|May 25th - Normie Smart Contract Tax Vulnerability - $490k (Global)]]

[[Rho_Markets_Twitter_Compromised|May 24th - Rho Markets Twitter Compromised - $Unknown (Global)]]

[[YESorNO_BNBChain_Contract_Vulnerability|May 22nd - YESorNO BNBChain Contract Vulnerability - $118k (Global)]]

[[TonUP_Smart_Contract_Configuration_Error|May 21st - TonUP Smart Contract Configuration Error - $108k (Global)]]

[[Gala_Games_Massive_Unauthorized_Mint|May 20th - Gala Games Massive Unauthorized Mint - $21.8m (Global)]]

[[Sonne_Finance_Refund_Phishing_Attack|May 18th - Sonne Finance Refund Phishing Attack - $Unknown (Global)]]

[[TCH_Token_Transaction_Signature_Malleability_Issue|May 16th - TCH Token Transaction Signature Malleability Issue - $18k (Global)]]

[[Notcoin_Fake_Ethereum_Token_Rug_Pull|May 16th - Notcoin Fake Ethereum Token Rug Pull - $281k (Global)]]

[[BlockTower_Capital_Hedge_Fund_Compromise|May 14th - BlockTower Capital Hedge Fund Compromise - $Unknown (United States)]]

[[Pump.Fun_Insider_Flash_Loan_Exploit|May 14th - Pump.Fun Insider Flash Loan Exploit - $1.9m (Global)]]

[[Sonne_Finance_Zero_Supply_Attack|May 14th - Sonne Finance Zero Supply Attack - $20m (Global)]]

[[Alex_Lab_Private_Key_Compromise|May 14th - Alex Lab Private Key Compromise - $4.3m (Global)]]

[[Predy_Finance_Contract_Callback_Vulnerability|May 14th - Predy Finance Contract Callback Vulnerability - $464k (Global)]]

[[Equalizer_Exchange_Domain_Hijacking|May 13th - Equalizer Exchange Domain Hijacking - $Unknown (Global)]]

[[PI_Network_On_Polygon_Rug_Pull|May 13th - PI Network On Polygon Rug Pull - $490k (Global)]]

[[Patton_Coin_Fake_Token_Rug_Pull|May 13th - Patton Coin Fake Token Rug Pull - $266k (Global)]]

[[Tsuru_On_Base_Contract_Vulnerability|May 10th - Tsuru On Base Contract Vulnerability - $410k (Global)]]

[[Galaxy_Fox_Token_Suspicious_Transaction|May 9th - Galaxy Fox Token Suspicious Transaction - $330k (Global)]]

[[Bloom_On_Blast_Update_Margin_Vulnerability|May 8th - Bloom On Blast Update Margin Vulnerability - $540k (Global)]]

[[Near_Protocol_Twitter_Hack_Publicity_Stunt|May 8th - Near Protocol Twitter Hack Publicity Stunt - $0k (Global)]]

[[GPU_Token_Transfer_Vulnerability|May 8th - GPU Token Transfer Vulnerability - $32k (Global)]]

[[Novamind_Second_Rug_Pull_Token_Dump|May 8th - Novamind Second Rug Pull Token Dump - $3k (Global)]]

[[Lifeform_Fake_Ethereum_Token_Rug|May 8th - Lifeform Fake Ethereum Token Rug - $243k (Global)]]

[[Perpy_Finance_Contract_Initialization_Issue|May 6th - Perpy Finance Contract Initialization Issue - $132k (Global)]]

[[OSN_Liquidity_Reward_Vulnerability|May 5th - OSN Liquidity Reward Vulnerability - $110k (Global)]]

[[GNUS.ai_Discord_Private_Keys_Exposed|May 5th - GNUS.ai Discord Private Keys Exposed - $1.27m (Global)]]

[[Wrapped_Bitcoin_Whale_Address_Poisoning_Attack|May 3rd - Wrapped Bitcoin Whale Address Poisoning Attack - $72.656m (Global)]]

[[Novamind_First_Rug_Pull_Token_Dump|May 1st - Novamind First Rug Pull Token Dump - $70k (Global)]]

[[Pike_Finance_Refund_Phishing_Attack|May 1st - Pike Finance Refund Phishing Attack - $Unknown (Global)]]

=== April 2024 ===
[[Pike_Finance_Variable_Storage_Vulnerability|Apr 30th - Pike Finance Variable Storage Vulnerability - $1.6m (Global)]]

[[Yield_Protocol_Balance_Supply_Discrepancy|Apr 29th - Yield Protocol Balance Supply Discrepancy - $181k (Global)]]

[[Dune_Analytics_Twitter_Phishing_Attack|Apr 29th - Dune Analytics Twitter Phishing Attack - $Unknown (Global)]]

[[Rain_Exchange_Large_Wallet_Breach|Apr 29th - Rain Exchange Large Wallet Breach - $14.8m (Global)]]

[[Ember_Sword_NFT_Contract_Vulnerability|Apr 27th - Ember Sword NFT Contract Vulnerability - $195k (Global)]]

[[XBank_Finance_Precision_Loss_Attack|Apr 27th - XBank Finance Precision Loss Attack - $550k (Global)]]

[[Pike_Finance_USDC_Withdrawal_Vulnerability|Apr 25th - Pike Finance USDC Withdrawal Vulnerability - $299k (Global)]]

[[FENGSHOU_(NGFS)_DelegateCallReserves_Attack|Apr 25th - FENGSHOU (NGFS) DelegateCallReserves Attack - $190k (Global)]]

[[IO.NET_Fake_Ethereum_Token|Apr 24th - IO.NET Fake Ethereum Token - $289k (Global)]]

[[Merlin_Chain_Discord_Hack|Apr 24th - Merlin Chain Discord Hack - $Unknown (Global)]]

[[XBridge_Suspicious_Transactions|Apr 24th - XBridge Suspicious Transactions - $1.011m (Global)]]

[[YIEDL_Smart_Contract_Redeem_Vulnerability|Apr 23rd - YIEDL Smart Contract Redeem Vulnerability - $157k (Global)]]

[[Safe_Global_Copycat_Token_Rug_Pull|Apr 23rd - Safe Global Copycat Token Rug Pull - $753k (Global)]]

[[Magpie_Protocol_Unchecked_Contract_Inputs|Apr 23rd - Magpie Protocol Unchecked Contract Inputs - $129k (Global)]]

[[Velvet_Capital_Front-End_Incident|Apr 22nd - Velvet Capital Front-End Incident - $0k (Global)]]

[[Cruiz_Fake_Token_Rug_Pull|Apr 22nd - Cruiz Fake Token Rug Pull - $39k (Global)]]

[[Z123_Smart_Contract_Vulnerability|Apr 22nd - Z123 Smart Contract Vulnerability - $136k (Global)]]

[[ZKasino_Ethereum_Bridge_Rugpull|Apr 20th - ZKasino Ethereum Bridge Rugpull - $33.202m (Global)]]

[[Hedgey_Finance_Flash_Loan_Attack|Apr 19th - Hedgey Finance Flash Loan Attack - $44.7m (Global)]]

[[Meson_Finance_Twitter_Breached|Apr 19th - Meson Finance Twitter Breached - $Unknown (Global)]]

[[Mars_Token_Launch_Airdrop_Exploit|Apr 16th - Mars Token Launch Airdrop Exploit - $Unknown (Global)]]

[[Parcl_Fake_BSC_Token_Rug_Pull|Apr 15th - Parcl Fake BSC Token Rug Pull - $172k (Global)]]

[[Grand_Base_Private_Key_Leak|Apr 14th - Grand Base Private Key Leak - $2m (Global)]]

[[Jill_Boden_Fake_BNB_Token_Rug_Pull|Apr 14th - Jill Boden Fake BNB Token Rug Pull - $335k (Global)]]

[[VoidZ_Fake_Binance_Smart_Chain_Token|Apr 14th - VoidZ Fake Binance Smart Chain Token - $323k (Global)]]

[[Leaper_Finance_Rug_Pull_Foiled|Apr 13th - Leaper Finance Rug Pull Foiled - $140k (Global)]]

[[Masa_AI_Fake_Token_Rug_Pull|Apr 11th - Masa AI Fake Token Rug Pull - $502k (Global)]]

[[Zest_Protocol_Lending_Collateral_Vulnerability|Apr 11th - Zest Protocol Lending Collateral Vulnerability - $1000k (Global)]]

[[Empower_AI_Token_Rug_Pull|Apr 11th - Empower AI Token Rug Pull - $238k (Global)]]

[[Monad_Fake_Token_Rug_Pull|Apr 10th - Monad Fake Token Rug Pull - $266k (Global)]]

[[Truflation_Fake_Token_Rug_Pull|Apr 10th - Truflation Fake Token Rug Pull - $257k (Global)]]

[[Oasis_AI_Fake_Token_Rug_Pull|Apr 10th - Oasis AI Fake Token Rug Pull - $302k (Global)]]

[[XBlast_Unauthorized_Token_Transfer|Apr 8th - XBlast Unauthorized Token Transfer - $85k (Global)]]

[[UtopiaSphere_First_Flash_Loan_Exploit|Apr 8th - UtopiaSphere First Flash Loan Exploit - $28k (Global)]]

[[Wall_Street_Memes_Pre-Sale_Flash_Loan_Attack|Apr 4th - Wall Street Memes Pre-Sale Flash Loan Attack - $18k (Global)]]

[[Wormhole_Co-Founder_Robinson_Burkey_Twitter_Hacked|Apr 3rd - Wormhole Co-Founder Robinson Burkey Twitter Hacked - $Unknown (Global)]]

[[CondomSOL_Rug_Pull|Apr 3rd - CondomSOL Rug Pull - $922k (Global)]]

[[Avolend_Finance_Rug_Pull|Apr 2nd - Avolend Finance Rug Pull - $253k (Global)]]

[[FixedFloat_April_Fools_Day_Exploit|Apr 1st - FixedFloat April Fools Day Exploit - $2.8m (Global)]]

=== March 2024 ===
[[OpenLeverage_Lending_Protocol_Reentrancy_Attack|Mar 31st - OpenLeverage Lending Protocol Reentrancy Attack - $260k (Global)]]

[[Solareum_Project_Private_Key_Exploit|Mar 30th - Solareum Project Private Key Exploit - $520k (Global)]]

[[Pendle_Finance_Twitter_Hack_Fake_Airdrop|Mar 29th - Pendle Finance Twitter Hack Fake Airdrop - $Unknown (Global)]]

[[Lava_Lending_Flash_Loan_Attack|Mar 28th - Lava Lending Flash Loan Attack - $340k (Global)]]

[[Prisma_Finance_TroveManager_Exploit|Mar 28th - Prisma Finance TroveManager Exploit - $11.6m (Global)]]

[[Decrypt_Media_Email_Newsletter_Compromise|Mar 26th - Decrypt Media Email Newsletter Compromise - $3k (Global)]]

[[Munchables_Rogue_Developer_Theft|Mar 26th - Munchables Rogue Developer Theft - $62.5m (Global)]]

[[Curio_Voting_Power_Exploit|Mar 23rd - Curio Voting Power Exploit - $180k (Global)]]

[[CoinTelegraph_TELEGRAPH_PACKY_Fake_Tokens_Launched|Mar 23rd - CoinTelegraph TELEGRAPH PACKY Fake Tokens Launched - $Unknown (Global)]]

[[Super_Sushi_Samurai_Minting_Exploit|Mar 21st - Super Sushi Samurai Minting Exploit - $4.8m (Global)]]

=== February 2024 ===
[[FixedFloat_Minor_Technical_Problems|Feb 18th - FixedFloat Minor Technical Problems - $26.1m (Global)]]

=== January 2024 ===
[[Sydney_Sweeney_Twitter_MILK_Promotion_Hack|Jan 27th - Sydney Sweeney Twitter MILK Promotion Hack - $Unknown (Global)]]

[[Wall_Street_Memes_Staking_Contract_Exploited|Jan 25th - Wall Street Memes Staking Contract Exploited - $3.58m (Global)]]

==2023==
=== November 2023 ===
[[Onyx_Protocol_PEPE_Market_Donation|Nov 1st - Onyx Protocol PEPE Market Donation - $2.1m (Global)]]

=== October 2023 ===
[[Wall_Street_Memes_Discord_Hack|Oct 11th - Wall Street Memes Discord Hack - $46k (Global)]]

=== September 2023 ===
[[BankX_XSD_BurnPoolXSD_Re-Entry_Vulnerability_Exploited_1|Sep 26th - BankX XSD BurnPoolXSD Re-Entry Vulnerability Exploited 1 - $12k (Global)]]

=== August 2023 ===
[[Zunami_Protocol_Liquidity_Pool_Valuation_Manipulation_Exploit|Aug 13th - Zunami Protocol Liquidity Pool Valuation Manipulation Exploit - $2.127m (Global)]]

=== July 2023 ===
[[Curve_Finance_Reentrancy_Vulnerability|Jul 30th - Curve Finance Reentrancy Vulnerability - $61.7m (Global)]]

=== May 2023 ===
[[Tornado_Cash_Governance_Overtaken|May 20th - Tornado Cash Governance Overtaken - $59k (Global)]]

[[SwapRum_Rug_Pull|May 18th - SwapRum Rug Pull - $2.95m (Global)]]

[[EOS_EVM_Contract_Drain_Vulnerability|May 15th - EOS EVM Contract Drain Vulnerability - $0k (Global)]]

[[Land_of_Genesis_Mint_Permission_Hack|May 14th - Land of Genesis Mint Permission Hack - $150k (Global)]]

[[LW_Token_Price_Manipulation_Attack|May 11th - LW Token Price Manipulation Attack - $48k (Global)]]

[[Deus_Finance_(DEI_Stablecoin)_Burn_Vulnerability|May 5th - Deus Finance (DEI Stablecoin) Burn Vulnerability - $6.5m (Global)]]

[[Level_Finance_Gets_Leveled|May 1st - Level Finance Gets Leveled - $1.802m (Global)]]

=== April 2023 ===
[[Merlin_DEX_Liquidity_Pool_Drained|Apr 25th - Merlin DEX Liquidity Pool Drained - $1.8m (Global)]]

[[Hundred_Finance_WBTC_Optimism_Exploit|Apr 15th - Hundred Finance WBTC Optimism Exploit - $7.4m (Global)]]

[[Yearn_Finance_Legacy_Contract_Exploited|Apr 12th - Yearn Finance Legacy Contract Exploited - $11.4m (Global)]]

[[Sushi_Swap_New_Routing_Contract_Bug|Apr 8th - Sushi Swap New Routing Contract Bug - $3.3m (Global)]]

[[EmpireX_Capital_Alleged_Ponzi_Scheme|Apr 1st - EmpireX Capital Alleged Ponzi Scheme - $6.6m (United States)]]

=== March 2023 ===
[[Safemoon_Vulnerable_Deployer_Exploited|Mar 28th - Safemoon Vulnerable Deployer Exploited - $8.9m (Global)]]

[[Jairo_Martinez_Cryptocurrency_Scam_Victim|Mar 27th - Jairo Martinez Cryptocurrency Scam Victim - $126k (Global)]]

[[Kokomo_Finance_Lending_Protocol_Exit_Scam|Mar 26th - Kokomo Finance Lending Protocol Exit Scam - $4m (Global)]]

[[Harvest_Keeper_KYC/Audit_Rug_Pull|Mar 17th - Harvest Keeper KYC/Audit Rug Pull - $933k (Global)]]

[[General_Bytes_Bitcoin_ATM_Zero-Day_Exploit|Mar 17th - General Bytes Bitcoin ATM Zero-Day Exploit - $1.5m (Global)]]

[[Seed_Phrases_in_Evernote_Theft_jbtravel84|Mar 15th - Seed Phrases in Evernote Theft jbtravel84 - $300k (Global)]]

[[Euler_Finance_Receives_%22Generous%22_Donations|Mar 13th - Euler Finance Receives "Generous" Donations - $196.1m (Global)]]

[[Hedera_Token_Service_Exploited|Mar 9th - Hedera Token Service Exploited - $515k (Global)]]

=== February 2023 ===
[[Hope_Finance_Loses_All_Hope|Feb 20th - Hope Finance Loses All Hope - $1.875m (Global)]]

[[MyAlgo_Web_Wallet_JavaScript_CDN_Exploit|Feb 19th - MyAlgo Web Wallet JavaScript CDN Exploit - $9.6m (Global)]]

[[Dexible_DEX_Aggregator_SelfSwap_Exploit|Feb 16th - Dexible DEX Aggregator SelfSwap Exploit - $1.53m (Global)]]

[[Platypus_Finance_Unchecked_Stablecoin_Collateral|Feb 16th - Platypus Finance Unchecked Stablecoin Collateral - $8.5m (Global)]]

[[OASIS_Application_Wallet_Software_Exploited|Feb 16th - OASIS Application Wallet Software Exploited - $140m (Global)]]

[[DForce_Network_Reentrancy_Vulnerability|Feb 9th - DForce Network Reentrancy Vulnerability - $3.85m (Global)]]

[[Zunami_Protocol_Pool_Price_Imbalance_Arbitrage_Exploit|Feb 3rd - Zunami Protocol Pool Price Imbalance Arbitrage Exploit - $260k (Global)]]

[[Orion_Protocol_Reentrancy_Exploit|Feb 2nd - Orion Protocol Reentrancy Exploit - $3.027m (Global)]]

[[BonqDAO_Protocol_Oracle_Hack|Feb 1st - BonqDAO Protocol Oracle Hack - $120m (Global)]]

=== January 2023 ===
[[Zunami_Protocol_Stablecoin_Swap_MEV_Sandwich_Attack|Jan 26th - Zunami Protocol Stablecoin Swap MEV Sandwich Attack - $50k (Global)]]

[[Midas_Capital_Virtual_Price_Reentrancy|Jan 15th - Midas Capital Virtual Price Reentrancy - $660k (Global)]]

[[Clucoin_Founder_Gambled_Away_Funds|Jan 3rd - Clucoin Founder Gambled Away Funds - $Unknown (Global)]]

==2022==
=== December 2022 ===
[[Talos_II_RNG_Exploit_Theft_Luke_Dash_Jr|Dec 31st - Talos II RNG Exploit Theft Luke Dash Jr - $3.59m (United States)]]

[[Kevin_O_Leary_Twitter_Hack_Giveway|Dec 29th - Kevin O Leary Twitter Hack Giveway - $Unknown (Global)]]

[[Midas_Investments_Platform_Closure|Dec 27th - Midas Investments Platform Closure - $63.3m (Global)]]

[[Sajid_Ikram_Romanceless_Pig_Butchering_Scam|Dec 25th - Sajid Ikram Romanceless Pig Butchering Scam - $328k (Global)]]

[[Rubic_Exchange_Proxy_Router_Exploit|Dec 25th - Rubic Exchange Proxy Router Exploit - $1.41m (Global)]]

[[Defrost_Finance_V1_Key_Compromise/Rug_Pull|Dec 24th - Defrost Finance V1 Key Compromise/Rug Pull - $12.85m (Global)]]

[[Ellipal_Account_Theft_LockCertain4138|Dec 23rd - Ellipal Account Theft LockCertain4138 - $10k (Global)]]

[[Defrost_Finance_V2_Reentrancy_Exploit|Dec 23rd - Defrost Finance V2 Reentrancy Exploit - $174k (Global)]]

[[Raydium_Private_Key_Compromised|Dec 16th - Raydium Private Key Compromised - $4.4m (Global)]]

[[Lodestar_Finance_Collateral_Price_Manipulation|Dec 10th - Lodestar Finance Collateral Price Manipulation - $6.5m (Global)]]

[[Minswap_Front-Running_Swap_Orders|Dec 8th - Minswap Front-Running Swap Orders - $Unknown (Global)]]

[[BlockAura_Ponzi_Scheme|Dec 2nd - BlockAura Ponzi Scheme - $Unknown (Global)]]

=== November 2022 ===
[[Ellipal_Funds_Removed_jovanajovana|Nov 26th - Ellipal Funds Removed jovanajovana - $23k (Global)]]

[[CoinSquare_Client_Database_Breach|Nov 19th - CoinSquare Client Database Breach - $0k (Canada)]]

[[Gemini_Third_Party_Data_Breach|Nov 14th - Gemini Third Party Data Breach - $0k (Global)]]

[[AAX_Exchange_Collapses|Nov 13th - AAX Exchange Collapses - $100m (Global)]]

[[BlockFi_Withdrawals_Disabled_and_Bankruptcy|Nov 10th - BlockFi Withdrawals Disabled and Bankruptcy - $Unknown (United States)]]

[[FTX_Exchange_Collapse_and_Bankruptcy|Nov 9th - FTX Exchange Collapse and Bankruptcy - $8b (Global)]]

[[Deribit_Hot_Wallet_Breached|Nov 1st - Deribit Hot Wallet Breached - $28m (Global)]]

=== October 2022 ===
[[Fries_Fund_DAO_Profanity_Address_Exploit|Oct 27th - Fries Fund DAO Profanity Address Exploit - $2.3m (Global)]]

[[Verified_Brad_Garlinghouse_Scam_Practical-Bench7741|Oct 26th - Verified Brad Garlinghouse Scam Practical-Bench7741 - $2k (Global)]]

[[OlympusDAO_Bond_Contract_Exploited|Oct 20th - OlympusDAO Bond Contract Exploited - $292k (Global)]]

[[Binance_Bridge_Forged_Proof_Exploit|Oct 6th - Binance Bridge Forged Proof Exploit - $566m (Global)]]

[[TrueFi_Blockwater_Technologies_Default|Oct 6th - TrueFi Blockwater Technologies Default - $2.967m (Global)]]

[[Celsius_Bankruptcy_Releases_Customer_Data|Oct 5th - Celsius Bankruptcy Releases Customer Data - $0k (United States)]]

[[Memeland_MVP_NFT_Scammed_Raymond_Lai|Oct 4th - Memeland MVP NFT Scammed Raymond Lai - $20k (Global)]]

[[Transit_Finance_Swap_Exploit_Thefts|Oct 1st - Transit Finance Swap Exploit Thefts - $28.69m (Global)]]

=== September 2022 ===
[[Wintermute_Profanity_Private_Key_Breach|Sep 19th - Wintermute Profanity Private Key Breach - $160m (Global)]]

[[OpenSea_Fake_ConeHeads_Collection|Sep 18th - OpenSea Fake ConeHeads Collection - $Unknown (Global)]]

[[Walnut_Creek_California_Bitcoin_ATM_Robbery|Sep 13th - Walnut Creek California Bitcoin ATM Robbery - $Unknown (United States)]]

=== August 2022 ===
[[Crypto.com_Sends_$10.5m_To_Melbourne_Woman|Aug 30th - Crypto.com Sends $10.5m To Melbourne Woman - $10.5m (Australia)]]

[[OptiFi_Accidental_Shutdown_Command|Aug 29th - OptiFi Accidental Shutdown Command - $661k (Global)]]

[[SudoRare_NFT_Market_Maker_Rug_Pull|Aug 23rd - SudoRare NFT Market Maker Rug Pull - $816k (Global)]]

[[Bored_Ape_887_Record_Fast_Theft_hodllee.eth|Aug 22nd - Bored Ape 887 Record Fast Theft hodllee.eth - $116k (Global)]]

[[Near_Protocol_Rainbow_Bridge_Second_Attack_Mitigated|Aug 20th - Near Protocol Rainbow Bridge Second Attack Mitigated - $0k (Global)]]

[[Acala_Network_aUSD_Infinite_Mint_Depegging|Aug 13th - Acala Network aUSD Infinite Mint Depegging - $6.2m (Global)]]

[[Memeland_Grow_Potatoz_Scam_Website_Dray_GMI|Aug 12th - Memeland Grow Potatoz Scam Website Dray_GMI - $Unknown (Global)]]

[[Curve_Finance_DNS_Hijacking|Aug 9th - Curve Finance DNS Hijacking - $Unknown (Global)]]

[[Nomad_Bridge_Hack|Aug 1st - Nomad Bridge Hack - $190.74m (Global)]]

=== July 2022 ===
[[Memeland_MVP_NFT_#76_Stolen|Jul 25th - Memeland MVP NFT #76 Stolen - $23k (Global)]]

[[Premint_XYZ_Malicious_Contract|Jul 17th - Premint XYZ Malicious Contract - $91k (Global)]]

[[Impermax_Finance_Private_Key_Compromise_Token_Theft|Jul 16th - Impermax Finance Private Key Compromise Token Theft - $Unknown (Global)]]

[[MetaMask_Large_USDC/USDT_Theft_Setana0|Jul 12th - MetaMask Large USDC/USDT Theft Setana0 - $88k (Global)]]

[[Ellipal_MainBlocks.xyz_Phishing_Moist_Smoke_4603|Jul 7th - Ellipal MainBlocks.xyz Phishing Moist_Smoke_4603 - $2k (Global)]]

[[Voyager_Digital_Bankruptcy|Jul 5th - Voyager Digital Bankruptcy - $5.9b (United States)]]

[[Vauld_Platform_Withdrawals_Paused|Jul 4th - Vauld Platform Withdrawals Paused - $197.7m+ (Global)]]

=== June 2022 ===
[[CoinFlex_flexUSD_Stablecoin_Depegs|Jun 28th - CoinFlex flexUSD Stablecoin Depegs - $120m (Global)]]

[[XCarnival_Collateral_Logic_Error|Jun 26th - XCarnival Collateral Logic Error - $3.8m (Global)]]

[[Hare_Finance_Private_Key_Compromise|Jun 25th - Hare Finance Private Key Compromise - $15k (Global)]]

[[Ribbon_Finance_Malicious_DNS_Hijack|Jun 23rd - Ribbon Finance Malicious DNS Hijack - $Unknown (Global)]]

[[Convex_Finance_Malicious_DNS_Hijack|Jun 23rd - Convex Finance Malicious DNS Hijack - $14k (Global)]]

[[DeFi_Saver_Malicious_DNS_Hijack|Jun 23rd - DeFi Saver Malicious DNS Hijack - $Unknown (Global)]]

[[AllBridge_Malicious_DNS_Hijack|Jun 23rd - AllBridge Malicious DNS Hijack - $Unknown (Global)]]

[[Harmony_Horizon_Bridge_Private_Key_Exploit|Jun 23rd - Harmony Horizon Bridge Private Key Exploit - $107.3m (Global)]]

[[NFT_Artist_File_Extension_Phishing_RabbitinM|Jun 23rd - NFT Artist File Extension Phishing RabbitinM - $5k (Global)]]

[[Pandora_DAO_Price_Manipulation|Jun 22nd - Pandora DAO Price Manipulation - $128k (Global)]]

[[NFT_NYC_Malicious_QR_Code_Phishing|Jun 21st - NFT NYC Malicious QR Code Phishing - $Unknown (United States)]]

[[Whale_Loans_Swap_Amount_Exploit|Jun 20th - Whale Loans Swap Amount Exploit - $12k (Global)]]

[[Schnoodle_Reward_Calculation_Error|Jun 18th - Schnoodle Reward Calculation Error - $112k (Global)]]

[[Babel_Finance_Halts_Withdrawals|Jun 17th - Babel Finance Halts Withdrawals - $Unknown (Global)]]

[[Inverse_Finance_Second_Price_Oracle_Exploit|Jun 16th - Inverse Finance Second Price Oracle Exploit - $1.26m (Global)]]

[[Celsius_Platform_Withdrawals_Paused|Jun 12th - Celsius Platform Withdrawals Paused - $11.8b (United States)]]

[[Memeland_Fake_Twitter_Giveaways|Jun 7th - Memeland Fake Twitter Giveaways - $Unknown (Global)]]

[[Bored_Ape_Yacht_Club_Discord_Hacked_Again|Jun 4th - Bored Ape Yacht Club Discord Hacked Again - $360k (Global)]]

=== May 2022 ===
[[Moonbeam_Network_DelegateCall_Vulnerability_Pwning.eth|May 27th - Moonbeam Network DelegateCall Vulnerability Pwning.eth - $0k (Global)]]

[[Moonbirds_NFT_Trading_Fraud|May 24th - Moonbirds NFT Trading Fraud - $1.5m (Global)]]

[[Memeland_Founder/Collaborators_Phishing_Scam|May 23rd - Memeland Founder/Collaborators Phishing Scam - $Unknown (Global)]]

[[Doodle_NFT_5396_Phishing_Theft_BTCRegister|May 22nd - Doodle NFT 5396 Phishing Theft BTCRegister - $26k (Global)]]

[[Beeple_Twitter_Account_Hack|May 22nd - Beeple Twitter Account Hack - $438k (Global)]]

[[GM_Studios_Discord_Hacked_savino910|May 22nd - GM Studios Discord Hacked savino910 - $104k (Global)]]

[[The_Apiens_Discord_Channel_Hacked|May 22nd - The Apiens Discord Channel Hacked - $Unknown (Global)]]

[[TheMetaBucks_Discord_Hacked|May 21st - TheMetaBucks Discord Hacked - $Unknown (Global)]]

[[Blockworks_Permies_NFT_Discord_Hack|May 18th - Blockworks Permies NFT Discord Hack - $Unknown (Global)]]

[[Magic_Eden_NFT_Marketplace_Discord_Hack|May 18th - Magic Eden NFT Marketplace Discord Hack - $Unknown (Global)]]

[[Solrarity_Discord_Hack|May 18th - Solrarity Discord Hack - $Unknown (Global)]]

[[Okay_Bears_Discord_Hack|May 18th - Okay Bears Discord Hack - $Unknown (Global)]]

[[The_Habibiz_Discord_Hack|May 18th - The Habibiz Discord Hack - $Unknown (Global)]]

[[Lazy_Lions_Discord_Hack|May 18th - Lazy Lions Discord Hack - $Unknown (Global)]]

[[HYUNDAI_NFT_Discord_Hack|May 18th - HYUNDAI NFT Discord Hack - $Unknown (Global)]]

[[Akutars_Discord_Hack|May 18th - Akutars Discord Hack - $Unknown (Global)]]

[[Gangster_All_Star_Discord_Hack|May 18th - Gangster All Star Discord Hack - $Unknown (Global)]]

[[My_Pet_Hooligan_Discord_Hacked|May 18th - My Pet Hooligan Discord Hacked - $Unknown (Global)]]

[[Burrito_Boyz_Discord_Compromise|May 18th - Burrito Boyz Discord Compromise - $Unknown (Global)]]

[[HAPE_Social_Discord_Hacked|May 18th - HAPE Social Discord Hacked - $Unknown (Global)]]

[[PSSSD_Discord_Hacked|May 18th - PSSSD Discord Hacked - $Unknown (Global)]]

[[Alien_Frens_Discord_Hacked|May 17th - Alien Frens Discord Hacked - $Unknown (Global)]]

[[Coolcats_NFT_Discord_Hacked|May 17th - Coolcats NFT Discord Hacked - $Unknown (Global)]]

[[Axie_Infinity_Discord_Channel_Hack|May 17th - Axie Infinity Discord Channel Hack - $Unknown (Global)]]

[[Project_PXN_Hacked_Discord|May 17th - Project PXN Hacked Discord - $Unknown (Global)]]

[[Memeland_Discord_Server_Compromised|May 17th - Memeland Discord Server Compromised - $Unknown (Global)]]

[[Proof/Moonbirds_Discord_Compromised|May 17th - Proof/Moonbirds Discord Compromised - $Unknown (Global)]]

[[Cyberconnect_Discord_Channel_Hacked|May 17th - Cyberconnect Discord Channel Hacked - $Unknown (Global)]]

[[RTFKT_Discord_Breach|May 17th - RTFKT Discord Breach - $Unknown (Global)]]

[[MetaMask_Wallet_NFT_Theft_Baconm77/Michael_Bode|May 17th - MetaMask Wallet NFT Theft Baconm77/Michael Bode - $Unknown (Global)]]

[[Doodles_NFT_Theft_Baimtje|May 16th - Doodles NFT Theft Baimtje - $27k (Global)]]

[[Frenly_Pandas_Discord_Channel_Hacked|May 16th - Frenly Pandas Discord Channel Hacked - $Unknown (Global)]]

[[DEI_Stablecoin_Depegging|May 15th - DEI Stablecoin Depegging - $74.539m (Global)]]

[[QuickSwap_GoDaddy_DNS_Compromise|May 13th - QuickSwap GoDaddy DNS Compromise - $108k (Global)]]

[[SpiritSwap_GoDaddy_DNS_Compromise|May 13th - SpiritSwap GoDaddy DNS Compromise - $72k (Global)]]

[[Luna_Terra_Algorithmic_Stablecoin_Crash|May 11th - Luna Terra Algorithmic Stablecoin Crash - $55b (Global)]]

[[HoneySwap_GoDaddy_DNS_Compromise|May 9th - HoneySwap GoDaddy DNS Compromise - $20k (Global)]]

[[Binance_Tourist_Billboards_in_Turkey|May 8th - Binance Tourist Billboards in Turkey - $Unknown (Turkey)]]

[[Gutter_Cat_Gang_Clone_Phishing_Attack_Seth_Green|May 7th - Gutter Cat Gang Clone Phishing Attack Seth Green - $669k (Global)]]

[[OpenSea_Carl_Bot_Discord_Hack_Fake_YouTube_NFT|May 6th - OpenSea Carl Bot Discord Hack Fake YouTube NFT - $27k (Global)]]

[[Tsim_Sha_Tsui_Businessmen_Robbed|May 3rd - Tsim Sha Tsui Businessmen Robbed - $191k (Hong Kong)]]

[[Shamanzs_NFT_Unfair_Dutch_Auction|May 3rd - Shamanzs NFT Unfair Dutch Auction - $Unknown (Global)]]

[[OpenSea_Memeland_Scam_NFT_Collections|May 3rd - OpenSea Memeland Scam NFT Collections - $Unknown (Global)]]

=== April 2022 ===
[[Near_Protocol_Rainbow_Bridge_First_Attack_Mitigated|Apr 30th - Near Protocol Rainbow Bridge First Attack Mitigated - $0k (Global)]]

[[DeusDao_Muon_Price_Manipulation_Hack|Apr 27th - DeusDao Muon Price Manipulation Hack - $Unknown (Global)]]

[[Memeland_Memelisted_Sale_Scammers|Apr 26th - Memeland Memelisted Sale Scammers - $Unknown (Global)]]

[[Aurora_Engine_$6m_Bug_Bounty|Apr 26th - Aurora Engine $6m Bug Bounty - $0k (Global)]]

[[Swifttrader_NFT_Scam_amoeba.eth/Blinkyy|Apr 25th - Swifttrader NFT Scam amoeba.eth/Blinkyy - $106k (Global)]]

[[Moonbirds_Airdrop_Phishing|Apr 25th - Moonbirds Airdrop Phishing - $Unknown (Global)]]

[[Bored_Ape_Yacht_Club_Instagram_Hack|Apr 25th - Bored Ape Yacht Club Instagram Hack - $2.7m (Global)]]

[[Muon_Airdrop_Scam|Apr 24th - Muon Airdrop Scam - $Unknown (Global)]]

[[Sense_Finance_Access_Control_Vulnerability|Apr 22nd - Sense Finance Access Control Vulnerability - $0k (Global)]]

[[BondAppetite_Stablecoin_Peg_Lost|Apr 18th - BondAppetite Stablecoin Peg Lost - $Unknown (Global)]]

[[Beanstalk_Farms_Stablecoin_Hack|Apr 17th - Beanstalk Farms Stablecoin Hack - $182m (Global)]]

[[Bunker_Finance_Function_Parameter_Vulnerability|Apr 15th - Bunker Finance Function Parameter Vulnerability - $0k (Global)]]

[[Azuki_Beanz_Fake_Mint_Milady_NFT_Theft_do_i_feellucky|Apr 15th - Azuki Beanz Fake Mint Milady NFT Theft do_i_feellucky - $Unknown (Global)]]

[[Azuki_Beanz_The_Other_Side_Mfer_NFT_Thefts_Rijet|Apr 14th - Azuki Beanz The Other Side Mfer NFT Thefts Rijet - $11k (Global)]]

[[Rare_Bears_Scam_Account|Apr 5th - Rare Bears Scam Account - $2k (Global)]]

[[Trezor_Data_Breach_Phishing|Apr 2nd - Trezor Data Breach Phishing - $Unknown (Global)]]

[[Inverse_Finance_First_Price_Oracle_Exploit|Apr 2nd - Inverse Finance First Price Oracle Exploit - $15.5m (Global)]]

[[Kaiju_Kingz_Discord_Ticket_Tool_Hack|Apr 1st - Kaiju Kingz Discord Ticket Tool Hack - $Unknown (Global)]]

[[Nyoki_Club_Discord_Hack|Apr 1st - Nyoki Club Discord Hack - $Unknown (Global)]]

[[Shamanzs_Discord_Hack|Apr 1st - Shamanzs Discord Hack - $Unknown (Global)]]

=== March 2022 ===
[[Doodles_NFT_Discord_Hack|Mar 31st - Doodles NFT Discord Hack - $Unknown (Global)]]

[[Bored_Ape_Yacht_Club_Discord_Ticket_Tool_Hack|Mar 31st - Bored Ape Yacht Club Discord Ticket Tool Hack - $550k (Global)]]

[[Ola_Finance_Exploit|Mar 30th - Ola Finance Exploit - $4.67m (Global)]]

[[Axie_Infinity_Ronin_Bridge_Unauthorized_Treasury_Access|Mar 23rd - Axie Infinity Ronin Bridge Unauthorized Treasury Access - $625m (Global)]]

[[Cash.io_App_Solana_Fake_Account_Exploit|Mar 23rd - Cash.io App Solana Fake Account Exploit - $52.8m (Global)]]

[[VeVe_Gems_Acquired_Illegitimately|Mar 22nd - VeVe Gems Acquired Illegitimately - $Unknown (Global)]]

[[Lazy_Lion_NFT_Theft_Slowcobra97|Mar 20th - Lazy Lion NFT Theft Slowcobra97 - $4k (Global)]]

[[LiFi_Protocol_Infinite_Approval_Swap_Exploit|Mar 19th - LiFi Protocol Infinite Approval Swap Exploit - $570k (Global)]]

[[Swan_Bitcoin_Hubspot_Data_Breach|Mar 19th - Swan Bitcoin Hubspot Data Breach - $0k (Global)]]

[[BlockFi_Hubspot_Data_Breach|Mar 18th - BlockFi Hubspot Data Breach - $0k (United States)]]

[[NYDIG_HubSpot_Data_Breach|Mar 18th - NYDIG HubSpot Data Breach - $Unknown (United States)]]

[[Circle_HubSpot_Data_Breach|Mar 18th - Circle HubSpot Data Breach - $Unknown (United States)]]

[[EtherRock_Sold_For_444_Wei_CoinMarketCope|Mar 17th - EtherRock Sold For 444 Wei DinoDealer - $1.2m (Global)]]

[[Rare_Bears_Discord_Attack|Mar 16th - Rare Bears Discord Attack - $795k (Global)]]

[[Wizard's_Pass_Discord_Hack|Mar 13th - Wizard's Pass Discord Hack - $Unknown (Global)]]

[[Unchained_Capital_ActiveCampaign_Privacy_Breach|Mar 10th - Unchained Capital ActiveCampaign Privacy Breach - $Unknown (United States)]]

[[Fantasm_Finance_Contract_Vulnerabilities|Mar 9th - Fantasm Finance Contract Vulnerabilities - $2.626m (Global)]]

[[Pirate_X_Pirate_Private_Key_Leak|Mar 8th - Pirate X Pirate Private Key Leak - $83k (Global)]]

[[Mutant_Ape_Planet_NFT_False_Promises|Mar 7th - Mutant Ape Planet NFT False Promises - $2.9m (Global)]]

[[OpenDAO_USDO_Stable_Coin_Collapses|Mar 7th - OpenDAO USDO Stable Coin Collapses - $24.349m (Global)]]

[[Scam_Website_Seed_Phrase_Entered_Billyfudpucker|Mar 5th - Scam Website Seed Phrase Entered Billyfudpucker - $Unknown (Global)]]

[[TreasureDAO_NFT_Market_Hacked|Mar 2nd - TreasureDAO NFT Market Hacked - $1.4m (Global)]]

[[Ledger_Phishing_Attack_On_Dutch_Users|Mar 1st - Ledger Phishing Attack On Dutch Users - $Unknown (Global)]]

=== February 2022 ===
[[OpenSea_Fake_Verification_Phishing_Emails|Feb 26th - OpenSea Fake Verification Phishing Emails - $Unknown (Global)]]

[[Doodles_NFT_Discord_Hacked|Feb 26th - Doodles NFT Discord Hacked - $Unknown (Global)]]

[[Ariva_Digital_Key_Breached|Feb 25th - Ariva Digital Key Breached - $637k (Global)]]

[[Lana_Rhoades_Alleged_Rug_Pull|Feb 24th - Lana Rhoades Alleged Rug Pull - $1.5m (Global)]]

[[Flurry_Finance_Vault_Flash_Loan_Attack|Feb 22nd - Flurry Finance Vault Flash Loan Attack - $251k (Global)]]

[[Compound_Finance_Live_Critical_Vulnerability|Feb 22nd - Compound Finance Live Critical Vulnerability - $0k (Global)]]

[[OpenSea_Phishing_Attack|Feb 19th - OpenSea Phishing Attack - $3.4m (Global)]]

[[Gold_Mine_Finance_Scam|Feb 18th - Gold Mine Finance Scam - $68k (Global)]]

[[RigoBlock_Missing_Access_Controls|Feb 17th - RigoBlock Missing Access Controls - $464k (Global)]]

[[TopGoal_Hot_Wallet_Breach|Feb 16th - TopGoal Hot Wallet Breach - $1.113m (Global)]]

[[Titano_Finance_Evil_Contractors|Feb 13th - Titano Finance Evil Contractors - $1.949m (Global)]]

[[Ellipal_Funds_Stuck_Pass_Phrase_SUPERVILLAN1974|Feb 12th - Ellipal Funds Stuck Pass Phrase SUPERVILLAN1974 - $13k (Global)]]

[[Build_Finance_Malicious_Governance_Takeover|Feb 12th - Build Finance Malicious Governance Takeover - $490k (Global)]]

[[Coinbase_Advanced_Market_Vulnerability|Feb 11th - Coinbase Advanced Market Vulnerability - $0k (United States)]]

[[Kung_Fu_Ape_Rug_Pull|Feb 11th - Kung Fu Ape Rug Pull - $Unknown (Global)]]

[[Squiggles_NFT_Suspicious_Launch_Activity|Feb 10th - Squiggles NFT Suspicious Launch Activity - $Unknown (Global)]]

[[FutureSwap_Credential_Disclosure|Feb 10th - FutureSwap Credential Disclosure - $798k (Global)]]

[[Dego_Finance_Key_Compromised|Feb 10th - Dego Finance Key Compromised - $10m (Global)]]

[[BabyMuskCoin_Honeypot_Rugpull|Feb 9th - BabyMuskCoin Honeypot Rugpull - $664k (Global)]]

[[IRA_Financial_Suspicious_Withdrawals|Feb 8th - IRA Financial Suspicious Withdrawals - $36m (United States)]]

[[Trading_Software_Remote_Control_Allan_Jones|Feb 8th - Trading Software Remote Control Allan Jones - $55k (Canada)]]

[[Superfluid_Wallet_Impersonation|Feb 7th - Superfluid Wallet Impersonation - $8.7m (Global)]]

[[Meter.io_Minting_Exploit|Feb 5th - Meter.io Minting Exploit - $4.4m (Global)]]

[[PayBito_Customer_Data_Breach|Feb 3rd - PayBito Customer Data Breach - $0k (United States/India)]]

[[KlaySwap_BGP_Hijacking|Feb 3rd - KlaySwap BGP Hijacking - $1.83m (Global)]]

[[Wormhole_Network_Signature_Validation_Loophole|Feb 2nd - Wormhole Network Signature Validation Loophole - $321.942m (Global)]]

[[Optimism_Self_Destruct_Exploit|Feb 2nd - Optimism Self Destruct Exploit - $0k (Global)]]

[[The_Heart_Project_Discord_Hack|Feb 1st - The Heart Project Discord Hack - $Unknown (Global)]]

[[Mars_Stealer_Malware|Feb 1st - Mars Stealer Malware - $Unknown (Global)]]

=== January 2022 ===
[[QXTraders_Scam_Investment_First-Stranger|Jan 29th - QXTraders Scam Investment First-Stranger - $2k (Canada)]]

[[Sending_WETH_To_WETH_Contract_Mistake|Jan 29th - Sending WETH To WETH Contract Mistake - $510k (Global)]]

[[EmpiresX_Ponzi_Scheme|Jan 28th - EmpiresX Ponzi Scheme - $100m (United States)]]

[[Qubit_Finance_Platform_Deposit_Hack|Jan 27th - Qubit Finance Platform Deposit Hack - $79.845m (Global)]]

[[OpenSea_Old_Contracts_Exploited|Jan 24th - OpenSea Old Contracts Exploited - $1.1m (Global)]]

[[YouTube_Channels_Hacked_One_World_Cryptocurrency_Scam|Jan 23rd - YouTube Channels Hacked One World Cryptocurrency Scam - $Unknown (Global)]]

[[Fortune_Friends_Club_Discord_Hack|Jan 22nd - Fortune Friends Club Discord Hack - $96k (Global)]]

[[BHUNT_Malware_Targets_Crypto_Wallets|Jan 22nd - BHUNT Malware Targets Crypto Wallets - $Unknown (Global)]]

[[Luna_Giveaway_Scam_Longjumping_Image_17|Jan 20th - Luna Giveaway Scam Longjumping_Image_17 - $8k (Global)]]

[[DualMine_Misleading_Payouts|Jan 20th - DualMine Misleading Payouts - $Unknown (Global)]]

[[Wonderland_Money_Sifu_Scandal|Jan 19th - Wonderland Money Sifu Scandal - $8.4m (Global)]]

[[Trezor_Fault_Injection_Whitehack|Jan 18th - Trezor Fault Injection Whitehack - $0k (Global)]]

[[MultiChain_Infinite_Approvals_Critical_Vulnerability|Jan 17th - MultiChain Infinite Approvals Critical Vulnerability - $5.981m (Global)]]

[[Crypto.com_Withdrawals_Triggered|Jan 17th - Crypto.com Withdrawals Triggered - $34.358m (Singapore)]]

[[Coinbase_Ethereum_Stolen_via_Minecraft_Mod|Jan 16th - Coinbase Ethereum Stolen via Minecraft Mod - $22k (Unknown)]]

[[PolkaMetaverse_Fake_Audit|Jan 15th - PolkaMetaverse Fake Audit - $Unknown (Global)]]

[[Michael_Saylor_Giveaway_Scam|Jan 15th - Michael Saylor Giveaway Scam - $1.124m (Unknown)]]

[[Float_Protocol_Rari_Capital_Weak_Oracle|Jan 14th - Float Protocol Rari Capital Weak Oracle - $250k (Global)]]

[[OpenSea_Forced_Sale_By_Old_Listing|Jan 12th - OpenSea Forced Sale By Old Listing - $48k (Global)]]

[[Token_Tax_API_Key_Breach_SPT0615-JD|Jan 12th - Token Tax API Key Breach SPT0615-JD - $Unknown (United States)]]

[[Ledger_Nano_XRP_And_More_Theft_Thugluvdoc|Jan 12th - Ledger Nano XRP And More Theft Thugluvdoc - $6k (Global)]]

[[Big_Daddy_Ape_Club_Rug_Pull|Jan 11th - Big Daddy Ape Club Rug Pull - $1.3m (Global)]]

[[Witty-Season-3914_Double_Scam_Recovery|Jan 11th - Witty-Season-3914 Double Scam Recovery - $7k (Global)]]

[[MetaMask_Ethereum_Hacked_Sup_55|Jan 10th - MetaMask Ethereum Hacked Sup_55 - $Unknown (Global)]]

[[LCX_Exchange_Hot_Wallet_Hack|Jan 8th - LCX Exchange Hot Wallet Hack - $7.94m (Liechtenstein)]]

[[Blockchain.com_Phishing_Site_Microsoft_Edge_MrPuma86|Jan 8th - Blockchain.com Phishing Site Microsoft Edge MrPuma86 - $42k (Global)]]

[[Frosties_NFT_Rug_Pull|Jan 8th - Frosties NFT Rug Pull - $1.099m (Global)]]

[[RichTheKid_RichKids_NFT_Rug_Pull|Jan 8th - RichTheKid RichKids NFT Rug Pull - $Unknown (Global)]]

[[Morris_Coin_Fraudulent_ICO|Jan 6th - Morris Coin Fraudulent ICO - $162m (India)]]

[[Zodiac_DAO_Rug_Pull|Jan 4th - Zodiac DAO Rug Pull - $Unknown (Global)]]

[[Solana_NFT_Minting_Scam_Hiuraii|Jan 3rd - Solana NFT Minting Scam Hiuraii - $3k (Global)]]

[[Arbix_Finance_Rug_Pull|Jan 3rd - Arbix Finance Rug Pull - $10m (Global)]]

[[Indian_Medical_Association_Twitter_Compromised|Jan 2nd - Indian Medical Association Twitter Compromised - $274k (India)]]

[[Exodus_Malicious_Torrent_File_ColonelGray|Jan 2nd - Exodus Malicious Torrent File ColonelGray - $5k (Global)]]

[[LiteVault_Web_Wallet_Closes|Jan 2nd - LiteVault Web Wallet Closes - $Unknown (Global)]]

[[OpenSea_Bored_Ape_Old_Contract_Hack|Jan 1st - OpenSea Bored Ape Old Contract Hack - $245k (Global)]]

==2021==
=== December 2021 ===
[[Ledger/MetaMask_Hack_PowerOfTheGods|Dec 31st - Ledger/MetaMask Hack PowerOfTheGods - $120k (Global)]]

[[Illuvium_Discord_Server_Hack|Dec 31st - Illuvium Discord Server Hack - $151k (Global)]]

[[OpenSea_Doodle_Sold_By_Old_Listing|Dec 31st - OpenSea Doodle Sold By Old Listing - $7k (Global)]]

[[Snowflake_Floki_Honeypot_Scam|Dec 27th - Snowflake Floki Honeypot Scam - $Unknown (Global)]]

[[MASK_Token_Unsellable|Dec 27th - MASK Token Unsellable - $1.865m (Global)]]

[[Cryptocurrency_Mining_Rig_Purchase_Scam_wowzas97|Dec 27th - Cryptocurrency Mining Rig Purchase Scam wowzas97 - $5k (Unknown)]]

[[Official_KMSPico_Malware_TheAlmightyRedditor|Dec 27th - Official KMSPico Malware TheAlmightyRedditor - $30k (Global)]]

[[Cell_Phone_Repair_Shop_Theft_hoangs2k|Dec 26th - Cell Phone Repair Shop Theft hoangs2k - $73k (Canada)]]

[[Mirror_Protocol_Governance_Attack|Dec 25th - Mirror Protocol Governance Attack - $40m (Global)]]

[[Visor_Finance_Unlimited_Minting|Dec 22nd - Visor Finance Unlimited Minting - $8.2m (Global)]]

[[CoinRise_Investor_Losses|Dec 22nd - CoinRise Investor Losses - $Unknown (Canada)]]

[[SolNFTMinting_Solana_Auto-Approve_Theft_Whiskeytango99|Dec 21st - SolNFTMinting Solana Auto-Approve Theft Whiskeytango99 - $36k (Global)]]

[[Monkey_Kingdom_Discord_Hack|Dec 21st - Monkey Kingdom Discord Hack - $1.3m (Global)]]

[[Fractal_NFT_Discord_Hack|Dec 21st - Fractal NFT Discord Hack - $150k (Global)]]

[[Monkey_Kingdom_Additional_Minting_Hack|Dec 21st - Monkey Kingdom Additional Minting Hack - $Unknown (Global)]]

[[Bent_Finance_Malicious_Balance_Injection|Dec 21st - Bent Finance Malicious Balance Injection - $1.78m (Global)]]

[[Up1_Infinite_Approval_Phishing|Dec 20th - Up1 Infinite Approval Phishing - $50k+ (Global)]]

[[Grim_Finance_Reentrancy_Attack|Dec 20th - Grim Finance Reentrancy Attack - $30m (Global)]]

[[Coinbase_Wallet_Seed_Phrase_Lost_Fresh_Supermarket|Dec 18th - Coinbase Wallet Seed Phrase Lost Fresh_Supermarket - $5k (Global)]]

[[Charge_DeFi_Flash_Loan_Attack|Dec 18th - Charge DeFi Flash Loan Attack - $1.16m (Global)]]

[[Terrastation_Luna_Wrong_Address_Send_Party_Combination_49|Dec 17th - Terrastation Luna Wrong Address Send Party_Combination_49 - $27k (Global)]]

[[OlympusDAO_V2_Migration_Scams|Dec 17th - OlympusDAO V2 Migration Scams - $20k (Global)]]

[[VeVe_Discord_Hacked_Twice|Dec 17th - VeVe Discord Hacked Twice - $155k (Global)]]

[[CoinMarketCap_Price_Glitch|Dec 15th - CoinMarketCap Price Glitch - $0k (Global)]]

[[Convex_Finance_Rug_Pull_Vulnerability|Dec 14th - Convex Finance Rug Pull Vulnerability - $0k (Global)]]

[[Approved_Bullfarm_Contract_dunkindosenuts|Dec 14th - Approved Bullfarm Contract dunkindosenuts - $7k (Global)]]

[[MetaMask_Wallet_Funds_Taken_anonymizeme|Dec 14th - MetaMask Wallet Funds Taken anonymizeme - $197k (Global)]]

[[Brinc_Finance_BRC_Smart_Contract_rescueTokens_Drain|Dec 13th - Brinc Finance BRC Smart Contract rescueTokens Drain - $1.105m (Global)]]

[[Vulcan_Forged_Venly_Wallets_Breached|Dec 12th - Vulcan Forged Venly Wallets Breached - $140m (Global)]]

[[Indian_Prime_Minister_Twitter_Hacked|Dec 11th - Indian Prime Minister Twitter Hacked - $Unknown (India)]]

[[Ascendex_Hot_Wallet_Hack|Dec 11th - Ascendex Hot Wallet Hack - $77.7m (Singapore)]]

[[YBY-ETORO_Phishing_and_Scamming|Dec 11th - YBY-ETORO Phishing and Scamming - $124k (Global)]]

[[Hinge_Romance_Scam_Niki_Hutchinson|Dec 10th - Hinge Romance Scam Niki Hutchinson - $390k (United States)]]

[[EthereansOS_White_Hat_Rug_Pull|Dec 9th - EthereansOS White Hat Rug Pull - $Unknown (Global)]]

[[Khamil1_MetaMask_Breach_Including_Strongblock|Dec 8th - Khamil1 MetaMask Breach Including Strongblock - $Unknown (Global)]]

[[BoosterToken_Malicious_Front-End|Dec 8th - BoosterToken Malicious Front-End - $73k (Global)]]

[[Pizza_DeFi_EOS_Spiderman_Hack_Incident|Dec 8th - Pizza DeFi EOS Spiderman Hack Incident - $5m (Global)]]

[[8ight_Finance_Private_Key_Leak|Dec 6th - 8ight Finance Private Key Leak - $1.75m (Global)]]

[[MetaMask_Redline_PDF_Spearphishing_Email_CryptoJordin|Dec 5th - MetaMask Redline PDF Spearphishing Email CryptoJordin - $2k (Global)]]

[[SolaKnights_Rug_Pull_Equivalent_Toe5454|Dec 4th - SolaKnights Rug Pull Equivalent_Toe5454 - $Unknown (Global)]]

[[BitMart_Hot_Wallet_Security_Breach|Dec 4th - BitMart Hot Wallet Security Breach - $196m (Cayman Islands)]]

[[Polygon_Critical_Exploit_Fixed|Dec 4th - Polygon Critical Exploit Fixed - $1.82m (Global)]]

[[Fake_Liquidity_Mining_Scams|Dec 3rd - Fake Liquidity Mining Scams - $Unknown (Global)]]

[[BadgerDAO_Malicious_Code_Injected|Dec 2nd - BadgerDAO Malicious Code Injected - $116.3m (Global)]]

[[CryptBot_within_KMSPico_Trojan|Dec 2nd - CryptBot within KMSPico Trojan - $Unknown (Global)]]

=== November 2021 ===
[[Coinbase_Shiba_Sim_Swap_Case_ethanhunt444|Nov 30th - Coinbase Shiba Sim Swap Case ethanhunt444 - $2k (Global)]]

[[WiseTumbleweed5448_MetaMask_Wallet_Hack|Nov 30th - WiseTumbleweed5448 MetaMask Wallet Hack - $6k (Global)]]

[[Bitcoin_Sent_To_Litecoin_Address_deepfloater|Nov 30th - Bitcoin Sent To Litecoin Address deepfloater - $Unknown (Global)]]

[[MonoX_Software_Bug|Nov 30th - MonoX Software Bug - $31m (Global)]]

[[Lazy_Bored_Ape_Rug_Pull|Nov 29th - Lazy Bored Ape Rug Pull - $391k (Global)]]

[[Fake_Mining_Company_On_Telegram_paradisemorlam|Nov 27th - Fake Mining Company On Telegram paradisemorlam - $5k (United States)]]

[[Lever_Network_Flash_Loan_Attack|Nov 26th - Lever Network Flash Loan Attack - $647k (Global)]]

[[Baby_Yooshi_Liquidity_Restrictions|Nov 26th - Baby Yooshi Liquidity Restrictions - $Unknown (Global)]]

[[SnowDog_DAO_Liquidity_Blocked|Nov 25th - SnowDog DAO Liquidity Blocked - $18.1m (Global)]]

[[Visor_Finance_Arbitrage_Attack|Nov 25th - Visor Finance Arbitrage Attack - $773k (Global)]]

[[Ploutoz_Finance_Oracle_Attack|Nov 23rd - Ploutoz Finance Oracle Attack - $365k (Global)]]

[[Ribbon_Finance_Accounting_Bug|Nov 23rd - Ribbon Finance Accounting Bug - $62k (Global)]]

[[Olympus_DAO_Team_Ops_Failure|Nov 23rd - Olympus DAO Team Ops Failure - $1.38m (Global)]]

[[Celo_Optics_Project_Team_Misconduct|Nov 23rd - Celo Optics Project Team Misconduct - $0k (Global)]]

[[MetaMask_MattoGio_Malware_Fund_Theft|Nov 22nd - MetaMask MattoGio Malware Fund Theft - $2k (Global)]]

[[HyperFund_Ponzi_Scheme|Nov 22nd - HyperFund Ponzi Scheme - $Unknown (Global)]]

[[Coinbase_Bank_Fees_z0mbiechris|Nov 21st - Coinbase Bank Fees z0mbiechris - $6k (United States)]]

[[Unlock_Protocol_Private_Key_Breach|Nov 21st - Unlock Protocol Private Key Breach - $5.011m (Global)]]

[[Formation_Finance_Flash_Loan_Vulnerability|Nov 20th - Formation Finance Flash Loan Vulnerability - $Unknown (Global)]]

[[Phantom_Galaxies_Discord_Malware_Attack|Nov 19th - Phantom Galaxies Discord Malware Attack - $1.1m (Global)]]

[[Coffin_Dollar_Stablecoin_Depegs|Nov 18th - Coffin Dollar Stablecoin Depegs - $2.212m (Global)]]

[[Darkcryptomoon_Ethereum_NFT_Con_Man|Nov 13th - Darkcryptomoon Ethereum NFT Con Man - $7k (Global)]]

[[Coinbase_Account_Breach_Phone_Theft_shotford11|Nov 11th - Coinbase Account Breach Phone Theft shotford11 - $Unknown (United States)]]

[[Beeple_Discord_Account_Hack|Nov 10th - Beeple Discord Account Hack - $176k (Global)]]

[[Curve_Finance_Governance_Attack|Nov 10th - Curve Finance Governance Attack - $46m (Global)]]

[[MOAR_Finance_Flash_Loan_Attack|Nov 10th - MOAR Finance Flash Loan Attack - $116k (Global)]]

[[EOracle_Ponzi_Scheme|Nov 10th - EOracle Ponzi Scheme - $Unknown (Global)]]

[[FomoEX_Ponzi_Scheme|Nov 10th - FomoEX Ponzi Scheme - $Unknown (Global)]]

[[Redline_Stealer_Malware|Nov 9th - Redline Stealer Malware - $Unknown (Global)]]

[[CoinSpot_Account_Hacked_borgy63|Nov 8th - CoinSpot Account Hacked borgy63 - $2k (Australia)]]

[[Telegram_Tips_Bot_@lntxbot_Hacked|Nov 6th - Telegram Tips Bot @lntxbot Hacked - $9k (Global)]]

[[Saddle_Finance_MetaSwap_Nerve/Synapse_Bridge_Exploit|Nov 6th - Saddle Finance MetaSwap Nerve/Synapse Bridge Exploit - $8.2m (Global)]]

[[Unspecified_Crypto_Scam_scammedsuicidalmoron|Nov 5th - Unspecified Crypto Scam scammedsuicidalmoron - $60k (United States)]]

[[bZx_Private_Key_Leak|Nov 5th - bZx Private Key Leak - $55.04m (Global)]]

[[Robinhood_Massive_Data_Breached|Nov 3rd - Robinhood Massive Data Breached - $0k (United States)]]

[[Vesper_Finance_Oracle_Attack|Nov 2nd - Vesper Finance Oracle Attack - $3.37m (Global)]]

[[Squid_Game_Token_Scam|Nov 1st - Squid Game Token Scam - $3.36m (Global)]]

=== October 2021 ===
[[Coin-Ether_Coinbase_Ethereum_Doubling_Offer|Oct 31st - Coin-Ether Coinbase Ethereum Doubling Offer - $26k (Global)]]

[[Kaiju_Kingz_Discord_Hacked|Oct 30th - Kaiju Kingz Discord Hacked - $70k (Global)]]

[[BXH_Exchange_Private_Key_Leak|Oct 30th - BXH Exchange Private Key Leak - $139.195m (China)]]

[[AutoShark_Finance_Flash_Loan_Attack|Oct 29th - AutoShark Finance Flash Loan Attack - $2m (Global)]]

[[AnubisDAO_Liquidity_Pulled|Oct 28th - AnubisDAO Liquidity Pulled - $60m (Global)]]

[[Cream_Finance_Lending_Attack|Oct 27th - Cream Finance Lending Attack - $130m (Global)]]

[[Ellipal_Lost_Wallet_Passphrase_nak22589|Oct 24th - Ellipal Lost Wallet Passphrase nak22589 - $50k (Global)]]

[[Alpha_Finance_Sandwich_Attack|Oct 23rd - Alpha Finance Sandwich Attack - $167k (Global)]]

[[PancakeHunny_Contract_Incident|Oct 20th - PancakeHunny Contract Incident - $1.9m (Global)]]

[[Avaterra_Finance_Minting_Vulnerability|Oct 20th - Avaterra Finance Minting Vulnerability - $391k (Global)]]

[[YouTube_Fake_Crypto_Doubling_Scams|Oct 20th - YouTube Fake Crypto Doubling Scams - $Unknown (Unknown)]]

[[NBA_Top_Shot_Discord_Phishing|Oct 19th - NBA Top Shot Discord Phishing - $56k (Global)]]

[[CreatureToadz_NFT_Theft|Oct 19th - CreatureToadz NFT Theft - $300k (Global)]]

[[WeDEX_Flash_Loan_Attack|Oct 18th - WeDEX Flash Loan Attack - $100k (Global)]]

[[IMX_Bears_Discord_Phishing|Oct 18th - IMX Bears Discord Phishing - $38k (Global)]]

[[MaskByte_Discord_Hacked|Oct 17th - MaskByte Discord Hacked - $Unknown (Global)]]

[[Glide_Finance_Contract_Typo|Oct 17th - Glide Finance Contract Typo - $300k (Global)]]

[[OpenSea_Hashmasks_Fake_Listing|Oct 17th - OpenSea Hashmasks Fake Listing - $Unknown (Global)]]

[[SolToadz_And_ZombieSolToadz_NFT_Rug_Pull|Oct 16th - SolToadz And ZombieSolToadz NFT Rug Pull - $1.7m (Global)]]

[[DiamondFxPro/DybitFX_Fake_Bitcoin_Broker_WonderWolf46|Oct 15th - DiamondFxPro/DybitFX Fake Bitcoin Broker WonderWolf46 - $3k (Global)]]

[[ZBG_Global_Pig_Butchering_Scam_ocean_preneur|Oct 14th - ZBG Global Pig Butchering Scam ocean_preneur - $40k (Global)]]

[[MekaVerse_NFT_Minting_Fraud_Accusation|Oct 14th - MekaVerse NFT Minting Fraud Accusation - $0k (Global)]]

[[Indexed_Finance_Pools_Emptied|Oct 14th - Indexed Finance Pools Emptied - $16m (Global)]]

[[Unlock_Protocol_Critical_Vulnerability|Oct 14th - Unlock Protocol Critical Vulnerability - $0k (Global)]]

[[CoinMarketCap_Database_Breach|Oct 12th - CoinMarketCap Database Breach - $0k (Global)]]

[[Karura_Parachain_Lost_Tokens|Oct 12th - Karura Parachain Lost Tokens - $3.5m (Global)]]

[[Coinbase_Account_Hacked_Live4toys|Oct 11th - Coinbase Account Hacked Live4toys - $16k (United States)]]

[[Pleasant_Hill_Bitcoin_ATM_Theft|Oct 11th - Pleasant Hill Bitcoin ATM Theft - $Unknown (Global)]]

[[Ornery_Maintenance_8_Malware_Attack_on_Windows_7|Oct 10th - Ornery_Maintenance_8 Malware Attack on Windows 7 - $2k (Global)]]

[[Alpha_Finance_Copycat_Rug_Pull|Oct 10th - Alpha Finance Copycat Rug Pull - $Unknown (Global)]]

[[DxDex_Airdrop_Phishing_Campaign|Oct 8th - DxDex Airdrop Phishing Campaign - $15m (Global)]]

[[Ribbon_Finance_Sybil_Attack|Oct 8th - Ribbon Finance Sybil Attack - $2.5m (Global)]]

[[Lido_Finance_Vulnerability|Oct 8th - Lido Finance Vulnerability - $71.513m (Global)]]

[[Silicon_Valley_Liquor_Bitcoin_ATM_Robbery|Oct 7th - Silicon Valley Liquor Bitcoin ATM Robbery - $Unknown (Global)]]

[[salmonfisker_Shibaswap_MetaMask_Phishing|Oct 6th - salmonfisker Shibaswap MetaMask Phishing - $7k (Global)]]

[[Solana_Towers_NFT_Rug_Pull|Oct 6th - Solana Towers NFT Rug Pull - $282k (Global)]]

[[My_Farm_Pet_Flash_Loan_Exploit|Oct 6th - My Farm Pet Flash Loan Exploit - $31k (Global)]]

[[Evolved_Apes_Rug_Pull|Oct 6th - Evolved Apes Rug Pull - $2.7m (Global)]]

[[DazeeNFT_Royalty_Free_Artwork_Resold|Oct 5th - DazeeNFT Royalty Free Artwork Resold - $Unknown (Global)]]

[[Polygon_Double_Spend_Vulnerability|Oct 5th - Polygon Double Spend Vulnerability - $0k (Global)]]

[[Compound_Incorrect_Reward_Calculation_Bug|Oct 3rd - Compound Incorrect Reward Calculation Bug - $148.8m (Global)]]

[[Oski_Stealer_Malware|Oct 3rd - Oski Stealer Malware - $Unknown (Global)]]

[[GravyScale_Fraudulent_Investment|Oct 2nd - GravyScale Fraudulent Investment - $Unknown (Global)]]

[[Baller_Ape_Club_Rug_Pull|Oct 1st - Baller Ape Club Rug Pull - $2.6m (Global)]]

[[Coinbase_Ethereum_Address_Typo_Miserable_Earth5856|Oct 1st - Coinbase Ethereum Address Typo Miserable_Earth5856 - $2k (Global)]]

[[AutoShark_Finance_Swap_Mining_Vulnerability|Oct 1st - AutoShark Finance Swap Mining Vulnerability - $581k (Global)]]

=== September 2021 ===
[[IconicsSOL_NFT_Emojis_Rug_Pull|Sep 30th - IconicsSOL NFT Emojis Rug Pull - $138k (Global)]]

[[Masad_Clipper_And_Stealer_Malware|Sep 29th - Masad Clipper And Stealer Malware - $Unknown (Global)]]

[[Coinbase_Hack_Despite_2FA_BradlyL|Sep 27th - Coinbase Hack Despite 2FA BradlyL - $3k (Global)]]

[[DeversiFI_EIP-1559_EthereumJS_Fee_Bug|Sep 27th - DeversiFI EIP-1559 EthereumJS Fee Bug - $22.534m (Global)]]

[[CyberShibas_NFT_Website_Disappears|Sep 25th - CyberShibas NFT Website Disappears - $Unknown (Global)]]

[[Bitcoin.org_Double_Your_Cash_Scam|Sep 22nd - Bitcoin.org Double Your Cash Scam - $18k (Global)]]

[[Alpha_Finance_Phishing_Site_on_Google|Sep 20th - Alpha Finance Phishing Site on Google - $Unknown (Global)]]

[[Vee_Finance_Price_Oracle_Manipulation|Sep 20th - Vee Finance Price Oracle Manipulation - $35m (Global)]]

[[PNetwork_Faulty_TX_Processing|Sep 19th - PNetwork Faulty TX Processing - $12.5m (Global)]]

[[SushiSwap_MISO_Jaypegs_Automart|Sep 16th - SushiSwap MISO Jaypegs Automart - $3.1m (Global)]]

[[Defibox_Hack_Despite_Double_Audit|Sep 16th - Defibox Hack Despite Double Audit - $24k (Global)]]

[[NowSwap_Protocol_Logic_Error|Sep 15th - NowSwap Protocol Logic Error - $1.069m (Global)]]

[[GrowingFi_Withdraw_Not_Checked|Sep 14th - GrowingFi Withdraw Not Checked - $1.2m (Global)]]

[[Secret_Swap_Secret_Breach|Sep 13th - Secret Swap Secret Breach - $Unknown (Global)]]

[[Zabu_Finance_Staking_Calculation_Bug|Sep 12th - Zabu Finance Staking Calculation Bug - $3.2m (Global)]]

[[Ledger_Wallet_Cleared_Out_TuckerCR|Sep 11th - Ledger Wallet Cleared Out TuckerCR - $350k (Global)]]

[[AFK_Finance_Goes_AFK|Sep 10th - AFK Finance Goes AFK - $12m (Global)]]

[[OpenZeppelin_UUPS_Proxy_Initialization_Vulnerability|Sep 9th - OpenZeppelin UUPS Proxy Initialization Vulnerability - $0k (Global)]]

[[dYdX_Pledge_Contract_Bug|Sep 9th - dYdX Pledge Contract Bug - $1.992m (Global)]]

[[Convex_Finance_Malicious_Search_Results|Sep 7th - Convex Finance Malicious Search Results - $Unknown (Global)]]

[[IDEEX_VIP_Scammed_Out_Of_Life_Savings_sirarteaga|Sep 5th - IDEEX VIP Scammed Out Of Life Savings sirarteaga - $50k (Global)]]

[[CoinPryme_Fraudulent_Investment_Platform|Sep 5th - CoinPryme Fraudulent Investment Platform - $Unknown (Global)]]

[[CME_Group_Fake_Investment_Website_chauchau899|Sep 4th - CME Group Fake Investment Website chauchau899 - $10k (Global)]]

[[DAO_Maker_Insufficient_Authentication|Sep 3rd - DAO Maker Insufficient Authentication - $4m (Global)]]

[[Siren_Market_Reentrancy_Bug|Sep 2nd - Siren Market Reentrancy Bug - $3.5m (Global)]]

[[YouTube_Live_Stream_Doubling_Scam|Sep 1st - YouTube Live Stream Doubling Scam - $75k (Global)]]

[[CryptoShares_Pyramid_Scheme|Sep 1st - CryptoShares Pyramid Scheme - $6m (Zimbabwe)]]

=== August 2021 ===
[[Banksy_Fake_NFT_Sale_on_OpenSea|Aug 31st - Banksy Fake NFT Sale on OpenSea - $336k (Global)]]

[[Cream_Finance_Reentrancy_Bug|Aug 30th - Cream Finance Reentrancy Bug - $18.8m (Global)]]

[[xToken_Function_Access_Control_Exploit|Aug 29th - xToken Function Access Control Exploit - $4.5m (Global)]]

[[Bilaxy_Hot_Wallet_Breach|Aug 29th - Bilaxy Hot Wallet Breach - $21.709m (Seychelles)]]

[[OpenSea_sohrobf_Fake_Support_Scam|Aug 25th - OpenSea sohrobf Fake Support Scam - $543k (Global)]]

[[IOTX_Official_Support_Private_Key_Theft_gan572|Aug 25th - IOTX Official Support Private Key Theft gan572 - $18k (Global)]]

[[Dot_Finance_Minting_Vulnerability|Aug 25th - Dot Finance Minting Vulnerability - $429k (Global)]]

[[AB_Finance_Airdrop_Scam|Aug 25th - AB Finance Airdrop Scam - $Unknown (Global)]]

[[Coinbase_Vidovic_Account_Sim_Swap|Aug 24th - Coinbase Vidovic Account Sim Swap - $169k (United States)]]

[[OpenSea_Fake_Support_Accounts|Aug 23rd - OpenSea Fake Support Accounts - $15k (Global)]]

[[Luna_Yield_Rug_Pull|Aug 21st - Luna Yield Rug Pull - $6.7m (Global)]]

[[OpenZeppelin_Timelock_Reentrancy_Vulnerability|Aug 21st - OpenZeppelin Timelock Reentrancy Vulnerability - $0k (Global)]]

[[Stake.com_Phishing_Attack_Advanced_Ad3497|Aug 20th - Stake.com Phishing Attack Advanced_Ad3497 - $8k (Global)]]

[[BSCToken_Scam_Website|Aug 19th - BSCToken Scam Website - $Unknown (Global)]]

[[Solend_Insecure_Authentication_Check|Aug 19th - Solend Insecure Authentication Check - $16k (Global)]]

[[Pinecone_Finance_Deflation_Hack|Aug 18th - Pinecone Finance Deflation Hack - $200k (Global)]]

[[Liquid_Warm_Wallet_Liquidated|Aug 18th - Liquid Warm Wallet Liquidated - $91.35m (Japan)]]

[[LCTP_Global_Pig_Butchering_Scam|Aug 17th - LCTP Global Pig Butchering Scam - $Unknown (Global)]]

[[SushiSwap_MISO_White_Hat_Diffusal|Aug 16th - SushiSwap MISO White Hat Diffusal - $0k (Global)]]

[[XSurge_Reentrancy_Attack|Aug 16th - XSurge Reentrancy Attack - $5m (Global)]]

[[Ref_Finance_Logic_Error|Aug 14th - Ref Finance Logic Error - $3.2m (Global)]]

[[Curve_Bribe_Exploit|Aug 14th - Curve Bribe Exploit - $117k (Global)]]

[[Pixel-Track_Hex_Tokens_Stolen|Aug 13th - Pixel-Track Hex Tokens Stolen - $121k (Global)]]

[[Dao_Maker_Exploit|Aug 12th - Dao Maker Exploit - $7m (Global)]]

[[HenryTheGrape/_Shazbot_/YodaNFT_Wallet_Compromised|Aug 11th - HenryTheGrape/__Shazbot__/YodaNFT Wallet Compromised - $110k (Global)]]

[[Poly_Network_Validation_Error|Aug 10th - Poly Network Validation Error - $611m (Global)]]

[[Punk_Protocol_Reinitialized|Aug 10th - Punk Protocol Reinitialized - $8.95m (Global)]]

[[Zerogoki_Price_Oracle_Compromised|Aug 8th - Zerogoki Price Oracle Compromised - $670k (Global)]]

[[OpenSea_Fraudulent_NFT_Listing|Aug 7th - OpenSea Fraudulent NFT Listing - $Unknown (Global)]]

[[Wault_Finance_Stablecoin_Peg_Logic_Error|Aug 4th - Wault Finance Stablecoin Peg Logic Error - $816k (Global)]]

[[Casper_DeFi_Malicious_Backdoor_Mint|Aug 4th - Casper DeFi Malicious Backdoor Mint - $172k (Global)]]

[[Popsicle_Finance_Reward_Calculation_Error|Aug 3rd - Popsicle Finance Reward Calculation Error - $20.7m (Global)]]

[[BSV_51%_Attack_Repelled|Aug 3rd - BSV 51% Attack Repelled - $0k (Global)]]

[[Fake_Ronin_Wallet_ainamania|Aug 1st - Fake Ronin Wallet ainamania - $3k (Global)]]

=== July 2021 ===
[[DiegoPapi6_TrustWallet_Theft|Jul 31st - DiegoPapi6 TrustWallet Theft - $8k (Global)]]

[[Levyathan_Private_Key_Leak|Jul 30th - Levyathan Private Key Leak - $1.5m (Global)]]

[[Another_Bitcoin_Trader_Theft|Jul 28th - Another Bitcoin Trader Theft - $523k (Hong Kong)]]

[[Castleswap_Finance_Ready_For_Rug_Pull|Jul 28th - Castleswap Finance Ready For Rug Pull - $0k (Global)]]

[[CostPayIn_Dating_Scam_UCruz87|Jul 27th - CostPayIn Dating Scam UCruz87 - $12k (Global)]]

[[PolyYeld_Finance_xYeld_Exploit|Jul 27th - PolyYeld Finance xYeld Exploit - $250k (Global)]]

[[Bitcomex_Valid_Withdrawals_Pig_Butchering_pf_12345|Jul 23rd - Bitcomex Valid Withdrawals Pig Butchering pf_12345 - $10k (United States)]]

[[EZWebx_Scam_Exchange_jonathan0402|Jul 23rd - EZWebx Scam Exchange jonathan0402 - $Unknown (Global)]]

[[ThorChain_Origin_Flaw_Airdrop_Scam|Jul 23rd - ThorChain Origin Flaw Airdrop Scam - $76k (Global)]]

[[Dogecoin_Investment_Platform_Scam_Biggy437|Jul 23rd - Dogecoin Investment Platform Scam Biggy437 - $15k (Global)]]

[[ThorChain_ETH_Router_Flaw|Jul 22nd - ThorChain ETH Router Flaw - $8m (Global)]]

[[Coinskale_Dogecoin_Staking_Scam_Website_Tradegrow|Jul 21st - Coinskale Dogecoin Staking Scam Website Tradegrow - $20k (Australia)]]

[[Sanshu_Inu_Deflation_Flaw|Jul 20th - Sanshu Inu Deflation Flaw - $111k (Global)]]

[[TrustWallet_Twitter_Phishing_Attack_LouBapMarketing|Jul 19th - TrustWallet Twitter Phishing Attack LouBapMarketing - $245k (Global)]]

[[Array_Finance_Price_Calculation_Error|Jul 19th - Array Finance Price Calculation Error - $515k (Global)]]

[[Coinbase_Unauthorized_Bank_Access|Jul 19th - Coinbase Unauthorized Bank Access - $50k (United States)]]

[[PancakeBunny_Reward_Calculation_Bug|Jul 16th - PancakeBunny Reward Calculation Bug - $2.402m (Global)]]

[[Finiko_Ponzi_Scheme|Jul 16th - Finiko Ponzi Scheme - $1.5b (Russia)]]

[[ThorChain_Chaosnet_Exploit|Jul 15th - ThorChain Chaosnet Exploit - $7.6m (Global)]]

[[Bondly_Finance_Admin_Wallet_Compromise|Jul 14th - Bondly Finance Admin Wallet Compromise - $5.9m (Global)]]

[[Midas_Dollar_V2_Peg_Not_Established|Jul 13th - Midas Dollar V2 Peg Not Established - $Unknown (Global)]]

[[Animal_Shelter_Long_Haul_Scammer_lendingaccount|Jul 13th - Animal Shelter Long Haul Scammer lendingaccount - $240k (United States)]]

[[Ape_Rocket_Finance_Reward_Bug|Jul 13th - Ape Rocket Finance Reward Bug - $1.26m (Global)]]

[[MetaMask_Hack_Recovery_007happyguy_amanusk|Jul 12th - MetaMask Hack Recovery 007happyguy amanusk_ - $140k (Global)]]

[[DeFiPie_Nested_Borrows|Jul 12th - DeFiPie Nested Borrows - $Unknown (Global)]]

[[DAFI_Protocol_ChainSwap_Attack|Jul 11th - DAFI Protocol ChainSwap Attack - $200k (Global)]]

[[DAO_Ventures_ChainSwap_Exploit|Jul 11th - DAO Ventures ChainSwap Exploit - $35k (Global)]]

[[Umbrella_Network_ChainSwap_Exploit|Jul 11th - Umbrella Network ChainSwap Exploit - $417k (Global)]]

[[Dora_Factory_ChainSwap_Exploit|Jul 11th - Dora Factory ChainSwap Exploit - $42k (Global)]]

[[Defi_Plaza_Integer_Overflow|Jul 11th - Defi Plaza Integer Overflow - $1.1m (Global)]]

[[ANTIMatter_Finance_ChainSwap_Breach|Jul 11th - ANTIMatter Finance ChainSwap Breach - $Unknown (Global)]]

[[CORRA_Finance_ChainSwap_Breach|Jul 11th - CORRA Finance ChainSwap Breach - $Unknown (Global)]]

[[FM_Gallery_ChainSwap_Breach|Jul 11th - FM Gallery ChainSwap Breach - $Unknown (Global)]]

[[FEI_Protocol_ChainSwap_Breach|Jul 11th - FEI Protocol ChainSwap Breach - $Unknown (Global)]]

[[PERI_Finance_ChainSwap_Breach|Jul 11th - PERI Finance ChainSwap Breach - $Unknown (Global)]]

[[WorkQuest_ChainSwap_Breach|Jul 11th - WorkQuest ChainSwap Breach - $Unknown (Global)]]

[[Unifarm_ChainSwap_Breach|Jul 11th - Unifarm ChainSwap Breach - $1.408m (Global)]]

[[Nord_Finance_ChainSwap_Breach|Jul 11th - Nord Finance ChainSwap Breach - $1.135m (Global)]]

[[OroPocket_ChainSwap_Breach|Jul 11th - OroPocket ChainSwap Breach - $98k (Global)]]

[[KwikSwap_ChainSwap_Breach|Jul 11th - KwikSwap ChainSwap Breach - $Unknown (Global)]]

[[Vortex_ChainSwap_Breach|Jul 11th - Vortex ChainSwap Breach - $68k (Global)]]

[[Rai_Finance_ChainSwap_Breach|Jul 11th - Rai Finance ChainSwap Breach - $530k (Global)]]

[[Sakeswap_ChainSwap_Breach|Jul 11th - Sakeswap ChainSwap Breach - $54k (Global)]]

[[AnySwap_ECDSA_Exploit|Jul 10th - AnySwap ECDSA Exploit - $7.8m (Global)]]

[[1Inch_Exchange_Fake_Mobile_Application_Brandon_Larsen|Jul 9th - 1Inch Exchange Fake Mobile Application Brandon Larsen - $384k (United States)]]

[[Helios_Cash_Runs_Off|Jul 8th - Helios Cash Runs Off - $1.447m (Global)]]

[[Bitmart_BSV_51%_Attack|Jul 8th - Bitmart BSV 51% Attack - $Unknown (Cayman Islands)]]

[[Fake_Crypto_Mining_Applications_on_Google_Play|Jul 7th - Fake Crypto Mining Applications on Google Play - $350k (Global)]]

[[Overflow0X_Physical_Cryptocurrency_Robbery|Jul 3rd - Overflow0X Physical Cryptocurrency Robbery - $Unknown (Morocco)]]

[[Fake_MetaMask_Ethereum_Theft_Boxman212|Jul 3rd - Fake MetaMask Ethereum Theft Boxman212 - $2k (Global)]]

[[DEXTools_Token_Minting|Jul 3rd - DEXTools Token Minting - $1.2m (Global)]]

[[ChainSwap_ETH_Exploit|Jul 2nd - ChainSwap ETH Exploit - $800k (Global)]]

[[DDEX_XDX_Swap_Backdoor|Jul 1st - DDEX XDX Swap Backdoor - $5m (Global)]]

=== June 2021 ===
[[Raelene_Vandenbosch_Rogers_Kiosk_SIM_Swap_Shakepay_Ledger|Jun 30th - Raelene Vandenbosch Rogers Kiosk SIM Swap Shakepay Ledger - $535k (Canada)]]

[[Haven_Protocol_Triple_Attack|Jun 29th - Haven Protocol Triple Attack - $11.6m (Global)]]

[[Merlin_Labs_Profit_Inflation_Vulnerability|Jun 29th - Merlin Labs Profit Inflation Vulnerability - $330k (Global)]]

[[Yearn_Finance_Liquidation_Vulnerability|Jun 29th - Yearn Finance Liquidation Vulnerability - $Unknown (Global)]]

[[NFTX_Asset_Validation_Error|Jun 29th - NFTX Asset Validation Error - $13k (Global)]]

[[ThorChain_ETH_Bifrost_Exploit|Jun 28th - ThorChain ETH Bifrost Exploit - $140k (Global)]]

[[SafeDollar_Reward_Logic_Exploited|Jun 27th - SafeDollar Reward Logic Exploited - $250k (Global)]]

[[Pods_Finance_Logic_Error_Fixed|Jun 25th - Pods Finance Logic Error Fixed - $0k (Global)]]

[[xWin_Finance_Flash_Loan_Attack|Jun 24th - xWin Finance Flash Loan Attack - $270k (Global)]]

[[Mushroom_Finance_Logic_Error|Jun 23rd - Mushroom Finance Logic Error - $635k (Global)]]

[[StableMagnet_Exit_Scam|Jun 23rd - StableMagnet Exit Scam - $27m (Global)]]

[[SharedStake_TimeLock_Vulnerabilities|Jun 23rd - SharedStake TimeLock Vulnerabilities - $500k (Global)]]

[[Yoroi_Hot_Wallet_Drained_EchoLake90|Jun 22nd - Yoroi Hot Wallet Drained EchoLake90 - $5k (Global)]]

[[StakeHound_Got_FireBlocked|Jun 22nd - StakeHound Got FireBlocked - $75m (Switzerland)]]

[[Eleven_Finance_Logic_Exploit|Jun 22nd - Eleven Finance Logic Exploit - $4.8m (Global)]]

[[Impossible_Finance_Fake_Token_Drain|Jun 21st - Impossible Finance Fake Token Drain - $700k (Global)]]

[[Popit_Finance_Rug_Pull|Jun 21st - Popit Finance Rug Pull - $Unknown (Global)]]

[[Coach_K_Defrauded_Investment_Phishing|Jun 21st - Coach K Defrauded Investment Phishing - $250k (Thailand)]]

[[SafeDollar_First_Exploit|Jun 20th - SafeDollar First Exploit - $95k (Global)]]

[[Pension_Investment_Fraud_Teresa_Jackson|Jun 19th - Pension Investment Fraud Teresa Jackson - $155k (Global)]]

[[Visor_Finance_Emergency_Withdrawal|Jun 19th - Visor Finance Emergency Withdrawal - $500k (Global)]]

[[BeetsFarm_Finance_Exit_Scam|Jun 17th - BeetsFarm Finance Exit Scam - $146k (Global)]]

[[Ledger_More_Fake_Hardware_Wallets|Jun 17th - Ledger More Fake Hardware Wallets - $Unknown (Global)]]

[[BradoIlleszt_MetaMask_Phishing_Loss|Jun 16th - BradoIlleszt MetaMask Phishing Loss - $19k (Canada)]]

[[Michael_Saylor_Bitcoin_Scam_Siamese_Kalu|Jun 16th - Michael Saylor Bitcoin Scam Siamese_Kalu - $77k (Global)]]

[[Alchemix_alETH_%22Rug_Put%22|Jun 16th - Alchemix alETH "Rug Put" - $6.53m (Global)]]

[[Iron_Finance_Titan_Stablecoin_Collapses|Jun 16th - Iron Finance Titan Stablecoin Collapses - $2b (Global)]]

[[KetchupSwap_Deflationary_Token_Mishandling|Jun 16th - KetchupSwap Deflationary Token Mishandling - $Unknown (Global)]]

[[Lokum_Finance|Jun 16th - Lokum Finance - $Unknown (Global)]]

[[YBear_Finance|Jun 16th - YBear Finance - $Unknown (Global)]]

[[CaramelSwap|Jun 16th - CaramelSwap - $Unknown (Global)]]

[[GoCerberus|Jun 16th - GoCerberus - $Unknown (Global)]]

[[Garuda_Swap|Jun 16th - Garuda Swap - $Unknown (Global)]]

[[Mayo_Swap_Deflationary_Hack|Jun 16th - Mayo Swap Deflationary Hack - $Unknown (Global)]]

[[Bitcoin_Trader_Sprayed_In_Eyes|Jun 15th - Bitcoin Trader Sprayed In Eyes - $318k (Hong Kong)]]

[[In_Person_Filecoin_Fraud_in_Hong_Kong|Jun 15th - In Person Filecoin Fraud in Hong Kong - $15.9m (Hong Kong)]]

[[Unified_Stable_Dollar_Suspended|Jun 15th - Unified Stable Dollar Suspended - $35k (Global)]]

[[Cream_Finance_Mining_Reward_Bug|Jun 13th - Cream Finance Mining Reward Bug - $100k (Global)]]

[[EvoDefi_Lightning_Loan_Breach|Jun 10th - EvoDefi Lightning Loan Breach - $1000k (Global)]]

[[CryptoStair_Ponzi_Scheme|Jun 10th - CryptoStair Ponzi Scheme - $Unknown (Global)]]

[[Coinbase_Lawsuit_People_Locked_From_Accounts|Jun 9th - Coinbase Lawsuit People Locked From Accounts - $Unknown (United States)]]

[[PolyGold_Finance_Exits|Jun 9th - PolyGold Finance Exits - $13m (Global)]]

[[Zapper_Arbitrary_Payload_Exploit|Jun 9th - Zapper Arbitrary Payload Exploit - $0k (Global)]]

[[88MPH_Init_Vulnerability|Jun 7th - 88MPH Init Vulnerability - $6.5m (Global)]]

[[MetaMask_Wallet_Cleaned_Out_echodelta79|Jun 5th - MetaMask Wallet Cleaned Out echodelta79 - $3k (Global)]]

[[PolyWeed_Withdrawal_Fee_Rug_Pull|Jun 5th - PolyWeed Withdrawal Fee Rug Pull - $223k (Global)]]

[[EspianGlobal_Ponzi_Scheme|Jun 5th - EspianGlobal Ponzi Scheme - $Unknown (Global)]]

[[PolyButterfly_Flies_Away|Jun 4th - PolyButterfly Flies Away - $1.5m (Global)]]

[[Apymon_Rug_Pull|Jun 3rd - Apymon Rug Pull - $2.277m (Global)]]

[[PancakeHunny_Liquidity_Pool_Drained|Jun 2nd - PancakeHunny Liquidity Pool Drained - $100k (Global)]]

=== May 2021 ===
[[Belt_Finance_Untightens_Itself|May 28th - Belt Finance Untightens Itself - $6.3m (Global)]]

[[Toast_Wallet_Plus_Malicious_IPhone_App|May 27th - Toast Wallet Plus Malicious IPhone App - $500k (Global)]]

[[JulSwap_Wasn't_Hacked|May 27th - JulSwap Wasn't Hacked - $181k (Global)]]

[[BurgerSwap_Goes_Hungry|May 27th - BurgerSwap Goes Hungry - $7.2m (Global)]]

[[Wild_Credit_Minting_Exploit|May 27th - Wild Credit Minting Exploit - $637k (Global)]]

[[Merlin_Labs_Flashed|May 26th - Merlin Labs Flashed - $1.23m (Global)]]

[[Qubit_Life_Ponzi_Scheme|May 26th - Qubit Life Ponzi Scheme - $Unknown (Global)]]

[[AutoShark_Economic_Exploit|May 24th - AutoShark Economic Exploit - $745k (Global)]]

[[Bogged_Finance_Emptying|May 23rd - Bogged Finance Emptying - $3.6m (Global)]]

[[ShibaSwap_Phishing_Site|May 22nd - ShibaSwap Phishing Site - $39k+ (Global)]]

[[Defi100_Pretend_Exit_Scam|May 22nd - Defi100 Pretend Exit Scam - $32m (Global)]]

[[Mushroom_Finance_Yield_Manipulation_Theft|May 20th - Mushroom Finance Yield Manipulation Theft - $4k (Global)]]

[[whitemam8a_MetaMask_DuckDuckGo_Phishing_Scam|May 19th - whitemam8a MetaMask DuckDuckGo Phishing Scam - $79k (Global)]]

[[PancakeBunny_Flash_Arbitrage|May 19th - PancakeBunny Flash Arbitrage - $200m (Global)]]

[[BlockFi_Sends_Free_Bitcoin|May 19th - BlockFi Sends Free Bitcoin - $10m (United States)]]

[[Venus_Finance_Liquidity_Failure|May 18th - Venus Finance Liquidity Failure - $145m (Global)]]

[[FinNexus_Finished|May 17th - FinNexus Finished - $7m (Global)]]

[[CheapETH_51%_Attack_Demonstration|May 17th - CheapETH 51% Attack Demonstration - $0k (Global)]]

[[BEarnFi_BVaults_Exploited|May 16th - BEarnFi BVaults Exploited - $17.939m (Global)]]

[[CoinBase_6000_Users_Robbed|May 15th - CoinBase 6000 Users Robbed - $Unknown (United States)]]

[[Hinge_Dating_App_Xau_Gold_Investments_nholding|May 15th - Hinge Dating App Xau Gold Investments nholding - $25k (Global)]]

[[EOS_SX_Vault_Breach|May 14th - EOS SX Vault Breach - $13.432m (Global)]]

[[BDollar_V2_(BDOV2)_Dollar_Fails_To_Peg|May 13th - BDollar V2 (BDOV2) Dollar Fails To Peg - $34.096m (Global)]]

[[Elon_Musk_Doubling_Scam_Julie_Bushnell|May 13th - Elon Musk Doubling Scam Julie Bushnell - $11k (United Kingdom)]]

[[Fei_Protocol_Uniswap_Price_Manipulation|May 13th - Fei Protocol Uniswap Price Manipulation - $0k (Global)]]

[[Elon_Musk_Doubling_Scam_Ms_Bushnell|May 13th - Elon Musk Doubling Scam Ms Bushnell - $11k (United Kingdom)]]

[[XToken_Breached|May 12th - XToken Breached - $24.5m (Global)]]

[[WaterMine_Ponzi_Scheme|May 11th - WaterMine Ponzi Scheme - $Unknown (Global)]]

[[Ledger_Fake_Hardware_Wallets|May 10th - Ledger Fake Hardware Wallets - $Unknown (Global)]]

[[Coinbase_Deposit_BSC_Wrapped_Ethereum_Spooky007x|May 8th - Coinbase Deposit BSC Wrapped Ethereum Spooky007x - $2k (United States)]]

[[Rari_Capital_Hack|May 8th - Rari Capital Hack - $11m (Global)]]

[[Larva_Labs’_Meebits_NFT_Hack|May 8th - Larva Labs’ Meebits NFT Hack - $765k (Global)]]

[[Value_DeFi_Fire_Sale|May 7th - Value DeFi Fire Sale - $11m (Global)]]

[[Iron_Finance_Irony|May 7th - Iron Finance Irony - $11m (Global)]]

[[Tanabata_Finance/Taba_Finance_Exit_Scam|May 6th - Tanabata Finance/Taba Finance Exit Scam - $3k (Global)]]

[[Value_DeFi_On_Sale_Again|May 5th - Value DeFi On Sale Again - $10m (Global)]]

[[BitBuy_Korea_Exit_Scam|May 3rd - BitBuy Korea Exit Scam - $Unknown (South Korea)]]

[[Spartan_Protocol_Hack|May 1st - Spartan Protocol Hack - $30.5m (Global)]]

[[Coinbase_Phishing_Attacks|May 1st - Coinbase Phishing Attacks - $Unknown (United States)]]

=== April 2021 ===
[[Vine_Protocol_Airdrop_Scam|Apr 30th - Vine Protocol Airdrop Scam - $Unknown (Global)]]

[[HotBit_Downtime_and_Privacy_Breach|Apr 29th - HotBit Downtime and Privacy Breach - $0k (China)]]

[[DelicacyDefi_Rug_Pull|Apr 27th - DelicacyDefi Rug Pull - $Unknown (Global)]]

[[PancakeSwap_Lottery_Bug_Fixed|Apr 27th - PancakeSwap Lottery Bug Fixed - $700k (Global)]]

[[ApeSwap_Lottery_Bug_Fixed|Apr 27th - ApeSwap Lottery Bug Fixed - $Unknown (Global)]]

[[PantherSwap_Lottery_Bug_Fixed|Apr 27th - PantherSwap Lottery Bug Fixed - $Unknown (Global)]]

[[Knights_Defi_Lottery_Bug_Fixed|Apr 27th - Knights Defi Lottery Bug Fixed - $Unknown (Global)]]

[[VeBitcoin_Shuts_Down|Apr 24th - VeBitcoin Shuts Down - $Unknown (Turkey)]]

[[Uranium_Finance_Hack|Apr 24th - Uranium Finance Hack - $57.2m (Global)]]

[[Moose_Money_Never_Launched|Apr 23rd - Moose Money Never Launched - $130k (Global)]]

[[Thodex_CEO_Flees_Collapse|Apr 22nd - Thodex CEO Flees Collapse - $2b (Turkey)]]

[[Moonhere_%22Fair_Launch%22_Exit_Scam|Apr 20th - Moonhere "Fair Launch" Exit Scam - $110k (Global)]]

[[MetaMask_Phishing_Reddit_CannierMist775|Apr 20th - MetaMask Phishing Reddit CannierMist775 - $7k (Global)]]

[[EasyFi's_Easy_Finishing|Apr 19th - EasyFi's Easy Finishing - $126m (Unknown)]]

[[AfriCrypt_Platform_%22Hacked%22|Apr 19th - AfriCrypt Platform "Hacked" - $2.3b (South Africa)]]

[[Cryptoption_Exit_Scam|Apr 19th - Cryptoption Exit Scam - $189k (Global)]]

[[Midas_Dollar_Peg_Lost|Apr 19th - Midas Dollar Peg Lost - $1.733m (Global)]]

[[Category_Thin_Jewelry_Cabinet_Seed_Phrase_Theft|Apr 18th - Category_Thin Jewelry Cabinet Seed Phrase Theft - $447k (United States)]]

[[Ex-Boyfriend_Deleted_External_Wallet|Apr 17th - Ex-Boyfriend Deleted External Wallet - $200k (United States)]]

[[SexyAPY_Rug_Pull|Apr 16th - SexyAPY Rug Pull - $114k (Global)]]

[[Celsius_Network_Phishing_Attack|Apr 14th - Celsius Network Phishing Attack - $Unknown (United States)]]

[[PancakeSwap_Cake_Minted|Apr 12th - PancakeSwap Cake Minted - $1.8m (Global)]]

[[MetaMask_Wallet_Hacked_Wal_gh|Apr 11th - MetaMask Wallet Hacked Wal_gh - $3k (Global)]]

[[NoaSwap_Rug_Pull|Apr 11th - NoaSwap Rug Pull - $Unknown (Global)]]

[[Coinbase_Blumetti_Account_Sim_Swap|Apr 7th - Coinbase Blumetti Account Sim Swap - $503k (United States)]]

[[Uranium_Finance_Logic_Bug|Apr 7th - Uranium Finance Logic Bug - $1.5m (Global)]]

[[Monster_Slayer_Finance_Rug_Pull|Apr 6th - Monster Slayer Finance Rug Pull - $2.317m (Global)]]

[[Mozart_Finance_Developer_Exploit|Apr 5th - Mozart Finance Developer Exploit - $Unknown (Global)]]

[[Force_DAO_Hedge_Fund_Hack|Apr 4th - Force DAO Hedge Fund Hack - $367k (Global)]]

=== March 2021 ===
[[XMiner.io_Cloud_Mining_Scam|Mar 31st - XMiner.io Cloud Mining Scam - $Unknown (Global)]]

[[Trezor_Fake_Iphone_App_Phillipe_Christodoulou|Mar 30th - Trezor Fake Iphone App Phillipe Christodoulou - $600k (Global)]]

[[In_Person_Argentina_Theft|Mar 25th - In Person Argentina Theft - $6k (Argentina)]]

[[RizeSwap_Exiting|Mar 25th - RizeSwap Exiting - $50k (Global)]]

[[Minswap_Liquidity_Draining_Vulnerability|Mar 25th - Minswap Liquidity Draining Vulnerability - $0k (Global)]]

[[bDollar_(BDO)_Stablecoin_Peg_Lost|Mar 24th - bDollar (BDO) Stablecoin Peg Lost - $120m (Global)]]

[[Men_Robbed_Over_Bitcoin_Trade|Mar 23rd - Men Robbed Over Bitcoin Trade - $495k (Hong Kong)]]

[[Ledger_Keepass_Keylogger_Bitcoin_Theft|Mar 23rd - Ledger Keepass Keylogger Bitcoin Theft - $3k (Unknown)]]

[[Nexo_Disabling_Withdrawals_Forcing_Token_Sale|Mar 22nd - Nexo Disabling Withdrawals Forcing Token Sale - $58.35m (Global)]]

[[SageSwap_Rug_Pull|Mar 20th - SageSwap Rug Pull - $32k (Global)]]

[[MetaMask_Konomi_Hoge_Xbase_Theft_ICEINTHENICE|Mar 20th - MetaMask Konomi Hoge Xbase Theft ICEINTHENICE - $3k (Global)]]

[[SIL_Finance_Permissions_Exploit|Mar 19th - SIL Finance Permissions Exploit - $12.151m (Global)]]

[[TurtleDex_Exits_with_User_Funds|Mar 18th - TurtleDex Exits with User Funds - $2.5m (Global)]]

[[SheepSwap_Finance_Disappears|Mar 17th - SheepSwap Finance Disappears - $Unknown (Global)]]

[[In_Person_German_Theft|Mar 16th - In Person German Theft - $112k (Germany)]]

[[BNBStake_Ponzi_Smart_Contract|Mar 16th - BNBStake Ponzi Smart Contract - $Unknown (Global)]]

[[Iron_Finance_Burned|Mar 16th - Iron Finance Burned - $170k (Global)]]

[[PancakeSwap_DNS_Hijack|Mar 15th - PancakeSwap DNS Hijack - $Unknown (Global)]]

[[Cream_Finance_DNS_Hijack|Mar 15th - Cream Finance DNS Hijack - $Unknown (Global)]]

[[CoinBase_Account_Compromised_jerecock|Mar 14th - CoinBase Account Compromised jerecock - $11k (Global)]]

[[CyberFi_Phishing_Attack_BetItAllJonny|Mar 14th - CyberFi Phishing Attack BetItAllJonny - $140k (Global)]]

[[Try_Roll_Hack|Mar 14th - Try Roll Hack - $5.7m (Global)]]

[[DODO_Finance_Initialization_Vulnerability|Mar 8th - DODO Finance Initialization Vulnerability - $3.8m (Global)]]

[[Viking_Swap_Exit|Mar 7th - Viking Swap Exit - $1.2m (Global)]]

[[CoinGain_Ponzi_Scheme|Mar 6th - CoinGain Ponzi Scheme - $Unknown (Global)]]

[[Paid_Network_Hack|Mar 5th - Paid Network Hack - $27m (Global)]]

[[Kava_Labs_Accounting_Logic_Error|Mar 5th - Kava Labs Accounting Logic Error - $0k (Global)]]

[[Meerkat_Finance_Rug_Pull|Mar 4th - Meerkat Finance Rug Pull - $32m (Global)]]

[[Curve_Finance_V1_Vulnerability|Mar 4th - Curve Finance V1 Vulnerability - $0k (Global)]]

[[Zerion_Balancer_Clone_Phishing_Attack|Mar 4th - Zerion Balancer Clone Phishing Attack - $30k (Global)]]

[[Ledger_Pre-Initialized_Hardware_Wallets|Mar 3rd - Ledger Pre-Initialized Hardware Wallets - $Unknown (Global)]]

[[Trust_Wallet_Theft_Substantial_Worry705|Mar 1st - Trust Wallet Theft Substantial_Worry705 - $5k (Global)]]

[[Nimbus_Platform_Liquidity_Attack|Mar 1st - Nimbus Platform Liquidity Attack - $1.274m (Global)]]

[[Coinbase/Gemini_TMobile_Sim_Swapping_HowDoIHummus|Mar 1st - Coinbase/Gemini TMobile Sim Swapping HowDoIHummus - $10k (United States)]]

=== February 2021 ===
[[Armor_Finance_OTC_Scam|Feb 28th - Armor Finance OTC Scam - $850k (Global)]]

[[Daedalus_Fake_Cardano_Wallet_Application|Feb 27th - Daedalus Fake Cardano Wallet Application - $34k (Global)]]

[[Furucombo_DeFi_Hack|Feb 27th - Furucombo DeFi Hack - $15m (Global)]]

[[Yeld_Finance_%22Lightning_Loan%22_Attack|Feb 27th - Yeld Finance "Lightning Loan" Attack - $160k (Global)]]

[[Ledger_and_TrustWallet_Cryptocurrency_Theft_wuay|Feb 24th - Ledger and TrustWallet Cryptocurrency Theft wuay - $47k (Global)]]

[[Primitive_Finance_White_Hack|Feb 21st - Primitive Finance White Hack - $1.3m (Global)]]

[[Dojo_For_Doge_Bitcoin_Doubling_Scam|Feb 21st - Dojo For Doge Bitcoin Doubling Scam - $576k (Germany)]]

[[@apedeveloper_ChartEx_Github_Private_Key_Extraction|Feb 19th - @apedeveloper ChartEx Github Private Key Extraction - $Unknown (Global)]]

[[TrustWallet_Lost_COCOS_Failed_ADA_Transfer_monsieurgil|Feb 18th - TrustWallet Lost COCOS Failed ADA Transfer monsieurgil - $27k (Global)]]

[[Pantera_Capital_HubSpot_Data_Breach_and_Pantera_Coin_Fraud|Feb 17th - Pantera Capital HubSpot Data Breach and Coin Fraud - $Unknown (United States)]]

[[Coinseed_Destroyed_By_SEC|Feb 17th - Coinseed Destroyed By SEC - $3m (United States)]]

[[Cryptopia_Liquidation_Hack|Feb 15th - Cryptopia Liquidation Hack - $45k (New Zealand)]]

[[Tellor_Upgrade_Proxy_Error|Feb 15th - Tellor Upgrade Proxy Error - $Unknown (Global)]]

[[Verge_Block_Reorganization_Attempt|Feb 14th - Verge Block Reorganization Attempt - $0k (Global)]]

[[Alpha_Homora/Cream_Finance_Hack|Feb 13th - Alpha Homora/Cream Finance Hack - $37.5m (Global)]]

[[Armor_Finance_Insurance_Payout_Refused|Feb 13th - Armor Finance Insurance Payout Refused - $1.6m (Global)]]

[[Uniswap_Tokens_Stuck_Forever|Feb 9th - Uniswap Tokens Stuck Forever - $1.4m (Global)]]

[[BT_Finance_Hack|Feb 8th - BT Finance Hack - $1.5m (Global)]]

[[Growth_DeFi_Hack|Feb 8th - Growth DeFi Hack - $1.3m (Global)]]

[[UniSwap_False_Celebrity_Endorsement|Feb 5th - UniSwap False Celebrity Endorsement - $Unknown (Global)]]

[[Yearn_Finance_Hack|Feb 4th - Yearn Finance Hack - $11m (Global)]]

[[Multi_Financial_Exit_Scam|Feb 1st - Multi Financial Exit Scam - $257k (Global)]]

=== January 2021 ===
[[SharkYield_Exit_Scam|Jan 31st - SharkYield Exit Scam - $269k (Global)]]

[[Armor_Finance_Withdrawal_Bug|Jan 30th - Armor Finance Withdrawal Bug - $0k (Global)]]

[[Zap_Finance_Exit_Scam|Jan 30th - Zap Finance Exit Scam - $22k (Global)]]

[[Dynamic_Set_Dollar_Peg_Lost|Jan 28th - Dynamic Set Dollar Peg Lost - $Unknown (Global)]]

[[PopcornSwap_Exit_Scam|Jan 28th - PopcornSwap Exit Scam - $2.108m (Global)]]

[[Ethereum_Yield_ETHY_Goes_Offline|Jan 27th - Ethereum Yield ETHY Goes Offline - $Unknown (Global)]]

[[ReFi_Finance_Runs_Away|Jan 27th - ReFi Finance Runs Away - $144k (Global)]]

[[SushiSwap_Attacked_Again|Jan 27th - SushiSwap Attacked Again - $100k (Global)]]

[[Tin_Finance_Exit_Scam|Jan 26th - Tin Finance Exit Scam - $140k (Global)]]

[[Ledger_Seed_Phrase_Leaked_elm099|Jan 24th - Ledger Seed Phrase Leaked elm099 - $55k (Global)]]

[[BuyUCoin_Data_Breach|Jan 21st - BuyUCoin Data Breach - $0k (India)]]

[[Saddle_Finance_Arbitrage_Exploit|Jan 19th - Saddle Finance Arbitrage Exploit - $276k (Global)]]

[[Binance_Firo_(ZCoin)_51%_Attack|Jan 19th - Binance Firo (ZCoin) 51% Attack - $4.381m (Global)]]

[[Indodax_Firo_(ZCoin)_51%_Attack|Jan 19th - Indodax Firo (ZCoin) 51% Attack - $400k (Global)]]

[[Hong_Kong_Cash_Theft_Sequel|Jan 18th - Hong Kong Cash Theft Sequel - $449k (Hong Kong)]]

[[Trezor_Fake_Android_App|Jan 18th - Trezor Fake Android App - $Unknown (Global)]]

[[freeLiquid_USDFL_Stablecoin_Peg_Lost|Jan 12th - freeLiquid USDFL Stablecoin Peg Lost - $Unknown (Global)]]

[[Ledger_Users_Extortion_Attempts|Jan 11th - Ledger Users Extortion Attempts - $Unknown (Global)]]

[[Stand_Cash_Stablecoin_Not_Stable|Jan 7th - Stand Cash Stablecoin Not Stable - $20m (Global)]]

[[ZKSwap_Overpriced_Swap|Jan 6th - ZKSwap Overpriced Swap - $Unknown (Global)]]

[[Hong_Kong_Cash_Theft|Jan 4th - Hong Kong Cash Theft - $387k (Hong Kong)]]

[[yCredit_Finance_Minting_Vulnerability|Jan 1st - yCredit Finance Minting Vulnerability - $11m (Global)]]

==2020==
=== December 2020 ===
[[One_Cash_Finance_Not_Stable|Dec 31st - One Cash Finance Not Stable - $5.6m (Global)]]

[[Cover_Protocol_Hack|Dec 28th - Cover Protocol Hack - $9.4m (Global)]]

[[Altilly_Assets_Hacked|Dec 26th - Altilly Hot Wallets Hacked And Cold Wallets Lost - $6.7m (Sweden)]]

[[Empty_Set_Dollar_Stablecoin_Collapse|Dec 26th - Empty Set Dollar Stablecoin Collapse - $200k (Global)]]

[[Uniswap_Doubling_Scam|Dec 24th - Uniswap Doubling Scam - $Unknown (Global)]]

[[Livecoin_Shut_Down_By_Hack|Dec 23rd - Livecoin Shut Down By Hack - $3.3m (Russia)]]

[[Uniswap_Fake_Tokens_With_Liquidity|Dec 22nd - Uniswap Fake Tokens With Liquidity - $52k (Global)]]

[[Exmo_Assets_Lost|Dec 21st - Exmo Assets Lost - $10.5m (United Kingdom)]]

[[Uniswap_Fake_Nimbus_Token|Dec 21st - Uniswap Fake Nimbus Token - $Unknown (Global)]]

[[Warp_Finance_Hack|Dec 17th - Warp Finance Hack - $7.8m (Global)]]

[[Trezor_Fake_Iphone_App_James_Fajcz|Dec 15th - Trezor Fake Iphone App James Fajcz - $14k (Global)]]

[[Nexus_Mutual_Founder_Hacked|Dec 14th - Nexus Mutual Founder Hacked - $8m (United Kingdom)]]

[[DexTools/Uniswap_Fake_Buy/Sell_History|Dec 13th - DexTools/Uniswap Fake Buy/Sell History - $Unknown (Global)]]

[[DeTrade_Fund|Dec 11th - DeTrade Fund - $800k (Global)]]

[[DeFiB_Rug_Pull|Dec 11th - DeFiB Rug Pull - $300k (Global)]]

[[iBase/YFFS_Founders_Leave|Dec 11th - iBase/YFFS Founders Leave - $260k (Global)]]

[[MetaMask_Phishing_InstallMetaMask.com|Dec 6th - MetaMask Phishing InstallMetaMask.com - $Unknown (Global)]]

[[Compounder_Finance_Rug_Pull|Dec 2nd - Compounder Finance Rug Pull - $12m (Global)]]

[[BTC_Markets_Privacy_Breach|Dec 1st - BTC Markets Privacy Breach - $0k (Australia)]]

=== November 2020 ===
[[Blockchain.com_Funds_Stolen_Truth-Seeker1990|Nov 30th - Blockchain.com Funds Stolen Truth-Seeker1990 - $7k (Global)]]

[[SushiSwap_First_Attack|Nov 30th - SushiSwap First Attack - $15k (Global)]]

[[Celsius_Network_Account_Hacked|Nov 30th - Celsius Network Account Hacked - $82k (United States)]]

[[Saffron_Finance_Lock_Up|Nov 29th - Saffron Finance Lock Up - $57m (Global)]]

[[Rari_Capital_Vulnerability|Nov 29th - Rari Capital Vulnerability - $0k (Global)]]

[[Compound_Price_Feed_Error|Nov 26th - Compound Price Feed Error - $4m (Global)]]

[[Bancar_Hack_Theft|Nov 26th - Bancar Hack Theft - $1.9m (Venezuela)]]

[[Uniswap_Fake_Deriswap_Liquidity_Pair|Nov 22nd - Uniswap Fake Deriswap Liquidity Pair - $53k (Global)]]

[[Celsius_GoDaddy_DNS_Hijacking|Nov 21st - Celsius GoDaddy DNS Hijacking - $0k (United States)]]

[[Pickle_In_A_Pickle|Nov 21st - Pickle In A Pickle - $19.759m (Global)]]

[[Blockchain.com_Fake_Websites|Nov 20th - Blockchain.com Fake Websites - $Unknown (Global)]]

[[Uniswap_Fake_Google_Play_Application|Nov 19th - Uniswap Fake Google Play Application - $20k (Global)]]

[[Bitcoin_Interchange_Exit_Scam|Nov 18th - Bitcoin Interchange Exit Scam - $766k (Zimbabwe)]]

[[Origin_Protocol_Hack|Nov 17th - Origin Protocol Hack - $7.7m (Global)]]

[[88MPH_Project_Exploited|Nov 17th - 88MPH Project Exploited - $100k (Global)]]

[[Value_DeFi_Goes_On_Sale|Nov 14th - Value DeFi Goes On Sale - $11m (Global)]]

[[Electrum_Bitcoin_Theft_finalremedy|Nov 13th - Electrum Bitcoin Theft finalremedy - $39k (United States)]]

[[Liquid_Data_Leak|Nov 13th - Liquid Data Leak - $0k (Japan)]]

[[Akropolis_Attacked|Nov 12th - Akropolis Attacked - $2m (Global)]]

[[SharkTron_Exit_Scam|Nov 9th - SharkTron Exit Scam - $10m (Global)]]

[[Keep3rLink_Fake_CertiK_Audit|Nov 7th - Keep3rLink Fake CertiK Audit - $Unknown (Global)]]

[[BSV_Multi-Sig_Exploited|Nov 7th - BSV Multi-Sig Exploited - $90k (Global)]]

[[Grin_Token_51%_Attack|Nov 7th - Grin Token 51% Attack - $Unknown (Global)]]

[[Cheese_Bank_Heist|Nov 6th - Cheese Bank Heist - $3.3m (Global)]]

[[Percent_Finance_Funds_Frozen|Nov 5th - Percent Finance Funds Frozen - $996k (Global)]]

[[Axion_Staking_Inside_Job|Nov 2nd - Axion Staking Inside Job - $27m (Global)]]

[[Ledger_Wallet_Upgrade_Phishing|Nov 2nd - Ledger Wallet Upgrade Phishing - $271k (Global)]]

[[Crowd1_Ponzi_Scheme|Nov 2nd - Crowd1 Ponzi Scheme - $Unknown (Global)]]

=== October 2020 ===
[[Cred_CCO_Was_UK_Fugitive|Oct 27th - Cred CCO Was UK Fugitive - $330.489m (United States)]]

[[Harvest_Finance_Harvested|Oct 26th - Harvest Finance Harvested - $25m (Global)]]

[[EtherCrash_%22Cold_Wallet%22_Compromised|Oct 26th - EtherCrash "Cold Wallet" Compromised - $2.5m (Global)]]

[[OceanEx_Account_Breached_wassim0|Oct 22nd - OceanEx Account Breached wassim0 - $30k (Canada)]]

[[Steaks_Finance_Disappears|Oct 19th - Steaks Finance Disappears - $Unknown (Global)]]

[[Wine_Swap_Exit_Scam|Oct 13th - Wine Swap Exit Scam - $345k (Global)]]

[[WLEO_Contract_Hack|Oct 11th - WLEO Contract Hack - $42k (Global)]]

[[Curve_Finance_Google_Phish|Oct 11th - Curve Finance Google Phish - $231k (Global)]]

[[Beer_Garden_Finance_Exit_Scam|Oct 10th - Beer Garden Finance Exit Scam - $Unknown (Global)]]

[[Off_Blue_Went_Off_Out_Of_The_Blue|Oct 10th - Off Blue Went Off Out Of The Blue - $800k (Global)]]

[[DeFi_Saver/imToken_DAI_Reduction|Oct 8th - DeFi Saver/imToken DAI Reduction - $310k (Global)]]

[[CBDAO_($BREE)_Exit_Scam|Oct 8th - CBDAO ($BREE) Exit Scam - $68k (Global)]]

[[AmplyFi.Money_Exit_Scam|Oct 6th - AmplyFi.Money Exit Scam - $885k (Global)]]

[[UniSwap_UniCats_Scam|Oct 5th - UniSwap UniCats Scam - $200k (Global)]]

[[Burn_Vault_Finance_Exit_Scam|Oct 5th - Burn Vault Finance Exit Scam - $455k (Global)]]

[[KuCoin_Fake_Wallet_Site|Oct 3rd - KuCoin Fake Wallet Site - $Unknown (Singapore)]]

[[Minion_Farm_Project_Abandoned|Oct 2nd - Minion Farm Project Abandoned - $25k (Global)]]

=== September 2020 ===
[[Tomato_DEFI_Disappeared|Sep 30th - Tomato DEFI Disappeared - $Unknown (Global)]]

[[Eminence_(Yearn_Finance)_DeFi_Hack|Sep 28th - Eminence (Yearn Finance) DeFi Hack - $15m (Global)]]

[[GemSwap_%22Developer_Attack%22|Sep 26th - GemSwap "Developer Attack" - $1.3m (Global)]]

[[HatchDAO_Rug_Pull|Sep 26th - HatchDAO Rug Pull - $47k (Global)]]

[[KuCoin_Hot_Wallet_Breach|Sep 25th - KuCoin Hot Wallet Breach - $281m (Singapore)]]

[[Robinhood_Account_Hacking_Spree|Sep 25th - Robinhood Account Hacking Spree - $Unknown (United States)]]

[[Tomatoes_Finance_Permissions_Attack|Sep 24th - Tomatoes Finance Permissions Attack - $10k (Global)]]

[[KuCoin_Fake_Exchange_Website|Sep 23rd - KuCoin Fake Exchange Website - $Unknown (Singapore)]]

[[Lightning_Denial_of_Service_Attack_Demonstration|Sep 22nd - Lightning Denial of Service Attack Demonstration - $0k (Global)]]

[[Soda_Finance_Loophole|Sep 22nd - Soda Finance Loophole - $159k (Global)]]

[[Sim_Swapping_AT%26T|Sep 20th - Sim Swapping AT&T - $560k (United States)]]

[[LV_Finance_Exit_Scam|Sep 19th - LV Finance Exit Scam - $Unknown (Global)]]

[[Swerve_Finance_Swerves_Finely|Sep 19th - Swerve Finance Swerves Finely - $8m (Global)]]

[[Bantiample_Exit_Scam|Sep 18th - Bantiample Exit Scam - $83k (Global)]]

[[Lien_Finance_Rescued|Sep 15th - Lien Finance Rescued - $9.6m (Global)]]

[[Student_Robbed_At_Knifepoint|Sep 15th - Student Robbed At Knifepoint - $8k (United Kingdom)]]

[[bZx_DeFi_Protocol_Hacked_Again|Sep 13th - bZx DeFi Protocol Hacked Again - $8.1m (Global)]]

[[Arbistar_Trading_Bot_Overpayment|Sep 12th - Arbistar Trading Bot Overpayment - $1000m (Spain)]]

[[YFDexF_Finance_Exit_Scam|Sep 10th - YFDexF Finance Exit Scam - $20m (Global)]]

[[Emerald_Mine_Exit_Scam|Sep 9th - Emerald Mine Exit Scam - $2.5m (Global)]]

[[Coral_Finance_Reentrancy_Attack|Sep 9th - Coral Finance Reentrancy Attack - $334k (Global)]]

[[Eterbase_Hot_Wallets_Breached|Sep 8th - Eterbase Hot Wallets Breached - $5.4m (Slovakia)]]

[[Zao_Finance_Exit_Scam|Sep 7th - Zao Finance Exit Scam - $Unknown (Global)]]

[[Uniswap_Fake_Acala_Network_Token|Sep 6th - Uniswap Fake Acala Network Token - $Unknown (Global)]]

[[CherryFi_Contract_Vulnerabilities|Sep 6th - CherryFi Contract Vulnerabilities - $Unknown (Global)]]

[[SushiSwap_Founder_Withdrawal|Sep 5th - SushiSwap Founder Withdrawal - $13m (Global)]]

[[Soft_Yearn_(SFYI)_Rebase_Exploit|Sep 3rd - Soft Yearn (SFYI) Rebase Exploit - $250k (Global)]]

[[Hot_Dog_DeFi_Crashes|Sep 2nd - Hot Dog DeFi Crashes - $118k (Global)]]

[[Pizza_DeFi's_Epic_Crash|Sep 2nd - Pizza DeFi's Epic Crash - $10.087m (Global)]]

=== August 2020 ===
[[Electrum_1400_Bitcoins_Stolen|Aug 30th - Electrum 1400 Bitcoins Stolen - $16.396m (Global)]]

[[Ethereum_Classic_Third_51%_Attack|Aug 29th - Ethereum Classic Third 51% Attack - $5m (Global)]]

[[Degens_Money_Degenerates|Aug 27th - Degens Money Degenerates - $Unknown (Global)]]

[[Coinbase_Sim_Swapping_Lawsuit|Aug 26th - Coinbase Sim Swapping Lawsuit - $Unknown (United States)]]

[[Coinbit_Seizure/Investigation|Aug 25th - Coinbit Seizure/Investigation - $85m (South Korea)]]

[[BTC_ERA_Phishing_Attack|Aug 25th - BTC ERA Phishing Attack - $0k (Global)]]

[[CoinBerry_ETransfer_Glitch_Fraud|Aug 24th - CoinBerry ETransfer Glitch Fraud - $1.413m (Canada)]]

[[YFValue_Exploit_Found|Aug 24th - YFValue Exploit Found - $Unknown (Global)]]

[[Chick_Finance_For_Dinner|Aug 24th - Chick Finance For Dinner - $Unknown (Global)]]

[[Ledger_Upgrade_Phishing_Success_Scorpic|Aug 20th - Ledger Upgrade Phishing Success _Scorpic_ - $2k (Global)]]

[[Mirror_Trading_International|Aug 19th - Mirror Trading International - $885m (South Africa)]]

[[KuCoin_Fraudulent_Website|Aug 19th - KuCoin Fraudulent Website - $Unknown (Singapore)]]

[[Bank_of_Tron_Ponzi_Contract|Aug 19th - Bank of Tron Ponzi Contract - $Unknown (Global)]]

[[Uniswap_Fake_Teller_Token|Aug 18th - Uniswap Fake Teller Token - $Unknown (Global)]]

[[Ledger_Nano_S_RamboRiki_Hack|Aug 16th - Ledger Nano S RamboRiki Hack - $25k (Global)]]

[[MyMonero_Fake_Google_Play_Wallet|Aug 15th - MyMonero Fake Google Play Wallet - $22k (Global)]]

[[Definition_Network_Loophole|Aug 14th - Definition Network Loophole - $Unknown (Global)]]

[[YAM_Finance_Incident|Aug 13th - YAM Finance Incident - $750k (Global)]]

[[Uniswap_Fake_NEAR_Token|Aug 11th - Uniswap Fake NEAR Token - $Unknown (Global)]]

[[NUGS_Security_Issues|Aug 11th - NUGS Security Issues - $Unknown (Global)]]

[[Uniswap_Counterfeit_SRM|Aug 6th - Uniswap Counterfeit SRM - $Unknown (Global)]]

[[Bitfinex/Ethereum_Classic_Second_51%_Attack|Aug 5th - Bitfinex/Ethereum Classic Second 51% Attack - $3.2m (Unknown)]]

[[Ledger_Live_Fake_App_In_Google_Play|Aug 3rd - Ledger Live Fake App In Google Play - $Unknown (Global)]]

[[Ledger_Seed_Store_In_Email_Breach|Aug 1st - Ledger Seed Store In Email Breach - $13k (Global)]]

[[Opyn_Double_use_oToken_Breach|Aug 1st - Opyn Double use oToken Breach - $372k (United States)]]

=== July 2020 ===
[[OkEx_Ethereum_Classic_51%_Attack|Jul 31st - OkEx Ethereum Classic 51% Attack - $5.6m (Malta)]]

[[2gether_Hacked|Jul 31st - 2gether Hacked - $1.39m (Spain)]]

[[VanZuron_Smart_Contract_Developer_Theft|Jul 30th - VanZuron Smart Contract Developer Theft - $130k (Global)]]

[[Hotmail_Account_With_Seed_Phrase_Hacked_Ayyylmaooo2|Jul 27th - Hotmail Account With Seed Phrase Hacked Ayyylmaooo2 - $18k (Global)]]

[[MMM_BSC_Multi-Level_Marketing_Scheme|Jul 25th - MMM BSC Multi-Level Marketing Scheme - $5m (Global)]]

[[Trezor_Fake_Phishing_Site|Jul 22nd - Trezor Fake Phishing Site - $1000k (Global)]]

[[Forsage_Multi_Level_Marketing_Scheme|Jul 16th - Forsage Multi Level Marketing Scheme - $874.673m (Global)]]

[[Twitter_Bitcoin_Giveaway_Scams|Jul 15th - Twitter Bitcoin Giveaway Scams - $120k (Global)]]

[[Uniswap/BZRX_IDO_Exploited|Jul 13th - Uniswap/BZRX IDO Exploited - $550k (Global)]]

[[Cashaa_Wallet_Hacked|Jul 11th - Cashaa Wallet Hacked - $3.1m (United Kingdom)]]

[[Bitcoin_Gold_51%_Attempt_Foiled|Jul 10th - Bitcoin Gold 51% Attempt Foiled - $0k (Global)]]

[[Ledger_Live_All_Funds_Stolen_pking007|Jul 9th - Ledger Live All Funds Stolen pking007 - $60k (Global)]]

[[Uniswap_Fake_Opium_Liquidity_Pair|Jul 7th - Uniswap Fake Opium Liquidity Pair - $5k (Global)]]

[[Uniswap_Fake_DYDX_Liquidity_Pair|Jul 7th - Uniswap Fake DYDX Liquidity Pair - $Unknown (Global)]]

[[Electrum_Phishing_Attack_Funds_Stolen_Cryptbtcaly|Jul 6th - Electrum Phishing Attack Funds Stolen Cryptbtcaly - $1.25m (Global)]]

[[Uniswap_Community_Token|Jul 5th - Uniswap Community Token - $18k (Global)]]

[[Uniswap_Fake_TornadoCash_Token|Jul 5th - Uniswap Fake TornadoCash Token - $Unknown (Global)]]

[[Uniswap_Fake_1Inch_Exchange_Token|Jul 5th - Uniswap Fake 1Inch Exchange Token - $Unknown (Global)]]

[[Uniswap_Fake_BZRX_Liquidity_Pair|Jul 5th - Uniswap Fake BZRX Liquidity Pair - $Unknown (Global)]]

[[Uniswap_Fake_Balancer_Token_V2|Jul 5th - Uniswap Fake Balancer Token V2 - $Unknown (Global)]]

[[Ledger_Wallet_Cleaned_Out_netecholot|Jul 4th - Ledger Wallet Cleaned Out netecholot - $3k (Unknown)]]

[[Uniswap_Fake_Curve_Finance_Token|Jul 4th - Uniswap Fake Curve Finance Token - $Unknown (Global)]]

[[MyEtherWallet_Fake_Google_Play_App|Jul 2nd - MyEtherWallet Fake Google Play App - $Unknown (Global)]]

=== June 2020 ===
[[Vether_V3_Exploited|Jun 30th - Vether V3 Exploited - $900k (Global)]]

[[Balancer_Deflation_Hack|Jun 28th - Balancer Deflation Hack - $523k (Global)]]

[[Bancor_Self-Hack|Jun 28th - Bancor Self-Hack - $585k (Global)]]

[[MakerDao_Web3_DeFi_Phishing|Jun 25th - MakerDao Web3 DeFi Phishing - $100k (Global)]]

[[Ledger_Data_Breach|Jun 25th - Ledger Data Breach - $Unknown (Global)]]

[[Atomic_Loans_Close_Call|Jun 24th - Atomic Loans Close Call - $0k (Canada)]]

[[VETHER_V2_JasonTheMerchant_Exploit|Jun 24th - VETHER V2 JasonTheMerchant Exploit - $0k (Global)]]

[[GPay/Cryptopoint/XtraderFX_Shut_Down|Jun 23rd - GPay/Cryptopoint/XtraderFX Shut Down - $1.68m (United Kingdom)]]

[[DeFi_Money_Market_Impersonated|Jun 23rd - DeFi Money Market Impersonated - $40k (United States)]]

[[VETHER_V1_Blurr_Exploit|Jun 20th - VETHER V1 Blurr Exploit - $0k (Global)]]

[[DeFi_Saver_Exchange_Vulnerability|Jun 19th - DeFi Saver Exchange Vulnerability - $30k (Global)]]

[[Argent_Recovery_Without_Guardians|Jun 18th - Argent Recovery Without Guardians - $0k (Global)]]

[[Private_Key_Brute_Forced_With_Only_8_Words|Jun 16th - Private Key Brute Forced With Only 8 Words - $9k (Global)]]

[[Ledger_Shopify_Data_Breach_2|Jun 16th - Ledger Shopify Data Breach 2 - $Unknown (Global)]]

[[HTS_Coin_Shuts_Down|Jun 15th - HTS Coin Shuts Down - $Unknown (South Korea)]]

[[Uniswap_Fake_Balancer_Token|Jun 13th - Uniswap Fake Balancer Token - $Unknown (Global)]]

[[MiningPoolHub_Ethereum_Theft|Jun 11th - MiningPoolHub Ethereum Theft - $1.282m (United States)]]

[[HyperCapital_Ponzi_Scheme|Jun 11th - HyperCapital Ponzi Scheme - $Unknown (Global)]]

[[Good_Cycle_Ponzi_Blackmailed|Jun 10th - Good Cycle Ponzi Blackmailed - $5.279m (South Korea)]]

[[DeversiFi_Launch_Exploit|Jun 10th - DeversiFi Launch Exploit - $0k (Global)]]

[[Amfeix_Ponzi_Scheme|Jun 1st - Amfeix Ponzi Scheme - $67m (Global)]]

=== May 2020 ===
[[Ledger_Google_Play_Phishing_Alert|May 29th - Ledger Google Play Phishing Alert - $Unknown (Global)]]

[[LMEX_Stock_Exchange|May 27th - LMEX Stock Exchange - $150k (China)]]

[[tycooperaow_Lost_Funds_Published_Mnemonic|May 24th - tycooperaow Lost Funds Published Mnemonic - $2k (Global)]]

[[BnkToTheFuture_Database_Breach|May 24th - BnkToTheFuture Database Breach - $0k (Global)]]

[[ShapeShift_Insider_Theft|May 21st - ShapeShift Insider Theft - $900k (United States)]]

[[Hegic_Options_Arbitraged|May 21st - Hegic Options Arbitraged - $3k (Global)]]

[[KeepKey_Wallet_Side_Channels|May 18th - KeepKey Wallet Side Channels - $0k (Global)]]

[[Bitcoin_Backed_tBTC_Stuck|May 17th - Bitcoin Backed tBTC Stuck - $0k (Global)]]

[[Coinbase/AT%26T_Account_Sim_Swap_signalme|May 17th - Coinbase/AT&T Account Sim Swap signalme - $4k (United States)]]

[[Ledger_Shopify_Data_Breach_1|May 14th - Ledger Shopify Data Breach 1 - $Unknown (Global)]]

[[Loopring_Design_Defect|May 7th - Loopring Design Defect - $0k (Global)]]

[[MetaMask_Malicious_Chrome_Extensions|May 5th - MetaMask Malicious Chrome Extensions - $Unknown (Global)]]

=== April 2020 ===
[[Uniswap_ERC777_Reentrancy_Attack|Apr 28th - Uniswap ERC777 Reentrancy Attack - $300k+ (Unknown)]]

[[KeepKey_Scam_Chrome_Application_Theft|Apr 27th - KeepKey Scam Chrome Application Theft - $Unknown (Global)]]

[[Etheroll_Fork_Manipulation|Apr 25th - Etheroll Fork Manipulation - $0k (Switzerland)]]

[[Hegic_Exchange_Funds_Locked|Apr 24th - Hegic Exchange Funds Locked - $48k (Global)]]

[[EOS_Ecosystem_Ponzi_Scheme_Collapses|Apr 20th - EOS Ecosystem Ponzi Scheme Collapses - $52m (China)]]

[[LendfMe_(DForce)_DeFi_Protocol_Breached|Apr 19th - LendfMe (DForce) DeFi Protocol Breached - $25m (Global)]]

[[Curve_Finance_SUSD_Vulnerability|Apr 19th - Curve Finance SUSD Vulnerability - $0k (Global)]]

[[BISQ_Donation_Address_Hack|Apr 1st - BISQ Donation Address Hack - $250k (Unknown)]]

=== March 2020 ===
[[Aragon_Court_Vulnerabilities|Mar 30th - Aragon Court Vulnerabilities - $0k (Global)]]

[[Ledger_Fake_Chrome_Extension|Mar 28th - Ledger Fake Chrome Extension - $3k (Global)]]

[[Synthetix_Ether_Collateral_Bug|Mar 26th - Synthetix Ether Collateral Bug - $0k (Global)]]

[[MakerDao_Abnormal_Liquidations|Mar 12th - MakerDao Abnormal Liquidations - $8.3m (Global)]]

[[Ledger_Fake_Google_Chrome_Extension|Mar 4th - Ledger Fake Google Chrome Extension - $2.5m (Global)]]

[[Jan_Cerato_Whale_Club|Mar 4th - Jan Cerato Whale Club - $200k (Canada)]]

=== February 2020 ===
[[Coinbase_Sim_Swapping_SaltedAvocadosMhh|Feb 25th - Coinbase Sim Swapping SaltedAvocadosMhh - $15k (United States)]]

[[Nexus_Mutual_Fund_Pool_Vulnerable|Feb 24th - Nexus Mutual Fund Pool Vulnerable - $0k (Global)]]

[[Authereum_Metatransactions_Order|Feb 18th - Authereum Metatransactions Order - $11k (Global)]]

[[VBITEX_Hacked|Feb 17th - VBITEX Hacked - $Unknown (Unknown)]]

[[Josh_Jones'_Crypto_Stolen_By_Hamilton_Teen|Feb 15th - Josh Jones' Crypto Stolen By Hamilton Teen - $46m (United States)]]

[[bZx_Fulcrum_Flash_Loan/Oracle_Manipulation|Feb 14th - bZx Fulcrum Flash Loan/Oracle Manipulation - $918k (Global)]]

[[Altsbit_Hot_Wallets_Hacked|Feb 6th - Altsbit Hot Wallets Hacked - $317k (Italy)]]

[[FCoin_Collapses|Feb 1st - FCoin Collapses - $125m (China)]]

=== January 2020 ===
[[Lightning_Torch_Theft|Jan 27th - Lightning Torch Theft - $2k (Global)]]

[[Curve_Drainable_Hack|Jan 25th - Curve Drainable Hack - $0k (Global)]]

[[bZx_Fulcrum_White_Hack|Jan 11th - bZx Fulcrum White Hack - $0k (Global)]]

[[Mark_Cheng_Kidnapped|Jan 9th - Mark Cheng Kidnapped - $54k (Thailand)]]

[[Ledger_Malicious_Chrome_Extension_HackedZec_Theft|Jan 1st - Ledger Malicious Chrome Extension HackedZec Theft - $16k (Global)]]

[[Binance/Bitcoin_Gold_Double_Spend_Hack|Jan 1st - Binance/Bitcoin Gold Double Spend Hack - $72k (Malta)]]

==2019==
=== December 2019 ===
[[Shitcoin_Wallet_Malicious_JavaScript|Dec 30th - Shitcoin Wallet Malicious JavaScript - $Unknown (Global)]]

[[Ledger_Wallet_Theft_rytoke|Dec 28th - Ledger Wallet Theft rytoke - $30k (Global)]]

[[MetaMask_Banned_From_Google_Play|Dec 26th - MetaMask Banned From Google Play - $Unknown (Global)]]

[[BitClub_Network_Ponzi|Dec 11th - BitClub Network Ponzi - $722m (Global)]]

[[RG_Coins_Shuts_Down|Dec 11th - RG Coins Shuts Down - $7m (Bulgaria)]]

[[Cloud_Token_Wallet_Service|Dec 1st - Cloud Token Wallet Service - $500m (Singapore)]]

[[Vertcoin_Attempted_51%_Attack|Dec 1st - Vertcoin Attempted 51% Attack - $0k (Global)]]

=== November 2019 ===
[[Upbit_Hot_Wallet_Hack|Nov 26th - Upbit Hot Wallet Hack - $49.2m (South Korea)]]

[[GateHub_Privacy_Breach|Nov 14th - GateHub Privacy Breach - $0k (United Kingdom)]]

[[BitMEX_Email_Gaffe|Nov 11th - BitMEX Email Gaffe - $0k (Seychelles)]]

[[Trezor_Phishing_Website|Nov 10th - Trezor Phishing Website - $9k (Global)]]

[[BitUSD_Stablecoin_Depegged|Nov 6th - BitUSD Stablecoin Depegged - $Unknown (Global)]]

[[VinDAX_Exchange_Hacked|Nov 4th - VinDAX Exchange Hacked - $500k (Vietnam)]]

[[BeenTrade_Fake_Crypto_Exchange|Nov 4th - BeenTrade Fake Crypto Exchange - $Unknown (Global)]]

[[IDAX_Global_CEO_Disappears|Nov 1st - IDAX Global CEO Disappears - $Unknown (China)]]

[[Einstein_Exchange|Nov 1st - Einstein Exchange - $12m (Canada)]]

=== October 2019 ===
[[Jorg_Molt_Bitcoin_Pension|Oct 31st - Jorg Molt Bitcoin Pension - $2.14m (Global)]]

[[Trezor_Hacked_By_Kraken_Security_Labs|Oct 30th - Trezor Hacked By Kraken Security Labs - $0k (Global)]]

[[Trezor_abruceky_Google_Search_Phishing|Oct 28th - Trezor abruceky Google Search Phishing - $32k (United States)]]

[[Ledger_Faulty_Secure_Element_Phishing|Oct 25th - Ledger Faulty Secure Element Phishing - $Unknown (Global)]]

[[OvexTrade_Withdrawal_Fraud_Platform|Oct 22nd - OvexTrade Withdrawal Fraud Platform - $Unknown (Global)]]

[[Sablier_Developmental_Exploit|Oct 8th - Sablier Developmental Exploit - $10k (Global)]]

[[WoToken_Wallet_Service|Oct 1st - WoToken Wallet Service - $1.1b (China)]]

[[MakerDao_Auction_Lack_of_Validation|Oct 1st - MakerDao Auction Lack of Validation - $7m (Global)]]

=== September 2019 ===
[[Circle_Society_Investment_Platform|Sep 30th - Circle Society Investment Platform - $15m (United States)]]

[[PayFair_P2P_Exchange_Hacked|Sep 29th - PayFair P2P Exchange Hacked - $Unknown (Unknown)]]

[[DDEX_Exchange_Price_Manipulation|Sep 18th - DDEX Exchange Price Manipulation - $0k (Global)]]

[[Coinhouse_Phishing_Attack|Sep 14th - Coinhouse Phishing Attack - $Unknown (France)]]

[[Cryptopia_Ex-Employee_Theft|Sep 10th - Cryptopia Ex-Employee Theft - $235k (New Zealand)]]

[[GhostMixer_Relaunched_As_Scam_Website|Sep 3rd - GhostMixer Relaunched As Scam Website - $0k (Unknown)]]

[[bZx_Exchange_Price_Manipulation|Sep 3rd - bZx Exchange Price Manipulation - $0k (Global)]]

=== August 2019 ===
[[BitWhisk_Relaunched_Fraud_Site|Aug 23rd - BitWhisk Relaunched Fraud Site - $2k (Global)]]

[[CoinTiger_PTT_%22Cold_Wallet%22_Breach|Aug 17th - CoinTiger PTT "Cold Wallet" Breach - $1.708m (Singapore)]]

[[Exmount_Holdings_Group_Scam|Aug 8th - Exmount Holdings Group Scam - $1.83m (Australia)]]

[[Trezor_Wallet_Phishing_Website_Nosler165|Aug 6th - Trezor Wallet Phishing Website Nosler165 - $67k (Global)]]

[[EZ-BTC/Dave_Smillie|Aug 1st - EZ-BTC/Dave Smillie - $3.9m+ (Canada)]]

=== July 2019 ===
[[Ledger_Olusegun_Alabi_Theft|Jul 28th - Ledger Olusegun Alabi Theft - $8k (Global)]]

[[InnovaMine_Cloud_Mining_Operation|Jul 15th - InnovaMine Cloud Mining Operation - $7m+ (Global)]]

[[0x_Invalid_Signature_Flaw|Jul 13th - 0x Invalid Signature Flaw - $0k (Global)]]

[[BitPoint_Hot_Wallet_Hack|Jul 11th - BitPoint Hot Wallet Hack - $32.2m (Japan)]]

[[Soxex_Collapse|Jul 4th - Soxex Collapse - $1000k (Unknown)]]

[[TLGUt5_Tron_Contract_Hacked|Jul 2nd - TLGUt5 Tron Contract Hacked - $2k (Global)]]

[[Bitmarket_Gone_Without_Warning|Jul 1st - Bitmarket Gone Without Warning - $23m (Poland)]]

=== June 2019 ===
[[uTorrent_Super_Community_Collapses|Jun 30th - uTorrent Super Community Collapses - $29m (Global)]]

[[QuickBit_Privacy_Breach|Jun 28th - QuickBit Privacy Breach - $0k (Sweden)]]

[[Koinex_Shuts_Down_Regulatory_Uncertainty|Jun 27th - Koinex Shuts Down Regulatory Uncertainty - $Unknown (India)]]

[[Synthetix_Oracle_Theft_Incident|Jun 25th - Synthetix Oracle Theft Incident - $37m (Global)]]

[[Unknown_Platform_Cyber-Squatting|Jun 25th - Unknown Platform Cyber-Squatting - $27.2m (Global)]]

[[Bitrue_Hot_Wallet_Breach|Jun 16th - Bitrue Hot Wallet Breach - $4.5m (Singapore)]]

[[KeepKey_Attackable_With_Physical_Access|Jun 13th - KeepKey Attackable With Physical Access - $Unknown (Global)]]

[[TokenStore_Ponzi_Scheme_Rug_Pull|Jun 10th - TokenStore Ponzi Scheme Rug Pull - $160m (Global)]]

[[Agama_Wallet_Malicious_Upgrade|Jun 5th - Agama Wallet Malicious Upgrade - $13m (Global)]]

[[Kraken_Flash_Crash_(Suspected_Theft)|Jun 2nd - Kraken Flash Crash (Suspected Theft) - $10m (United States)]]

[[Bitsane_Exit_Scam|Jun 1st - Bitsane Exit Scam - $155k+ (Ireland)]]

[[PlusToken_Wallet_and_Exchange|Jun 1st - PlusToken Wallet and Exchange - $6b (South Korea)]]

[[Gatehub_Customer_XRP_Wallets_Breached|Jun 1st - Gatehub Customer XRP Wallets Breached - $10.1m (United Kingdom)]]

=== May 2019 ===
[[Remitano_False_XRP_Deposit|May 29th - Remitano False XRP Deposit - $Unknown (Seychelles)]]

[[Trezor_Fake_Google_Play_App|May 23rd - Trezor Fake Google Play App - $Unknown (Global)]]

[[WalletGenerator_Weak_Key_Generator|May 23rd - WalletGenerator Weak Key Generator - $Unknown (Global)]]

[[CoinBase_Sim_Swapping|May 20th - CoinBase Sim Swapping - $100k (United States)]]

[[Dascoin_Ponzi_Scheme|May 16th - Dascoin Ponzi Scheme - $Unknown (Global)]]

[[Bitcoin_Cash_Two-Block_Double_Spend|May 15th - Bitcoin Cash Two-Block Double Spend - $1.3m (Global)]]

[[Ledger_Funds_Stolen_Jpeezy555|May 11th - Ledger Funds Stolen Jpeezy555 - $47k (Unknown)]]

[[Binance_Hot_Wallet_Theft|May 7th - Binance Hot Wallet Theft - $41.238m (Malta)]]

[[Bitcoins_Norway_AlphaPoint_Attack|May 7th - Bitcoins Norway AlphaPoint Attack - $500k+ (Norway)]]

[[MakerDAO_Governance_Vulnerability|May 6th - MakerDAO Governance Vulnerability - $100m (Global)]]

[[BitoPro_XRP_Partial_Payment_Theft|May 2nd - BitoPro XRP Partial Payment Theft - $2.122m (Taiwan)]]

[[TronBank_Contract_Vulnerability|May 2nd - TronBank Contract Vulnerability - $632k (Global)]]

[[CoinRoom_Goes_Boom|May 1st - CoinRoom Goes Boom - $Unknown (Poland)]]

=== April 2019 ===
[[Ledger_Fund_Theft_Guy_Parker|Apr 28th - Ledger Fund Theft Guy_Parker - $Unknown (Global)]]

[[BitFinex_and_Crypto_Capital|Apr 26th - BitFinex and Crypto Capital - $880m (Hong Kong)]]

[[Ledger_Malware_Phishing|Apr 25th - Ledger Malware Phishing - $20k+ (Global)]]

[[Bittrex_AT%26T_Gregg_Bennett_SIM_Swap|Apr 15th - Bittrex AT&T Gregg Bennett SIM Swap - $507k (United States)]]

[[TronBank_Fake_Token_Attack|Apr 11th - TronBank Fake Token Attack - $119k (Global)]]

[[IseriCoin_Contract_Mint_Vulnerability|Apr 9th - IseriCoin Contract Mint Vulnerability - $Unknown (Global)]]

[[Ledger_CVHodl_Theft|Apr 4th - Ledger CVHodl Theft - $Unknown (Global)]]

[[Coinbene_Hack_Cover-Up|Apr 1st - Coinbene Hack Cover-Up - $100m+ (International)]]

=== March 2019 ===
[[Tesler_2_False_Investment_Opportunity|Mar 29th - Tesler 2 False Investment Opportunity - $Unknown (Unknown)]]

[[BiKi_Password_Tampering|Mar 26th - BiKi Password Tampering - $123k (Singapore)]]

[[DragonEx_Hacking_Theft|Mar 24th - DragonEx Hacking Theft - $7m (Singapore)]]

[[Etbox_Wallet_Hacked|Mar 24th - Etbox Wallet Hacked - $132k (Seychelles)]]

[[Coinomi_Wallet_Theft_Warith_Al_Maawali|Mar 22nd - Coinomi Wallet Theft Warith Al Maawali - $65k (Global)]]

[[Ledger_Wallet_Theft_rasgun66|Mar 18th - Ledger Wallet Theft rasgun66 - $64k (Turkey)]]

[[Bitcoin_Evolution_Celebrity_Impersonation_Ponzi|Mar 18th - Bitcoin Evolution Celebrity Impersonation Ponzi - $670m (Global)]]

[[Mercatox_EOS_Breach|Mar 15th - Mercatox EOS Breach - $Unknown (United Kingdom)]]

[[MyEtherWallet_Cryptojacking_Protection_Extension|Mar 14th - MyEtherWallet Cryptojacking Protection Extension - $Unknown (Global)]]

[[Blockchain.com_Cryptojacking_Protection_Extension|Mar 14th - Blockchain.com Cryptojacking Protection Extension - $Unknown (Global)]]

[[Bitcoin_Fat_Finger_Large_Fee|Mar 11th - Bitcoin Fat Finger Large Fee - $8k (Global)]]

[[nkpaymentcap_Fake_Transfer_Notification|Mar 11th - nkpaymentcap Fake Transfer Notification - $180k (Global)]]

[[Bithumb_EOS/XRP_Hack|Mar 1st - Bithumb EOS/XRP Hack - $19.2m (South Korea)]]

[[Gatecoin_Enters_Liquidation|Mar 1st - Gatecoin Enters Liquidation - $Unknown (Hong Kong)]]

=== February 2019 ===
[[CoinBin_Declares_Bankruptcy|Feb 20th - CoinBin Declares Bankruptcy - $26m (South Korea)]]

[[Coinmama_User_Data_Breached|Feb 15th - Coinmama User Data Breached - $0k (Ireland)]]

[[MetaMask_Fake_Google_Play_Clipper_Malware|Feb 8th - MetaMask Fake Google Play Clipper Malware - $0k (Global)]]

[[QuadrigaCX_Bankruptcy|Feb 5th - QuadrigaCX Bankruptcy - $215m+ (Canada)]]

=== January 2019 ===
[[Liqui_Shuts_Down|Jan 28th - Liqui Shuts Down - $0k (Ukraine)]]

[[LocalBitcoin_Forum_Login_Breach|Jan 26th - LocalBitcoin Forum Login Breach - $29k+ (Global)]]

[[CoinZest_Accidental_Airdrop|Jan 23rd - CoinZest Accidental Airdrop - $5.3m (South Korea)]]

[[Bitzolkin_Ponzi_Scheme|Jan 21st - Bitzolkin Ponzi Scheme - $12m (Global)]]

[[CryptoCashBack_Rewards_Program_Trojan|Jan 18th - CryptoCashBack Rewards Program Trojan - $85k (Global)]]

[[Komid_Fraudulent_Platform_Withdrawals|Jan 17th - Komid Fraudulent Platform Withdrawals - $Unknown (South Korea)]]

[[Cryptopia_Exchange_ERC20_Hack|Jan 14th - Cryptopia Exchange ERC20 Hack - $20.447m (New Zealand)]]

[[Girl_in_the_Spider's_Web_Razy_Malware|Jan 12th - Girl in the Spider's Web Razy Malware - $2k (Global)]]

[[BCH-Mixer.com_Scam_Mixer_Service|Jan 11th - BCH-Mixer.com Scam Mixer Service - $Unknown (Global)]]

[[Coinbase_Halts_Ethereum_Classic_Trading|Jan 5th - Coinbase Halts Ethereum Classic Trading - $0k (United States)]]

[[Gate.io_Ethereum_Classic_51%_Attack|Jan 1st - Gate.io Ethereum Classic 51% Attack - $271k (Cayman Islands)]]

[[Bitrue_Ethereum_Classic_51%_Attack|Jan 1st - Bitrue Ethereum Classic 51% Attack - $14k (Taiwan/Singapore)]]

==2018==
=== December 2018 ===
[[Electrum_Mass_Phishing_Attacks|Dec 27th - Electrum Mass Phishing Attacks - $937k (Global)]]

[[Electron_Cash_Malicious_ElectrumX_Servers|Dec 26th - Electron Cash Malicious ElectrumX Servers - $Unknown (Global)]]

[[Exodus_Wallet_Bitcoin_Cash_Theft|Dec 23rd - Exodus Wallet Bitcoin Cash Theft - $75k (Global)]]

[[Coinone_Unauthorized_Customer_Withdrawal|Dec 22nd - Coinone Unauthorized Customer Withdrawal - $48k (South Korea)]]

[[CoinFlux_CEO_Arrested|Dec 15th - CoinFlux CEO Arrested - $Unknown (Romania)]]

[[Basecoin_Shut_Down_By_SEC|Dec 13th - Basecoin Shut Down By SEC - $0k (United States)]]

[[Massive_Theft_Of_Coins_Valerian77|Dec 3rd - Massive Theft Of Coins Valerian77 - $1000k (Global)]]

[[Vertcoin_51%_Attack|Dec 2nd - Vertcoin 51% Attack - $100k (Global)]]

=== November 2018 ===
[[Ethereum_Classic_Github_Taken_Over|Nov 30th - Ethereum Classic Github Taken Over - $0k (Global)]]

[[Atidium_Private_Key_Leaked|Nov 29th - Atidium Private Key Leaked - $10k (Global)]]

[[Trezor_Counterfeit_Hardware_Wallets|Nov 19th - Trezor Counterfeit Hardware Wallets - $0k (Global)]]

[[South_African_Robbed|Nov 16th - South African Robbed - $67k (South Africa)]]

[[Google_G_Suite_Twitter_Compromised|Nov 13th - Google G Suite Twitter Compromised - $0k (Global)]]

[[Target_Twitter_Fake_Bitcoin_Giveaway|Nov 13th - Target Twitter Fake Bitcoin Giveaway - $33k (Global)]]

[[AirDropsDAC_HireVibes_Airdrop_Private_Key_Leak|Nov 12th - AirDropsDAC HireVibes Airdrop Private Key Leak - $14k (Global)]]

[[NEO_Fake_Android_Wallet|Nov 8th - NEO Fake Android Wallet - $Unknown (Global)]]

[[Tether_Fake_Android_Wallet|Nov 8th - Tether Fake Android Wallet - $Unknown (Global)]]

[[Elon_Musk_Verified_Twitter_Giveaway|Nov 5th - Elon Musk Verified Twitter Giveaway - $180k (Global)]]

[[Gate.io_Crypto-Stealing_JavaScript|Nov 3rd - Gate.io Crypto-Stealing JavaScript - $Unknown (Marshall Islands)]]

[[Pure_Bit_Exit_Scam|Nov 1st - Pure Bit Exit Scam - $2.8m (South Korea)]]

=== October 2018 ===
[[Oyster_Protocol_Bruno_Block_Exit_Scam|Oct 29th - Oyster Protocol Bruno Block Exit Scam - $300k (Global)]]

[[MetaMask_Fake_Android_Wallet|Oct 28th - MetaMask Fake Android Wallet - $Unknown (Global)]]

[[AT%26T_Coinbase_Gemini_Sim_Swap_Apple's_Robert_Ross|Oct 26th - AT&T Coinbase Gemini Sim Swap Apple's Robert Ross - $1000k (United States)]]

[[Wirex_Account_Hacked_SambucciTony|Oct 17th - Wirex Account Hacked SambucciTony - $Unknown (Global)]]

[[Anne-Elisabeth_Falkevik_Hagen_Kidnapping_Ransom|Oct 15th - Anne-Elisabeth Falkevik Hagen Kidnapping Ransom - $0k (Global)]]

[[Ledger_Live_Update_Account_Hack_sravrannies|Oct 5th - Ledger Live Update Account Hack sravrannies - $Unknown (Global)]]

[[Trade.io|Oct 1st - Trade.io - $8m (Switzerland)]]

[[MapleChange_Exchange_Hacked|Oct 1st - MapleChange Exchange Hacked - $6m (Canada)]]

=== September 2018 ===
[[Newdex_Fake_EOS_Exploit|Sep 14th - Newdex Fake EOS Exploit - $62k (Global)]]

[[Zaif_Hacking_Theft|Sep 1st - Zaif Hacking Theft - $60m (Japan)]]

=== August 2018 ===
[[Ledger_Fake_Live_App_on_Play_Store|Aug 18th - Ledger Fake Live App on Play Store - $Unknown (Global)]]

[[Chinese_Cryptocurrency_Heist|Aug 18th - Chinese Cryptocurrency Heist - $87m (China)]]

[[Sparkster_ICO_Phishing|Aug 14th - Sparkster ICO Phishing - $Unknown (Global)]]

=== July 2018 ===
[[MetaMask_Removed_On_Google_Play|Jul 25th - MetaMask Removed On Google Play - $Unknown (Global)]]

[[KICKICO_Security_Breach|Jul 25th - KICKICO Security Breach - $7.7m (Global)]]

[[WEX_Collapses|Jul 21st - WEX Collapses - $400m (Russia)]]

[[Donskoi_Shipwreck_ICO_Fraud|Jul 16th - Donskoi Shipwreck ICO Fraud - $8m (South Korea)]]

[[MyEtherWallet_Hola_VPN_Attack|Jul 9th - MyEtherWallet Hola VPN Attack - $Unknown (Global)]]

[[News_Site_Falls_For_Giveaway_Scam|Jul 7th - News Site Falls For Giveaway Scam - $0k (United Kingdom)]]

[[Trezor_BGP_Highjacking/DNS_Poisoning|Jul 1st - Trezor BGP Highjacking/DNS Poisoning - $Unknown (Global)]]

[[Bancor_Decentralized_Exchange_Hack|Jul 1st - Bancor Decentralized Exchange Hack - $23m (Switzerland)]]

=== June 2018 ===
[[CryptoCurrency_Clipboard_Hijacking|Jun 30th - CryptoCurrency Clipboard Hijacking - $Unknown (Global)]]

[[Huobi_Account_Breached_Despite_2FA_xemtime|Jun 22nd - Huobi Account Breached Despite 2FA xemtime - $16k (Global)]]

[[Zebpay_Shutdown_In_India|Jun 21st - Zebpay Shutdown In India - $0k (India)]]

[[MiningMax_Ponzi_Scheme|Jun 15th - MiningMax Ponzi Scheme - $250m (South Korea)]]

[[Skycoin_Founder_Synth_Kidnapping|Jun 13th - Skycoin Founder Synth Kidnapping - $205k (China)]]

[[Binance_Account_Hacked_BeanThe5th|Jun 9th - Binance Account Hacked BeanThe5th - $50k (Global)]]

[[Bithumb_Hacking|Jun 1st - Bithumb Hacking - $32m (South Korea)]]

[[CoinRail_Exchange_Hack|Jun 1st - CoinRail Exchange Hack - $40m (South Korea)]]

=== May 2018 ===
[[Titanium_Blockchain_Infrastructure_Services|May 28th - Titanium Blockchain Infrastructure Services - $21m (United States)]]

[[EOS_Migration_Phishing_Attacks|May 26th - EOS Migration Phishing Attacks - $62k (Global)]]

[[Ether_Shrimp_Farm|May 25th - Ether Shrimp Farm - $Unknown (Global)]]

[[Verge_Second_51%_Attack|May 22nd - Verge Second 51% Attack - $1.75m (Global)]]

[[AT%26T_Employees_Rob_Seth_Shapiro|May 16th - AT&T Employees Rob Seth Shapiro - $1.8m (Global)]]

[[Monacoin_51%_Attack|May 15th - Monacoin 51% Attack - $90k (Japan)]]

[[Binance_Bitcoin_Gold_51%_Attack|May 11th - Binance Bitcoin Gold 51% Attack - $Unknown (Cayman Islands)]]

[[Bithumb_Bitcoin_Gold_51%_Attack|May 11th - Bithumb Bitcoin Gold 51% Attack - $Unknown (South Korea)]]

[[Bitinka_Bitcoin_Gold_51%_Attack|May 11th - Bitinka Bitcoin Gold 51% Attack - $Unknown (Peru)]]

[[Bitfinex_Bitcoin_Gold_51%_Attack|May 11th - Bitfinex Bitcoin Gold 51% Attack - $Unknown (Hong Kong)]]

[[Bittrex_Bitcoin_Gold_Double-Spend|May 1st - Bittrex Bitcoin Gold Double-Spend - $255k+ (Liechtenstein)]]

[[Taylor_Ethereum_Hack|May 1st - Taylor Ethereum Hack - $1.5m (Brazil)]]

=== April 2018 ===
[[Dubai_Bitcoin_Gang_Heist|Apr 25th - Dubai Bitcoin Gang Heist - $1.2m (United Arab Emirates)]]

[[MyEtherWallet_Google_Public_DNS|Apr 24th - MyEtherWallet Google Public DNS - $361k (Global)]]

[[Ledger_Fake_BIP39_Generation_Scam|Apr 19th - Ledger Fake BIP39 Generation Scam - $Unknown (Global)]]

[[Pincoin/iFan_ICO_Scam|Apr 9th - Pincoin/iFan ICO Scam - $660.79m (Vietnam)]]

[[Verge_51%_Attack|Apr 4th - Verge 51% Attack - $1.074m (Global)]]

[[CoinSecure_Exchange_Hack|Apr 1st - CoinSecure Exchange Hack - $3.3m (India)]]

[[Electroneum_51%_Attack|Apr 1st - Electroneum 51% Attack - $0k (Global)]]

=== March 2018 ===
[[Mesquite_Bitcoin_ATM_Theft|Mar 28th - Mesquite Bitcoin ATM Theft - $Unknown (United States)]]

[[Lightning_Channel_Penalty_Enforced|Mar 25th - Lightning Channel Penalty Enforced - $0k (Global)]]

[[Denaro_Fraudulent_Initial_Coin_Offering|Mar 23rd - Denaro Fraudulent Initial Coin Offering - $7m (Global)]]

[[Irving_Bitcoin_ATM_Theft|Mar 22nd - Irving Bitcoin ATM Theft - $Unknown (United States)]]

[[Ledger_Hardware_Wallet_Keygen_Exploit|Mar 20th - Ledger Hardware Wallet Keygen Exploit - $0k (Global)]]

[[Coinnest_Platform_CEO_Embezzlement|Mar 15th - Coinnest Platform CEO Embezzlement - $940k (South Korea)]]

[[NuBits_Stablecoin_Depegged|Mar 12th - NuBits Stablecoin Depegged - $70.51m (Global)]]

[[Binance_Phishing_Campaign|Mar 7th - Binance Phishing Campaign - $8.8m (Singapore)]]

=== February 2018 ===
[[Paper_Wallet_From_Ebay_Bitcoin_Thefts|Feb 28th - Paper Wallet From Ebay Bitcoin Thefts - $83k (Unknown)]]

[[Ledger_Announcement_Hijacked_By_Scammer|Feb 23rd - Ledger Announcement Hijacked By Scammer - $Unknown (Global)]]

[[Ledger_Fake_Customer_Support|Feb 23rd - Ledger Fake Customer Support - $Unknown (Global)]]

[[Blockchain.info_Coinhoarder_Phishing|Feb 14th - Blockchain.info Coinhoarder Phishing - $50m (Global)]]

[[LoopX_Exit_Scam|Feb 11th - LoopX Exit Scam - $4.5m (Global)]]

[[Bee_Token_ICO_Phishing|Feb 5th - Bee Token ICO Phishing - $928k (United States)]]

[[PonziCoin_ICO_Exits|Feb 2nd - PonziCoin ICO Exits - $Unknown (Global)]]

[[BitGrail_NANO_Hack|Feb 1st - BitGrail NANO Hack - $170m (Italy)]]

=== January 2018 ===
[[Prodeum_Initial_Coin_Offering_Exit|Jan 28th - Prodeum Initial Coin Offering Exit - $3k (Global)]]

[[Experty_ICO_Leak_and_Phishing_Attack|Jan 26th - Experty ICO Leak and Phishing Attack - $150k (Poland)]]

[[MyEtherWallet_Fake_Google_Play_Wallet|Jan 24th - MyEtherWallet Fake Google Play Wallet - $Unknown (Global)]]

[[Benebit_Exit_Scam|Jan 22nd - Benebit Exit Scam - $4m (Global)]]

[[Trader_Lee_Has_His_Cash_Robbed|Jan 18th - Trader Lee Has His Cash Robbed - $180k (Hong Kong)]]

[[USI_Tech_Ponzi_Scheme|Jan 18th - USI Tech Ponzi Scheme - $13.3m+ (Global)]]

[[AriseBank/AriseCoin_Fraudulent_Initial_Coin_Offering|Jan 18th - AriseBank/AriseCoin Fraudulent Initial Coin Offering - $4.25m (Global)]]

[[BitConnect_Scheme_Collapses|Jan 17th - BitConnect Scheme Collapses - $2b (Global)]]

[[Telegram_ICO_Phishing|Jan 16th - Telegram ICO Phishing - $5m (Unknown)]]

[[Unknown_Sim_Swapping_Michael_Terpin|Jan 7th - Unknown Sim Swapping Michael Terpin - $24m (United States)]]

[[CoinsMarkets_Exit_Scam|Jan 5th - CoinsMarkets Exit Scam - $Unknown (Cyprus)]]

[[Ledger_Devices_Pre-Seeded_On_Ebay|Jan 4th - Ledger Devices Pre-Seeded On Ebay - $34k (Global)]]

[[Canadian_Bitcoins_Robbery|Jan 1st - Canadian Bitcoins Robbery - $0k (Canada)]]

[[Coincheck_NEM_Token_Hack|Jan 1st - Coincheck NEM Token Hack - $530m (Japan)]]

==2017==
=== December 2017 ===
[[John_McAfee_Twitter_Hacked|Dec 27th - John McAfee Twitter Hacked - $0k (Global)]]

[[BitKRX_Exit_Scam|Dec 25th - BitKRX Exit Scam - $Unknown (South Korea)]]

[[Chain.group_Ponzi_Scheme|Dec 14th - Chain.group Ponzi Scheme - $Unknown (Global)]]

[[MyEtherWallet_Fake_Wallet_Application|Dec 10th - MyEtherWallet Fake Wallet Application - $Unknown (Global)]]

[[PlexCoin_ICO_Fraud|Dec 5th - PlexCoin ICO Fraud - $8.269m (Global)]]

[[Youbit_Exchange_Hack|Dec 1st - Youbit Exchange Hack - $2.65m (South Korea)]]

[[NiceHash_Exchange_Hack|Dec 1st - NiceHash Exchange Hack - $64m (Slovenia)]]

=== November 2017 ===
[[Confido_Exit_Scam|Nov 21st - Confido Exit Scam - $374k (Global)]]

[[Tether_USDT_Token_Theft|Nov 19th - Tether USDT Token Theft - $30.95m (Global)]]

[[My_BTG_Wallet_Fraud|Nov 17th - My BTG Wallet Fraud - $3.2m (Global)]]

[[Optioment_Bitcoin_Ponzi_Scheme|Nov 7th - Optioment Bitcoin Ponzi Scheme - $136.313m (Global)]]

[[Exchange_Account_Drained_TMobile_Sim_Swap_Carlos_Tapang|Nov 7th - Exchange Account Drained TMobile Sim Swap Carlos Tapang - $12k (Global)]]

[[Parity_Ethereum_Frozen|Nov 6th - Parity Ethereum Frozen - $280m (Global)]]

[[Bitpetite_Ponzi_Scheme|Nov 5th - Bitpetite Ponzi Scheme - $Unknown (United Kingdom)]]

[[New_York_Biker_Gang_Ether_Theft|Nov 4th - New York Biker Gang Ether Theft - $1.8m (United States)]]

[[Hexabot.top_High_Yield_Investment_Scheme|Nov 4th - Hexabot.top High Yield Investment Scheme - $Unknown (Global)]]

=== October 2017 ===
[[MyEtherWallet_Phishing_Steals_Thousands|Oct 24th - MyEtherWallet Phishing Steals Thousands - $15k (Global)]]

[[BitOrbit_Ltd_Exit_Scam|Oct 13th - BitOrbit Ltd Exit Scam - $Unknown (Global)]]

=== September 2017 ===
[[Diamond_Reserve_Club_False_Claims|Sep 29th - Diamond Reserve Club False Claims - $75k (United States)]]

[[Bitfinex_Phishing_Website|Sep 19th - Bitfinex Phishing Website - $Unknown (Global)]]

[[Control_Finance_Scheme|Sep 7th - Control Finance Scheme - $147m (United Kingdom)]]

=== August 2017 ===
[[Xtreme_Coin_MLM_Exit|Aug 28th - Xtreme Coin MLM Exit - $Unknown (Global)]]

[[Bittrex_Spoofed_Website_Hack_GodOfWhatevers|Aug 26th - Bittrex Spoofed Website Hack GodOfWhatevers - $100k (Liechtenstein)]]

[[Bancor_Front-Running_Possible|Aug 17th - Bancor Front-Running Possible - $Unknown (Global)]]

[[Kraken_ETH_SIM_Swap_Jeremiah_Nichol|Aug 17th - Kraken ETH SIM Swap Jeremiah Nichol - $12k (United States)]]

=== July 2017 ===
[[BTC-e_Assets_Seized_By_US_Authorities|Jul 25th - BTC-e Assets Seized By US Authorities - $990m+ (Russia)]]

[[Centra_Tech_Fake_Debit_Card|Jul 25th - Centra Tech Fake Debit Card - $25m (United States)]]

[[MyAdvertisingPays_Exit_Scam|Jul 25th - MyAdvertisingPays Exit Scam - $Unknown (Unknown)]]

[[Veritaseum_Peer_To_Peer_Platform|Jul 23rd - Veritaseum Peer To Peer Platform - $8.6m (United States)]]

[[Parity_Unauthorized_Withdrawals|Jul 20th - Parity Unauthorized Withdrawals - $32m (Global)]]

[[Coindash_ICO_Theft|Jul 17th - Coindash ICO Theft - $7.4m (Global)]]

[[Unknown_Ripple_Exchange_Phishing_Scam|Jul 14th - Unknown Ripple Exchange Phishing Scam - $800k (Global)]]

=== June 2017 ===
[[GladiaCoin_Multi-Level_Marketing_Scheme_Collapses|Jun 11th - GladiaCoin Multi-Level Marketing Scheme Collapses - $Unknown (Global)]]

[[Bithumb_Privacy/Phishing_Hack|Jun 1st - Bithumb Privacy/Phishing Hack - $31m (China)]]

[[QuadrigaCX_Contract_Error|Jun 1st - QuadrigaCX Contract Error - $14.7m (Canada)]]

=== May 2017 ===
[[Reddit_Dogecoin_Tipping_Bot_Funds_Stolen|May 7th - Reddit Dogecoin Tipping Bot Funds Stolen - $Unknown (Global)]]

=== April 2017 ===
[[Yapizon_Exchange_Hack|Apr 1st - Yapizon Exchange Hack - $5.3m (South Korea)]]

=== February 2017 ===
[[ZCoin/Firo_Typographical_Error|Feb 16th - ZCoin/Firo Typographical Error - $400k (Global)]]

=== January 2017 ===
[[MyEtherWallet_Unauthorized_Transaction_boki019|Jan 27th - MyEtherWallet Unauthorized Transaction boki019 - $2k (Global)]]

[[OneCoin_Scheme_Collapses|Jan 15th - OneCoin Scheme Collapses - $4b (Global)]]

[[Fake_Wallet_From_Reddit|Jan 15th - Fake Wallet From Reddit - $220k (Global)]]

==2016==
=== October 2016 ===
[[Bitcurex_Exchange_Hack|Oct 13th - Bitcurex Exchange Hack - $1.5m (Poland)]]

=== August 2016 ===
[[Bitfinex_Security_Breach|Aug 3rd - Bitfinex Security Breach - $72m (Hong Kong)]]

=== June 2016 ===
[[Ethereum_DAO_Reentrancy_Attack|Jun 17th - Ethereum DAO Reentrancy Attack - $60m (Global)]]

=== May 2016 ===
[[Gatecoin_Hack|May 1st - Gatecoin Hack - $2.5m (Hong Kong)]]

=== April 2016 ===
[[ShapeShift_Three_Thefts|Apr 9th - ShapeShift Three Thefts - $230k (United States)]]

=== March 2016 ===
[[CoinTrader/NewNote_Shuts_Down|Mar 1st - CoinTrader/NewNote Shuts Down - $1.5m? (Canada)]]

=== January 2016 ===
[[Cryptsy_Withdrawals_Closed/Bankruptcy|Jan 15th - Cryptsy Withdrawals Closed/Bankruptcy - $4.291m (United States)]]

==2015==
=== December 2015 ===
[[Ripple_Trade_Shut_Down|Dec 15th - Ripple Trade Shut Down - $0k (Global)]]

=== September 2015 ===
[[My_Big_Coin_Fraudulent_Service|Sep 3rd - My Big Coin Fraudulent Service - $6m (United States)]]

[[BitPay_Social_Engineering|Sep 1st - BitPay Social Engineering - $1.8m (United States)]]

=== May 2015 ===
[[Bitfinex_Hot_Wallet_Hack|May 22nd - Bitfinex Hot Wallet Hack - $356k (Hong Kong)]]

[[BitcoinTalk_Database_Breach|May 21st - BitcoinTalk Database Breach - $0k (Global)]]

=== March 2015 ===
[[Ripple_Trade_Japan_Fraud|Mar 3rd - Ripple Trade Japan Fraud - $1000k (Japan)]]

[[Coinapult_Hot_Wallet_Hack|Mar 1st - Coinapult Hot Wallet Hack - $43k (Panama)]]

[[AllCrypt_WordPress_Exploit_Theft|Mar 1st - AllCrypt WordPress Exploit Theft - $12k (Unknown)]]

=== February 2015 ===
[[BTER_Bitcoin_Heist|Feb 15th - BTER Bitcoin Heist - $1.75m (China)]]

[[Kipcoin_Exchange_Hack|Feb 1st - Kipcoin Exchange Hack - $690k (China)]]

[[MyCoin_Exchange_Bankruptcy|Feb 1st - MyCoin Exchange Bankruptcy - $387m (Hong Kong)]]

=== January 2015 ===
[[796_Exchange_Hack|Jan 27th - 796 Exchange Hack - $230k (China)]]

[[Bitstamp_Hot_Wallet_Hack|Jan 3rd - Bitstamp Hot Wallet Hack - $5.1m (Luxembourg)]]

==2014==
=== December 2014 ===
[[Blockchain.info_R_Value_Vulnerability|Dec 8th - Blockchain.info R Value Vulnerability - $40k (Global)]]

=== October 2014 ===
[[BTC-e_Data_Leak|Oct 15th - BTC-e Data Leak - $0k (Russia)]]

[[Ripple_Trade_Ripple_and_Stellar_Hacking|Oct 8th - Ripple Trade Ripple and Stellar Hacking - $0k (Global)]]

[[JustCoin_Exchange_Ripple_and_Stellar_Hacking|Oct 8th - JustCoin Exchange Ripple and Stellar Hacking - $150k (Norway)]]

[[Mintpal_Exchange_Exit_Scam|Oct 1st - Mintpal Exchange Exit Scam - $1.3m (United Kingdom)]]

=== August 2014 ===
[[BTER_NXT_Token_Theft|Aug 15th - BTER NXT Token Theft - $1.65m (China)]]

[[BitNZ_MailJet_Hack|Aug 1st - BitNZ MailJet Hack - $23k (New Zealand)]]

=== July 2014 ===
[[Cryptsy_Exchange_Hack|Jul 29th - Cryptsy Exchange Hack - $8.516m (United States)]]

[[MintPal_Vericoin_Hack/Rollback|Jul 13th - MintPal Vericoin Hack/Rollback - $2m (United Kingdom)]]

[[Bitcoins_Reserve_Social_Engineering|Jul 4th - Bitcoins Reserve Social Engineering - $63k (Australia)]]

=== June 2014 ===
[[50BTC_Mining_Pool_Exit_Scam|Jun 17th - 50BTC Mining Pool Exit Scam - $Unknown (Unknown)]]

=== March 2014 ===
[[AllCrypt_Bitcoin_Scrypt_(BTCS)_Theft|Mar 21st - AllCrypt Bitcoin Scrypt (BTCS) Theft - $2k (Global)]]

[[PonziCoin_Early_Exit_Suspected|Mar 9th - PonziCoin Early Exit Suspected - $7k (Unknown)]]

[[Flexcoin_Hot_Wallet_Hack|Mar 2nd - Flexcoin Hot Wallet Hack - $600k (Canada)]]

[[Bitcurex_Targeted_by_Hacking|Mar 1st - Bitcurex Targeted by Hacking - $844k (Poland)]]

[[CryptoRush_Hack|Mar 1st - CryptoRush Hack - $800k (United States)]]

[[Poloniex_Withdrawal_Hack|Mar 1st - Poloniex Withdrawal Hack - $65k (United States)]]

=== February 2014 ===
[[Mt._Gox_Halts_Trade_Over_Major_Hack|Feb 1st - Mt. Gox Halts Trade Over Major Hack - $300m (Japan)]]

==2013==
=== December 2013 ===
[[Intersango_Exit_Scam|Dec 1st - Intersango Exit Scam - $14k+ (United Kingdom)]]

=== November 2013 ===
[[Sheep_Marketplace_Bitcoin_Theft|Nov 21st - Sheep Marketplace Bitcoin Theft - $5.823m (Czech Republic)]]

[[Inputs.io_Additional_Lish_Attack|Nov 7th - Inputs.io Additional Lish Attack - $57k (Australia)]]

[[WhiskChat_Bitcoin_Chatroom_Data_Breach|Nov 6th - WhiskChat Bitcoin Chatroom Data Breach - $0k (Global)]]

[[Blockchain.info_Email_Backup_Theft|Nov 4th - Blockchain.info Email Backup Theft - $76k (Global)]]

[[BIPS_Wallet_Service|Nov 1st - BIPS Wallet Service - $650k (Denmark)]]

[[Czech_Bitcash.cz_Hacked|Nov 1st - Czech Bitcash.cz Hacked - $200k (Czech Republic)]]

[[Bidextreme.pl_Exchange_Hacked|Nov 1st - Bidextreme.pl Exchange Hacked - $Unknown (Poland)]]

[[Picostocks_“Cold_Wallet”_Hack|Nov 1st - Picostocks “Cold Wallet” Hack - $6m (Marshall Islands)]]

=== October 2013 ===
[[Input.io_“Wallet”_Hack|Oct 23rd - Input.io “Wallet” Hack - $1.267m (Australia)]]

[[Inputs.io_API_Compromised|Oct 23rd - Inputs.io API Compromised - $Unknown (Australia)]]

[[BitcoinTalk_The_Hole_Seekers_Hack|Oct 2nd - BitcoinTalk The Hole Seekers Hack - $0k (Global)]]

[[GBL_Exchange_Exit_Scam|Oct 1st - GBL Exchange Exit Scam - $4.1m (China)]]

[[Canadian_Bitcoins_Social_Engineering_Theft|Oct 1st - Canadian Bitcoins Social Engineering Theft - $100k (Canada)]]

=== September 2013 ===
[[CoinLenders_Platform_Closes_With_Funds|Sep 23rd - CoinLenders Platform Closes With Funds - $869k (Australia)]]

=== August 2013 ===
[[Inputs.io_Phishing_Attack|Aug 24th - Inputs.io Phishing Attack - $Unknown (Australia)]]

[[Blockchain.info_Transaction_Signing_Flaw|Aug 19th - Blockchain.info Transaction Signing Flaw - $2k (Global)]]

[[Bitcoin_Lost_In_The_Dump_James_Howells|Aug 15th - Bitcoin Lost In The Dump James Howells - $872k (United Kingdom)]]

[[Blockchain.info_Wallet_Emptied|Aug 1st - Blockchain.info Wallet Emptied - $2k (Global)]]

[[Blockchain.info_Roommate_Fund_Theft|Aug 1st - Blockchain.info Roommate Fund Theft - $4k (Unknown)]]

=== July 2013 ===
[[Blockchain.info_Insecure_Android_Key_Generation|Jul 23rd - Blockchain.info Insecure Android Key Generation - $5k (Global)]]

[[WeExchange_Ripple_Gateway_Hacked|Jul 15th - WeExchange Ripple Gateway Hacked - $590k (Australia)]]

[[Mt._Gox_User_champbronc2_Hacked|Jul 12th - Mt. Gox User champbronc2 Hacked - $2k (Global)]]

[[Bitfunder_and_WeExchange_Hack|Jul 1st - Bitfunder and WeExchange Hack - $788k (United States)]]

=== June 2013 ===
[[Feathercoin_51%_Attack|Jun 8th - Feathercoin 51% Attack - $Unknown (Global)]]

[[Evil_Roommate_Bitcoin_Theft|Jun 5th - Evil Roommate Bitcoin Theft - $3k (Unknown)]]

=== May 2013 ===
[[Ripple_Scam_By_TradeFortress|May 16th - Ripple Scam By TradeFortress - $2k (Global)]]

[[Vircurex_Second_Exchange_Hack|May 10th - Vircurex Second Exchange Hack - $341k (Unknown)]]

=== March 2013 ===
[[Bitcoin_Chain_Fork_Double_Spend_Incident|Mar 12th - Bitcoin Chain Fork Double Spend Incident - $10k (Global)]]

[[Mercado_Bitcoin|Mar 1st - Mercado Bitcoin - $101k (Brazil)]]

=== February 2013 ===
[[Bit_LC_Theft|Feb 1st - Bit LC Theft - $51k (Panama)]]

=== January 2013 ===
[[Vircurex_Exchange_Hack|Jan 1st - Vircurex Exchange Hack - $50m (Germany)]]

==2012==
=== December 2012 ===
[[BitMarket.eu_Custodian_Failure|Dec 1st - BitMarket.eu Custodian Failure - $400k (Poland)]]

=== September 2012 ===
[[Bitfloor_Exchange_Hack|Sep 1st - Bitfloor Exchange Hack - $240k (United States)]]

=== August 2012 ===
[[Kronos.io_Pre-Launch_Bitcoin_Heist|Aug 1st - Kronos.io Pre-Launch Bitcoin Heist - $43k (Italy)]]

[[Bitcoin_Savings_and_Trust|Aug 1st - Bitcoin Savings and Trust - $5.3m (United States)]]

=== July 2012 ===
[[IronKey_Lost_Password_Stefan_Thomas|Jul 11th - IronKey Lost Password Stefan Thomas - $148k (United States)]]

[[BTC-e_Hack|Jul 1st - BTC-e Hack - $42k (Russia)]]

[[Bitcoinica_Another_Hot_Wallet_Hack|Jul 1st - Bitcoinica Another Hot Wallet Hack - $305k (New Zealand)]]

=== June 2012 ===
[[CryptoXChange_Withdrawal_Refused|Jun 7th - CryptoXChange Withdrawal Refused - $115k (Australia)]]

=== May 2012 ===
[[World_Bitcoin_Exchange|May 1st - World Bitcoin Exchange - $25k (Australia)]]

[[Bitcoinica_Hot_Wallet_Hack|May 1st - Bitcoinica Hot Wallet Hack - $91k (New Zealand)]]

=== March 2012 ===
[[Bitcoinica_Linode_Web_Host_Hack|Mar 1st - Bitcoinica Linode Web Host Hack - $228k (New Zealand)]]

==2011==
=== October 2011 ===
[[Mt._Gox_Coins_Destroyed|Oct 28th - Mt. Gox Coins Destroyed - $8k (Japan)]]

[[Bitcoin7_Exchange_Hack/Fraud|Oct 1st - Bitcoin7 Exchange Hack/Fraud - $50k (Unknown)]]

=== July 2011 ===
[[MyBitcoin_Exchange_Hack/Fraud|Jul 29th - MyBitcoin Exchange Hack/Fraud - $1.082m (Unknown)]]

[[Bitomat_Exchange_Wallet.dat_File_Deleted|Jul 1st - Bitomat Exchange Wallet.dat File Deleted - $220k (Poland)]]

=== June 2011 ===
[[MyBitcoin_Username/Password_Breach|Jun 20th - MyBitcoin Username/Password Breach - $72k (Unknown)]]

[[Mt._Gox_Auditor_Theft|Jun 19th - Mt. Gox Auditor Theft - $47k (Japan)]]

==2010==
=== August 2010 ===
[[Bitcoin_Value_Overflow_184_Billion_Minting_Incident|Aug 15th - Bitcoin Value Overflow 184 Billion Minting Incident - $0k (Global)]]

MyAdvertisingPays Exit Scam

2025-08-27T21:45:46Z

Azoundria:

{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/myadvertisingpaysexitscam.php}}

[[File:Myadvertisingpays.jpg|thumb|MyAdvertisingPays]]The MyAdvertisingPays platform supposedly ran a platform where investors were getting payouts from advertising revenue. Suffice to say, there was none. Later, they claimed that credit card processor issues had shut their service down.

The country for this case study is not yet known.<ref name="nobsimreviews-5906" /><ref name="myadvertisingpaysmaplinkedin-5982" /><ref name="behindmlm-5983" /><ref name="behindmlm-5984" /><ref name="myadvertisingpaysopparchive-5985" /><ref name="facebook-5988" /><ref name="behindmlm-5989" /><ref name="crunchbase-5990" /><ref name="facebook-5991" /><ref name="myadvertspaytwitter-5992" /><ref name="mapswithsanjeevblog-5993" /><ref name="ampliz-5994" /><ref name="sitejabber-5995" />

The country for this case study is not yet known.

== About MyAdvertisingPays ==
"My Advertising Pays (MAPs for short) is an advertising company that allows people to purchase advertising packs, or credit packs (traffic) for your business. We offer simple and effective income solutions to all."

"This Is The Easiest Money You Will Make Online! Every Single Person Makes Money In MAPS. My Advertising Pays - It Does! Don't Delay Start Earning Today"

"We’ve created a streamlined solid and secure income source in the #1 money generating market online, advertising."

"You earn money with the daily company profit shares, which refresh 72 times every day. However, to qualify for the daily profit share, you must click on 10 adverts each day."

"No gimmicks, no games, no recruiting. Just a straightforward system that pays you for viewing ads, shares our profits with you every 20 minutes and helps you (if you choose) to build your second business on auto-pilot!"

"I received an invite from someone who was the biggest promoter in a company called MyAdvertisingPays which ended up collapsing last year. It was a business that paid a set amount of % based on how many advertising packs a person owned."

"The theory was that the company made money from advertising and shared their profits back with the users however this was never really the case. There was no genuine advertising revenue, the ad revenue actually just came from people signing up to the business opportunity and viewing ads."

"Ultimately when the promoters started to slow down and banking problems arose the company collapsed."

"My Advertising Pays claim their credit card processor has frozen funds for an “undisclosed and unanticipated period of time”."

"I can easily see the same thing happening with Bitpetite and other programs like it however people will come off MUCH worse when this happens because Bitcoin and cryptocurrency is essentially untraceable!"

"For reasons that continue to be withheld from us, our credit card processor has elected to place a hold on our USD Reserve Fund, limiting our ability to transact business and greatly hindering members profit share distributions."

"Simultaneously, despite heavy pressure, our credit card processor has unilaterally elected to withhold Euro funds for undisclosed and unanticipated periods of time – sometimes upwards of six (6) months."

"Accordingly, we are forced to suspend MAP transactions, both financial and otherwise, until these credit card processing issues can effectively be brought to a close."

"Not willing to take the collapse of My Advertising Pays lying down, an affiliate is using the court in an attempt to recover over £4000 GBP in losses ($5200 USD)."

"As documented by Tara Talks, a small claims case was filed against Tony and Lynne Booth on July 25th."

"Together the Booths are believed to have received a large percentage of funds invested by My Advertising Pays affiliates."

"On August 11th it was confirmed that the Booths had responded to the lawsuit."

The country for this case study is not yet known.

The country for this case study is not yet known.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

* Known history of when and how the service was started.
* What problems does the company or service claim to solve?
* What marketing materials were used by the firm or business?
* Audits performed, and excerpts that may have been included.
* Business registration documents shown (fake or legitimate).
* How were people recruited to participate?
* Public warnings and announcements prior to the event.

Don't Include:
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
* Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - MyAdvertisingPays Exit Scam
!Date
!Event
!Description
|-
|July 25th, 2017
|Main Event
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|-
|
|
|
|}

== Technical Details ==
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

== Total Amount Lost ==
The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

== Immediate Reactions ==
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

== Ultimate Outcome ==
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="nobsimreviews-5906">[https://nobsimreviews.com/bitpetite-scam/ Bitpetite Scam? Full Review Exposes Truth!] (Accessed Jan 22, 2022)</ref>

<ref name="myadvertisingpaysmaplinkedin-5982">[https://www.linkedin.com/company/myadvertisingpays-map-/about/ https://www.linkedin.com/company/myadvertisingpays-map-/about/] (Accessed Jan 25, 2022)</ref>

<ref name="behindmlm-5983">[https://behindmlm.com/companies/myadvertisingpays/my-advertising-pays-small-claims-court-case-filed/ My Advertising Pays small claims court case filed] (Accessed Jan 25, 2022)</ref>

<ref name="behindmlm-5984">[https://behindmlm.com/companies/myadvertisingpays/my-advertising-pays-funds-seized-for-an-undisclosed-period-of-time/ My Advertising Pays funds seized for an "undisclosed period of time"] (Accessed Jan 25, 2022)</ref>

<ref name="myadvertisingpaysopparchive-5985">[https://web.archive.org/web/20140414024500/http://www.myadvertisingpaysopp.com/ My Advertising Pays] (Accessed Jan 25, 2022)</ref>

<ref name="facebook-5988">[https://www.facebook.com/The-Advert-PlatformMy-Advertising-Pays-Scam-788704724492200/ https://www.facebook.com/The-Advert-PlatformMy-Advertising-Pays-Scam-788704724492200/] (Accessed Jan 26, 2022)</ref>

<ref name="behindmlm-5989">[https://behindmlm.com/companies/myadvertisingpays/my-advertising-pays-affiliates-not-paid-for-over-a-week/ My Advertising Pays affiliates not paid for over a week] (Accessed Jan 26, 2022)</ref>

<ref name="crunchbase-5990">[https://www.crunchbase.com/organization/myadvertisingpays https://www.crunchbase.com/organization/myadvertisingpays] (Accessed Jan 26, 2022)</ref>

<ref name="facebook-5991">[https://www.facebook.com/MyAdvertisngPays/ https://www.facebook.com/MyAdvertisngPays/] (Accessed Jan 26, 2022)</ref>

<ref name="myadvertspaytwitter-5992">[https://twitter.com/myadvertspay Myadvertisingpays (@Myadvertspay) | Twitter] (Accessed Jan 26, 2022)</ref>

<ref name="mapswithsanjeevblog-5993">[http://mapswithsanjeev.blogspot.com/p/register.html MyAdvertisingPays: SignUp] (Accessed Jan 26, 2022)</ref>

<ref name="ampliz-5994">[https://www.ampliz.com/company/myadvertisingpays/89932393 MyAdvertisingPays - Overview, Competitors, And Employees | Ampliz.com] (Accessed Jan 26, 2022)</ref>

<ref name="sitejabber-5995">[https://www.sitejabber.com/reviews/myadvertisingpays.com MyAdvertisingPays Reviews - 1 Review of Myadvertisingpays.com | Sitejabber] (Accessed Jan 26, 2022)</ref></references>

SuperRare updateMerkleRoot Backwards Permission Check Logic

2025-08-27T21:45:16Z

Azoundria:

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/superrareupdatemerklerootbackwardspermissionchecklogic.php}}
{{Unattributed Sources}}

[[File:Superrare.jpg|thumb|SuperRare Logo/Homepage]]SuperRare, a high-end digital art marketplace known for its curated one-of-one crypto artworks and artist-centric community, recently suffered a critical exploit in its RareStakingV1 smart contract. A flaw in the access control logic of the updateMerkleRoot function allowed unauthorized users—excluding only the intended privileged addresses—to update staking reward eligibility. This oversight enabled an attacker to submit a forged Merkle root and claim roughly 11.9 million $RARE tokens (~$730K). A frontrunning incident followed, likely involving MEV strategies. The attacker’s address had been funded via Tornado Cash months prior, suggesting premeditation. Despite widespread third-party reporting, SuperRare has not publicly acknowledged the breach, and no recovery efforts have been disclosed. The incident underscores how a minor code logic error in decentralized protocols can lead to substantial financial loss.<ref name="slowmisttweet-20746" /><ref name="exploitaddress-20747" /><ref name="agentlistaitweet-20748" /><ref name="solidityscantweet-20749" /><ref name="blockscopecotweet-20750" /><ref name="metatrustalerttweet-20751" /><ref name="certikalerttweet-20752" /><ref name="cyversalerttweet-20753" /><ref name="phalcomxyztweet-20754" /><ref name="unknown-20755" /><ref name="peckshieldalerttweet-20756" /><ref name="syplabsyitweet-20757" /><ref name="unknown-20758" /><ref name="blockaidtweet-20759" /><ref name="superraretwitterx-20760" /><ref name="superrarehomepage-20761" /><ref name="mirrorxyz-20762" /><ref name="superraredocs-20763" /><ref name="artistonboarding-20764" /><ref name="mitrade-21044" /><ref name="cointelegraph-21045" /><ref name="web3isgoinggreat-21046" />

== About SuperRare ==
SuperRare is a pioneering digital art marketplace and gallery that specializes in one-of-one crypto artworks. Launched in 2018, it offers a curated platform where artists mint, exhibit, and sell NFTs (non-fungible tokens) directly to collectors. Unlike open marketplaces with mass uploads, SuperRare takes a high-end, gallery-style approach, emphasizing quality, originality, and digital scarcity. Each artwork is tokenized on the Ethereum blockchain, ensuring transparent ownership, provenance, and resale royalties for artists.

The platform distinguishes itself by fostering a strong community of collectors and creators through artist onboarding, editorial features, and physical exhibitions. It also integrates social features like profiles, bidding, and commenting to encourage collector-artist interactions. SuperRare recently launched SuperRare Spaces—independently curated storefronts that bring decentralized governance into the platform. These Spaces are selected and managed by community members who propose exhibitions, onboard artists, and earn a portion of sales, aligning with the DAO’s long-term vision.

Governance and development of SuperRare are overseen by RareDAO, a decentralized autonomous organization powered by the $RARE token. Holders of $RARE can participate in protocol decisions, manage treasury funds, and vote on key initiatives, including Space proposals. With notable partners like Sotheby’s and artists such as XCOPY and Beeple commanding multimillion-dollar sales, SuperRare remains at the forefront of the crypto art movement, merging high-end digital art with decentralized technology.

== The Reality ==
Unfortunately, the SuperRare staking contract (RareStakingV1) on Ethereum contained a critical flaw in its access control logic, specifically in the updateMerkleRoot function. This function was meant to be restricted to trusted parties—such as the contract owner or a specific privileged address—to securely update the Merkle root that determines reward eligibility. However, due to a logic inversion in the permission check, the contract accidentally allowed all addresses except the intended privileged ones to call the function.

== What Happened ==
A critical access control flaw in SuperRare’s staking contract allowed an attacker to fraudulently claim ~$730K in $RARE tokens, with no public acknowledgment or recovery effort from the team to date.
{| class="wikitable"
|+Key Event Timeline - SuperRare updateMerkleRoot Backwards Permission Check Logic
!Date
!Event
!Description
|-
|July 28th, 2025 2:21:47 AM MDT
|Contract Deployment Transaction
|Blockaid reports that this is the deployment of the smart contract. SolidityScan incorrectly reports this is the attack transaction.
|-
|July 28th, 2025 2:21:59 AM MDT
|Attack Transaction
|The attack transaction, according to BlockScope, SupLabsYi, Blockaid, PeckShield, and CertiK. The smart contract is abused to modify the Merkle root and
|-
|July 28th, 2025 3:53:00 AM MDT
|SlowMist Posts Exploit Tweet
|SlowMist posts on Twitter/X to report that the SuperRare platform appears to have suffered from a compromise. A vulnerability appears to allow anyone to update the Merkle root permissions and claim tokens.
|}

== Technical Details ==
A misconfiguration meant that any unauthorized user could submit a new, forged Merkle root and effectively claim staking rewards meant for legitimate users. By exploiting this, an attacker was able to generate a fraudulent distribution tree and drain approximately $730,000 worth of $RARE tokens. The exploit was further complicated by a frontrunning incident: although the attacker deployed an exploit contract, a separate address executed the actual draining transaction one block later, potentially using MEV strategies.

The exploit was the result of a critical flaw in the access control logic of the updateMerkleRoot function. This function, intended to be used only by authorized accounts (like the contract owner or a specific privileged address), contained an inverted permission check. Instead of verifying that only privileged users could call it, the logic was mistakenly written to exclude those privileged users—allowing anyone else to update the Merkle root. This effectively opened the door for any attacker to forge distribution roots and drain funds meant for legitimate stakers.

Using this vulnerability, the attacker submitted a fake Merkle root, allowing them to claim reward tokens they weren’t entitled to. The attacker deployed an exploit contract to facilitate the claim, but notably, the actual draining transaction was frontrun by another address one block later—indicating the presence of a MEV (Miner Extractable Value) bot or a separate opportunistic actor. The stolen funds, totaling 11.9 million $RARE ($730K USD), remain in the attacker's contract and have not yet been swapped or laundered.

Analysis shows the attacker’s address was funded via Tornado Cash approximately 186 days prior, suggesting premeditation and an attempt to anonymize the funding trail. This exploit underscores the importance of proper require statement logic in Solidity smart contracts, especially in access control functions. A simple correction—such as enforcing require(msg.sender == owner() || msg.sender == 0xc2F3...8ddc)—could have prevented this attack entirely. The event highlights how small errors in permission checks can lead to large financial losses in decentralized protocols.

Transactions:
0xf5b6531ead5023568b5063b131068a6dd4d8c9eac66a51666982d99af1a0d520

Attacker:
0x5B9B4B4DaFbCfCEEa7aFbA56958fcBB37d82D4a2

Victim Contract (SuperRare RareStaking V1):
0xfFB512B9176D527C5D32189c3e310Ed4aB2Bb9eC

== Total Amount Lost ==
CertiK reports the loss as "11.9M RARE tokens (~$730K)". PeckShield and Blockaid also report $730k.

Cyvers has a screenshot showing the loss total as $731,809.68.

SupLabsYi reports a lower loss amount of $710k.

The total amount lost has been estimated at $730,000 USD.

== Immediate Reactions ==
Multiple third parties have reported on the exploit transaction. The exploit does not appear to have been publicly acknowledged by the SuperRare team initially.

== Ultimate Outcome ==
The incident does not appear to have been acknowledged by the SuperRare team on their website or social media.

Jonathan Perkins, co-founder of SuperRare, later informed Cointelegraph that the core protocol remains intact with no loss of funds. He added that around 61 wallets seem to have been impacted and assured that those affected will be fully compensated.

== Total Amount Recovered ==
SuperRare's co-founder Jonathan Perkins has mentioned an intent to fully compensate all affected users. It has not been confirmed that this has been completed.

It is not publicly known whether the funds from the hack were returned.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
SuperRare is likely introducing development process changes based on this exploit. It is unclear what kind of investigation may be underway, or if funds have been returned.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmisttweet-20746">[https://twitter.com/SlowMist_Team/status/1949770231733530682 SlowMist - "MistEye detected that @SuperRare has been exploited. The root cause for this exploit was an incorrect permission check in the updateMerkleRoot function, allowing anyone to modify the Merkle Root and claim tokens." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="exploitaddress-20747">[https://etherscan.io/address/0x3f4d749675b3e48bccd932033808a7079328eb48 Exploiter Address - Etherscan] (Accessed Jul 29, 2025)</ref>

<ref name="agentlistaitweet-20748">[https://twitter.com/AgentLISA_ai/status/1949781806947160177 Agent Lisa (AI) - "A severe vulnerability has been detected in the updateMerkleRoot function of certain smart contracts, allowing anyone to modify the Merkle root. This flaw can lead to fraudulent claims and the drainage of contract funds." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="solidityscantweet-20749">[https://twitter.com/SolidityScan/status/1949818216437412061 SolidityScan - "On 28th July, 2025, SuperRare's (@SuperRare) RareStakingV1 contract was hacked, losing ~$730K USD (~11.9M $RARE) due to a flawed access control in updateMerkleRoot() function's require check." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="blockscopecotweet-20750">[https://twitter.com/BlockscopeCo/status/1949937308112752703 BlockscopeCo - "A critical access control flaw in @SuperRare’s contract allowed an exploiter to update the Merkle root without authorization. By submitting a fake root, the exploiter claimed and drained ~$720K in $RARE tokens intended for genuine recipients." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="metatrustalerttweet-20751">[https://twitter.com/MetaTrustAlert/status/1949775292836508141 MetaTrustAlert - "@SuperRare on #Ethereum was attacked with a loss of $730k due to the incorrect access control in `updateMerkleRoot` allows unauthorized users to update the merkle root." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="certikalerttweet-20752">[https://twitter.com/CertiKAlert/status/1949772114309132363 CertiKAlert - "The attacker updated the MerkleRoot then claimed 11.9M RARE tokens (~$730K)." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="cyversalerttweet-20753">[https://twitter.com/CyversAlerts/status/1949766758635610276 CyversAlerts - "The attacker’s address, funded via @TornadoCash approximately 186 days ago, executed the exploit and gained 731K worth of $RARE." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="phalcomxyztweet-20754">[https://twitter.com/Phalcon_xyz/status/1949780457786351991 Phalcon_xyz - "@SuperRare] (Accessed Jul 29, 2025)</ref>

<ref name="unknown-20755">[’s staking contract (v1) on #Ethereum was exploited, with the root cause traced to a flawed updateMerkleRoot function—key validation checks were incorrectly inverted. As a result, instead of restricting updates to privileged accounts (e.g., the owner), any account (except those privileged ones) could perform the update..." - Twitter/X ’s staking contract (v1) on #Ethereum was exploited, with the root cause traced to a flawed updateMerkleRoot function—key validation checks were incorrectly inverted. As a result, instead of restricting updates to privileged accounts (e.g., the owner), any account (except those privileged ones) could perform the update..." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="peckshieldalerttweet-20756">[https://twitter.com/PeckShieldAlert/status/1949764035408527414 PeckShieldAlert - "@SuperRare has been exploited, losing ~$730K worth of $RARE" - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="syplabsyitweet-20757">[https://twitter.com/SuplabsYi/status/1949782448017199517 SuplabsYi - "@SuperRare] (Accessed Jul 29, 2025)</ref>

<ref name="unknown-20758">[was hacked for $710,000. The root cause of this SuperRare staking exploit? A brain-dead permission check that only lets non-owners and non-specific accounts update the Merkle Root. Seriously, who wrote this? Should’ve been a tight require(msg.sender == owner() msg.sender == 0xc2F3...8ddc), but nope—wide open for anyone to drain the pool with a forged Merkle Root." - Twitter/X was hacked for $710,000. The root cause of this SuperRare staking exploit? A brain-dead permission check that only lets non-owners and non-specific accounts update the Merkle Root. Seriously, who wrote this? Should’ve been a tight require(msg.sender == owner() msg.sender == 0xc2F3...8ddc), but nope—wide open for anyone to drain the pool with a forged Merkle Root." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="blockaidtweet-20759">[https://twitter.com/blockaid_/status/1949757641720242494 BlockAid - "The attacker had deployed an exploit contract - but the actual attack was performed by a frontrunner one block later." - Twitter/X] (Accessed Jul 29, 2025)</ref>

<ref name="superraretwitterx-20760">[https://twitter.com/SuperRare SuperRare Twitter/X Account] (Accessed Jul 29, 2025)</ref>

<ref name="superrarehomepage-20761">[https://superrare.com SuperRare Official Homepage] (Accessed Jul 29, 2025)</ref>

<ref name="mirrorxyz-20762">[https://rare.mirror.xyz SuperRare DAO Overview] (Accessed Jul 29, 2025)</ref>

<ref name="superraredocs-20763">[https://docs.superrare.com About $RARE and Governance] (Accessed Jul 29, 2025)</ref>

<ref name="artistonboarding-20764">[https://superrare.com/submit Artist Onboarding & Curation] (Accessed Jul 29, 2025)</ref>

<ref name="mitrade-21044">[https://www.mitrade.com/insights/news/live-news/article-3-991665-20250728 Hacker hits SuperRare NFT platform for $730K in RARE tokens exploit - MiTrade] (Accessed Aug 18, 2025)</ref>

<ref name="cointelegraph-21045">[https://cointelegraph.com/news/superrare-730-000-exploit-was-easily-preventable-experts-weigh-in SuperRare $730,000 exploit was easily preventable — Experts weigh in - CoinTelegraph] (Accessed Aug 18, 2025)</ref>

<ref name="web3isgoinggreat-21046">[https://www.web3isgoinggreat.com/single/superrare-hack $731,000 stolen in SuperRare hack - Web3IsGoingGreat] (Accessed Aug 18, 2025)</ref></references>

Cork Protocol Market Manipulation and Liquidity Exploit

2025-08-27T21:44:53Z

Azoundria:

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/corkprotocolmarketmanipulationandliquidityexploit.php}}
{{Unattributed Sources}}

[[File:Corkprotocol.jpg|thumb|Cork Protocol]]Cork Protocol is a DeFi platform that enables users to hedge and trade the risk of pegged asset depeg events through novel financial instruments called Depeg Swaps and Cover Tokens, pairing Redemption Assets (RA) with Pegged Assets (PA) via a Peg Stability Module and automated market maker. However, the protocol suffered a major exploit due to two vulnerabilities: the ability to create markets with arbitrary redemption assets—including Depeg Swap tokens—and an unprotected beforeSwap function in CorkHook that could be called with malicious data. An attacker exploited these flaws to drain over $12 million by manipulating token transfers between legitimate and malicious markets. Cork paused all affected markets, engaged security firms like SlowMist for investigation, and is working on fixes and a full post-mortem to restore security and user confidence.<ref name="slowmisttweet1-19846" /><ref name="slowmisttweet2-19847" /><ref name="slowmistmedium-19848" /><ref name="corkprotocolhomepage-19849" /><ref name="corkprotocoldocs-19850" /><ref name="exploittransaction-19851" /><ref name="corkprotocolexploiter-19852" /><ref name="ethereumhistory-4651" /><ref name="coinmarketcapwsteth-19853" /><ref name="corkprotocolrekt-19865" /><ref name="afterpostmortemrekt-20473" /><ref name="attackeridm1-20474" /><ref name="attackeridm2-20475" /><ref name="attackeridm3-20476" />

== About Cork Protocol ==
Cork offers a DeFi protocol designed to tokenize and manage the risk of depeg events involving stablecoins and liquid (re)staking tokens. It introduces a new class of financial instruments—Depeg Swaps and Cover Tokens—that allow users to hedge, trade, and earn from market exposure to pegged asset volatility. This innovation addresses a key gap in the onchain asset ecosystem, where there was previously no way to price or mitigate the risk of depegging—events where assets like stablecoins diverge from their target value.

Each Cork market consists of a pair: a Redemption Asset (RA) and a Pegged Asset (PA), such as ETH and stETH. The protocol’s Peg Stability Module (PSM) mints Depeg Swaps and Cover Tokens, which can be freely traded through an Automated Market Maker (AMM). Depeg Swaps provide protection if a depeg occurs, while Cover Tokens offer fixed yields if the asset remains stable. The system is designed to be fully collateralized, permissionless, and secure—audited to ensure trust.

Beyond individual trading, Cork enables asset issuers and DeFi protocols to open custom markets and integrate with the platform for broader risk management. Liquidity providers can earn from risk premiums and fees through Cork Vaults, which automatically manage liquidity across market cycles. Ultimately, Cork aims to bring more stability, transparency, and financial opportunity to DeFi by creating a robust infrastructure for tokenized risk.

== The Reality ==
The Cork Protocol had two key vulnerabilities in its smart contract design. First, the CorkConfig contract allowed users to create new markets with arbitrary redemption assets (RA) without proper restrictions. This meant one could designate a Depeg Swap (DS) token—normally used as a derivative to hedge depeg risk—as the RA in a custom market.

Second, the beforeSwap function in the CorkHook contract lacked access control and input validation, allowing any user to call it with custom hook data.

== What Happened ==
Cork Protocol was exploited due to smart contract vulnerabilities, allowing an attacker to manipulate market creation and token redemption mechanisms to steal over $12 million.
{| class="wikitable"
|+Key Event Timeline - Cork Protocol Market Manipulation and Liquidity Exploit
!Date
!Event
!Description
|-
|May 28th, 2025 5:41:35 AM MDT
|Ethereum Exploit Transaction Occurs
|The original exploit transaction happens on the Ethereum blockchain.
|-
|May 28th, 2025 6:35:00 AM MDT
|SlowMist Suspicious Activity
|SlowMist tweets that they have found suspicious activity relating to Cork Protocol.
|-
|May 28th, 2025 7:21:00 AM MDT
|Cork Protocol Initial Post
|Cork Protocol made an initial post announcing a security incident that occurred at 11:23 UTC, impacting only the wstETH:weETH market. As a precaution, all other markets have been paused, though they remain unaffected. The team is actively investigating and will share updates as more information becomes available, thanking their partners for their support during the process.
|-
|May 28th, 2025 1:23:00 PM MDT
|Cork Protocol Update Posted
|Cork Protocol publishes an update stating that a security incident occurred at 11:23 UTC, affecting the wstETH:weETH market and involving around 3,761.8 wstETH. The team has paused all other markets as a precaution while working with auditors to investigate and resolve the root cause. An official post-mortem will be released soon, and the team expressed gratitude for the community's support.
|-
|May 29th, 2025 8:07:46 AM MDT
|SlowMist Detailed Analysis Made
|SlowMist prepares and publishes a detailed walkthrough on Medium that includes a timeline of the Cork Protocol exploit, an overview of Cork’s DeFi mechanism and key components, a technical breakdown of the vulnerability and how it was exploited, and an on-chain analysis tracing the attacker's fund movements using their MistTrack tool. The post also outlines the root causes of the incident, summarizes the attacker’s steps, and provides security recommendations to prevent similar exploits. Additionally, SlowMist highlights its broader role as a blockchain security firm, detailing its services, notable partnerships, and contributions to industry security.
|-
|May 29th, 2025 8:46:00 AM MDT
|SlowMist Posts Tweet Announcement
|SlowMist posted a high-level analysis of the @Corkprotocol exploit, detailing the technical vulnerabilities that enabled the attack, the method used by the attacker to manipulate the protocol, and the resulting financial impact. Their report highlighted weaknesses in smart contract design, specifically in market creation and function authorization, which allowed unauthorized actions and ultimately led to over $12 million in losses.
|}

== Technical Details ==
By exploiting a Uniswap V4 pool in an unlocked state, the attacker was able to invoke beforeSwap via the pool manager’s unlockCallback, passing malicious data that triggered the CorkCall in a legitimate market. Since the contract blindly trusted this data, the attacker was able to transfer DS tokens from the real market into their custom market and receive both CT and DS tokens in return. They then used these tokens to redeem the original assets, effectively draining liquidity from the legitimate market and resulting in over $12 million in losses.

The first flaw allowed users to create new markets using any token as the Redemption Asset (RA) via the CorkConfig contract, without adequate restrictions. The attacker exploited this by setting a Depeg Swap (DS) token—normally a derivative used to hedge against depeg risk—as the RA in a newly created market. This violated the intended structure of the system, where DS tokens are not meant to serve as collateral or settlement assets.

The second vulnerability lay in the beforeSwap function of the CorkHook contract, which lacked proper access controls. It could be called by any user with arbitrary input data, and the protocol failed to validate the source or the payload. The attacker leveraged this flaw using an unlocked Uniswap V4 pool, taking advantage of the pool manager’s unlockCallback feature to invoke beforeSwap with malicious hook data. This data tricked the protocol into believing that legitimate operations were occurring, allowing the attacker to manipulate how tokens were transferred between markets.

Using these exploits in tandem, the attacker was able to move DS tokens from a legitimate market into the custom, malicious one they created. Once the DS tokens were accepted as the RA in the new market, the attacker received both Cover Tokens (CT) and DS tokens from that market. They then used the Peg Stability Module (PSM) to redeem these tokens for valuable assets.

The attacker provided more detail post-mortem:

It’s time to drop a truly major bomb. Sherlock didn’t miss it. All the firms that published analyses on this issue before the official post-mortem failed to discover the real vulnerability. Dedaub, Three Sigma, Halborn, Blocksec, and many others used the Cork exploit to promote their own brands. They are not recommended. Find their X (Twitter) posts before they delete them.

Even without the Depeg Swap (DS) token, it’s still possible to redeem the Redemption Asset (RA) — the underlying real asset like wstETH or ETH. The Cover Token (CT) is the most important part. So ignore the analyses focused only on the DS. There are many ways to manipulate the DS, not just through the Uniswap hook.

Any party that failed to notice the mistakes related to how the Cover Token (CT) could be exploited should not be trusted.

== Total Amount Lost ==
SlowMist estimated the loss amount at $12m after an initial medium post which simply stated that losses were "over $10 million".

wstETH stands for Wrapped staked Ether, and it is a tokenized version of stETH (staked Ether) from the Lido protocol. stETH is received when users stake ETH through Lido. It represents staked ETH and accrues staking rewards over time, with its balance increasing daily. wstETH is a wrapped version of stETH. Instead of the token balance increasing to reflect rewards (as with stETH), the value of wstETH increases against ETH. This makes wstETH non-rebasing, meaning its balance doesn't change—only its value does.

As a result, the value of 3,761.87795537 wstETH is higher than the market price of $2,682.21 USD/ETH, and losses exceed $10,090,146.67 USD. The closing market price on May 28th of wstETH is $3,204.10 USD/ETH, meaning a better estimate for the loss total would be $12,053,433.16 USD.

The total amount lost has been estimated at $12,053,000 USD.

== Immediate Reactions ==
Following the exploit on May 28, Cork Protocol quickly acknowledged the incident in an initial post, confirming that the security breach affected the wstETH:weETH market at 11:23 UTC and involved approximately 3,761.8 wstETH. They emphasized that all other markets were unaffected but had been paused as a precautionary measure. Cork stated that they were actively investigating the issue and working with auditors to identify and address the root cause. They also assured the community that a full post-mortem would be published and expressed gratitude to partners and supporters for their patience and assistance.

At the same time, blockchain security firm SlowMist responded rapidly by publishing a detailed analysis of the attack. Their investigation revealed critical vulnerabilities in the Cork protocol’s smart contracts—specifically in how redemption assets could be configured and how the beforeSwap function in the CorkHook contract could be called without proper authorization. SlowMist outlined how these flaws enabled the attacker to manipulate market creation and redeem tokens illegitimately, resulting in losses exceeding $12 million. They also used their MistTrack tool to trace the attacker’s fund movements and provided broader security recommendations to prevent similar exploits in the future.

== Ultimate Outcome ==
The ultimate outcome of the Cork Protocol exploit was a significant loss of over $12 million, primarily in wstETH tokens, due to the attacker exploiting vulnerabilities that allowed unauthorized token manipulation and liquidity draining. The attacker successfully converted these stolen tokens into ETH and still holds a large amount of funds in their control.

In response, Cork Protocol paused all other markets to prevent further damage and engaged with auditors and security teams like SlowMist to investigate and resolve the root causes. A full post-mortem report was promised to ensure transparency and guide improvements. The incident highlighted critical weaknesses in access control and asset validation, prompting calls for stricter security measures in the DeFi ecosystem to prevent similar attacks in the future.

The attacker posted a series of messages on the Ethereum blockchain (in a mix of English and Estonian):

"sherlock missed it. ct > ds. uniswap hook is not problem."

"It's time to drop a truly big bomb. Sherlock didn’t miss it. All the firms that wrote analyses on the topic before the official post-mortem failed to discover the real issue. Dedaub, Three Sigma, Halborn, Blocksec, and many others used the Corki issue to promote their brands. They are not recommended. Find them before they delete their X posts. RA can still be taken without DS. CT is the most important. So don’t pay attention to DS’s analysis. There are many ways to take DS, not just the Uniswap hook. Any parties who didn’t notice the mistakes regarding taking CT should not be trusted."

"Well, believe it or not, but when you're sitting on 12 million, you don't want to be annoying. I just hate it when there's an issue with a protocol, and a bunch of security firms write nonsense about the bugs to promote their brands and profit off others' efforts. So you're saying you missed the critical bugs and can only spot minor issues that don't lead to financial loss, Neville Grech? You’d be better off focusing on building products instead of promoting your brands by analyzing bugs you can’t even identify yourself."

There is a direct contradiction with the hacker reporting that Sherlock missed the vulnerability in English, but in Estonian that Sherlock did not miss the vulnerability. It's likely that the Estonian version is a mistake.

== Total Amount Recovered ==
Recovery is still yet to be determined.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The investigation and forensic analysis are continuing to trace the full flow and final destination of the stolen funds, as a significant portion of the assets remains in the attacker’s control. Monitoring the attacker’s wallet activity and potential laundering or cash-out attempts is an active process involving blockchain analytics tools.

Cork Protocol and its security partners are working on fixing the vulnerabilities identified in the smart contracts, thoroughly auditing updates, and testing new security measures before resuming operations. This includes strengthening access controls, restricting arbitrary asset configurations, and improving validation mechanisms.

Cork Protocol has committed to publishing a detailed post-mortem report outlining the incident’s cause, impact, and remediation steps, which is pending release. Meanwhile, the protocol’s markets remain paused as the team ensures full resolution and safety for users before reopening.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmisttweet1-19846">[https://twitter.com/SlowMist_Team/status/1927705256915333359 SlowMist - "SlowMist Security Alert We detected potential suspicious activity related to @Corkprotocol." - Twitter/X] (Accessed May 29, 2025)</ref>

<ref name="slowmisttweet2-19847">[https://twitter.com/SlowMist_Team/status/1928100756156194955 SlowMist - "On May 28, @Corkprotocol suffered an exploit, resulting in losses exceeding $12 million. According to @SlowMist_Team’s analysis, the root cause lies in two key issues." - Twitter/X] (Accessed May 29, 2025)</ref>

<ref name="slowmistmedium-19848">[https://slowmist.medium.com/exploit-analysis-cork-protocol-attacked-over-10-million-lost-75de9f229307 Exploit Analysis Cork Protocol Attacked, Over $10 Million Lost - Medium] (Accessed May 29, 2025)</ref>

<ref name="corkprotocolhomepage-19849">[https://www.cork.tech/ Cork Protocol Homepage] (Accessed May 29, 2025)</ref>

<ref name="corkprotocoldocs-19850">[https://docs.cork.tech/ What Is Cork - Cork Protocol Docs] (Accessed May 29, 2025)</ref>

<ref name="exploittransaction-19851">[https://etherscan.io/tx/0x605e653fb580a19f26dfa0a6f1366fac053044ac5004e1b10e7901b058150c50 Cork Protocol Exploit Transaction - Etherscan] (Accessed May 29, 2025)</ref>

<ref name="corkprotocolexploiter-19852">[https://etherscan.io/address/0xea6f30e360192bae715599e15e2f765b49e4da98 Cork Protocol Exploiter - Etherscan] (Accessed May 29, 2025)</ref>

<ref name="ethereumhistory-4651">[https://coinmarketcap.com/currencies/ethereum/historical-data/ Ethereum Price History and Historical Data] (Accessed Dec 21, 2021)</ref>

<ref name="coinmarketcapwsteth-19853">[https://coinmarketcap.com/currencies/lido-finance-wsteth/historical-data/ wstETH Market Price - CoinMarketCap] (Accessed May 29, 2025)</ref>

<ref name="corkprotocolrekt-19865">[https://rekt.news/cork-protocol-rekt Cork Protocol - Rekt] (Accessed May 30, 2025)</ref>

<ref name="afterpostmortemrekt-20473">[https://rekt.news/after-post-mortem After the Post-Mortem - Rekt] (Accessed Jul 3, 2025)</ref>

<ref name="attackeridm1-20474">[https://etherscan.io/tx/0x92a53d817e9a626292270d93259b10cba05a1e55bd0651ca7ef57b63b7294cf0 Attacker Sends IDM "sherlock missed it. ct > ds. uniswap hook is not problem." - Etherscan] (Accessed Jul 3, 2025)</ref>

<ref name="attackeridm2-20475">[https://etherscan.io/tx/0xe82ad5097063589996b6ae2b042514b72cf17f56c7fcecc625a418f511cc150e Attacker's Second Message In Estonian - Etherstan] (Accessed Jul 3, 2025)</ref>

<ref name="attackeridm3-20476">[https://etherscan.io/tx/0x97bde0eb4d9eb906ce39bde4c0fa6f23e2d4d5829aa7dd71ec100fdc313b4637 Attacker's Third Message In Estonian - Etherstan] (Accessed Jul 3, 2025)</ref></references>

LIFE Protocol Price Not Updated When Sold Price Manipulation

2025-08-27T21:44:23Z

Azoundria:

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/lifeprotocolpricenotupdatedwhensoldpricemanipulation.php}}
{{Unattributed Sources}}

[[File:Lifeprotocol.jpg|thumb|LIFE Protocol Logo/Homepage]]LIFE Protocol is a digital asset ecosystem that grows in value with every transaction, driven by an algorithmic pricing model and a 20-level referral system designed to reward community engagement and incentivize network growth. It also uses a reserve-backed liquidity model to maintain price stability. However, a critical flaw in the smart contract—where the token price (currentPrice) was only updated during buy transactions and not during sells—allowed attackers to manipulate the price by inflating it through repeated buys and then selling at the outdated, higher rate. This vulnerability led to a $51,000 exploit, first identified by Tikkala Security and later analyzed by CertiK’s AI Agent, with confirmation from SlowMist. Despite the severity of the incident, LIFE Protocol has not issued any public response or recovery plan for affected users. The website currently states that buying and selling are paused for a “security upgrade and maintenance,” with no clear timeline for resumption.<ref name="slowmisttweet-19798" /><ref name="lifeprotocolhomepage-19799" /><ref name="lifeprotocoltweet-19800" /><ref name="bsctransaction1-19801" /><ref name="tenarmoralerttweet-19802" /><ref name="bsctransaction2-19803" /><ref name="certikaiagenttweet-19804" /><ref name="tikkalaresearchtweet-19805" /><ref name="bsctransaction3-19806" /><ref name="lifeprototwitterx-19807" /><ref name="jeanphillippebea-19808" /><ref name="tenarmortweet-20899" /><ref name="lifeprotocolsmartcontract-20900" /><ref name="lifeprotocolsmartcontractcreation-20901" /><ref name="lifeprotocoltweet2-20902" /><ref name="lifeprotocoltweet3-20903" /><ref name="bitangelstweet-20904" />

== About LIFE Protocol ==
LIFE Protocol is a digital asset ecosystem designed to grow in value with every transaction. Central to its appeal is an algorithmic pricing model that increases the token's price with each purchase, ensuring that holders benefit from continuous financial growth as the user base expands. The protocol positions itself as a long-term investment opportunity, emphasizing both value appreciation and network-driven rewards.

A key feature of LIFE Protocol is its 20-level referral system, which allows users to earn passive income through both direct and indirect connections. This structure not only incentivizes community growth but also maximizes user engagement by offering increasing returns as the network deepens. Through this affiliate program, participants can introduce just two people to unlock a broad and potentially lucrative earning structure.

To maintain price stability and investor confidence, LIFE employs an algorithmic liquidity model backed by a reserve fund. This ensures that token buybacks can be executed as needed, reinforcing sustainability.

== The Reality ==
Unfortunately, the Life Protocol smart contract contained a critical flaw where the currentPrice variable was updated only during buy transactions but not during sell transactions. This oversight could allow manipulating the token price by buying heavily to inflate it, then selling tokens at the outdated, higher price.

== What Happened ==
LIFE Protocol suffered an attack resulting in a loss exceeding $51,000, according to SlowMist.
{| class="wikitable"
|+Key Event Timeline - LIFE Protocol Price Not Updated When Sold Price Manipulation
!Date
!Event
!Description
|-
|January 16th, 2025 9:06:15 AM MST
|Life Protocol Smart Contract Created
|The Life Protocol smart contract is created.
|-
|April 26th, 2025 12:43:10 PM MDT
|First Exploit BSC Transaction
|The first exploit transaction takes over $15k of BSC-USD.
|-
|April 26th, 2025 12:43:13 PM MDT
|Second Exploit BSC Transaction
|The second exploit transaction takes over $11k of BSC-USD from the Life Protocol smart contract.
|-
|April 26th, 2025 5:13:00 PM MDT
|Tikkala Security Tweets
|Tikkala Security appears to be the first to notice the suspicious transactions and identified a critical flaw in Life Protocol’s contract: the ‘currentPrice’ was updated during buys but not after sells. This oversight allowed attackers to inflate the token price by buying heavily, then sell at the artificially high fixed rate, resulting in a $26,000 loss from the protocol. The two flagged transactions demonstrate this exploit in action.
|-
|April 26th, 2025 7:50:00 PM MDT
|CertiK AI Agent Tweets
|CertiK's AI Agent posts a public warning and analysis of the suspicious second transaction, highlighting a potential exploit involving repeated self-trades and flash loans to artificially inflate Life Protocol's token price. The flagged transaction shows multiple buy() operations with stablecoins causing incremental price increases, suggesting price manipulation for profit. The analysis urges projects to implement trade frequency limits, monitor abnormal trading behavior, and strengthen DEX pricing mechanisms to prevent such exploits.
|-
|April 26th, 2025 8:04:00 PM MDT
|Ten Armor Posting Tweet
|Ten Armor posts an announcement with details of the transactions, reporting $26k in impact so far.
|-
|April 26th, 2025 11:48:32 PM MDT
|Third Exploit BSC Transaction
|A malicious transaction on the Binance Smart Chain takes $20k BSC-USD.
|-
|April 26th, 2025 11:59:00 PM MDT
|Ten Armor Posting Tweet
|Ten Armor posts an updated tweet about the second attack.
|-
|April 27th, 2025 1:17:00 AM MDT
|SlowMist Announcement Tweet
|SlowMist posts a security alert and reports the loss as $51k, with a link to LifeProtocol's Twitter/X account.
|-
|April 27th, 2025 12:29:00 PM MDT
|Token Purchase Promotion
|Life Protocol posts on Twitter/X to encourage more purchases of their $LIFE token. The protocol is evidently still online and promoting itself on Twitter/X.
|-
|May 8th, 2025 10:46:00 AM MDT
|Life Protocol Assurances
|Life Protocol returns with a tweet about how investors are "always backed by an immutable USDT reserve you can verify on-chain". This is followed shortly by multiple other tweets, about how selling fees adds 10% to the reserve, information about exit mechanics being available, 100% collateral backing and low fees, and how you can exit safely anytime.
|-
|May 29th, 2025 4:06:00 PM MDT
|Bitcoin2025 Conference
|The team posts about Bitcoin2025, suggesting that they are among those attending the conference.
|}

== Technical Details ==
The exploit stemmed from a flaw in the Life Protocol smart contract where the token price (currentPrice) was updated only during buy() operations but not after sell() operations. This allowed attackers to artificially inflate the token price by repeatedly buying large amounts, causing incremental price increases, and then selling tokens at the outdated, higher fixed price since the sell() function failed to update the price accordingly. This mismatch enabled attackers to profit by selling overpriced tokens, manipulating the price through repeated trades without proper price adjustment after sales.

== Total Amount Lost ==
SlowMist reports that the total amount lost was $51k.

The total amount lost has been estimated at $51,000 USD.

== Immediate Reactions ==
The incident was first noticed and publicly flagged by Tikkala Security, who identified the root cause and alerted the Life Protocol team and community via social media. They provided detailed technical insights, pointing out that the currentPrice was updated during buys but not during sells, allowing attackers to exploit the pricing logic. Shortly after, CertiK's AI Agent also responded by issuing a public warning and detailed analysis of a suspicious second transaction, identifying flash loan use and repeated self-trades to manipulate token prices. The incident was later noted by SlowMist.

== Ultimate Outcome ==
It does not appear that Life Protocol has posted any announcements on Twitter/X

The Life Protocol website currently displays a message "Buying and selling is on pause for security upgrade and maintenance.".

== Total Amount Recovered ==
Life Protocol does not appear to have prepared any public plans to make users whole.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The message remains active on the Life Protocol website and it is unclear when the buying and selling of the token will resume.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmisttweet-19798">[https://twitter.com/SlowMist_Team/status/1916391258664174045 SlowMist - "We have detected that @LifeProto is being continuously exploited, with losses exceeding $51K. As always, stay vigilant!" - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="lifeprotocolhomepage-19799">[https://lifeprotocol.io/ Life Protocol Homepage] (Accessed May 28, 2025)</ref>

<ref name="lifeprotocoltweet-19800">[https://twitter.com/LifeProto/status/1916560225190183256 Life Protocol - "Ready to buy? Jump in now" - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="bsctransaction1-19801">[https://bscscan.com/tx/0x74b33c524df438fef28ceab4cf2a38238296d854f02055bf883fd66daf242236 Thirst Transaction Takes $20k BSC-USD From Life Protocol - BSCScan] (Accessed May 28, 2025)</ref>

<ref name="tenarmoralerttweet-19802">[https://twitter.com/TenArmorAlert/status/1916371501802262708 TenArmorAlert - "another exploit again, @LifeProto Do something!" - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="bsctransaction2-19803">[https://bscscan.com/tx/0x487fb71e3d2574e747c67a45971ec3966d275d0069d4f9da6d43901401f8f3c0 First Transaction Takes $15,114.79k BSC-USD - BSCScan] (Accessed May 28, 2025)</ref>

<ref name="certikaiagenttweet-19804">[https://twitter.com/CertikAIAgent/status/1916309067733340582 CertiK AI Agent - "A suspicious transaction flagged involving repeated self-trades—potential exploit using flash loans to manipulate token prices!" - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="tikkalaresearchtweet-19805">[https://twitter.com/TikkalaResearch/status/1916269436035862898 Tikkala Research - "Hi @LifeProto @JeanPhilippeBea You may need to take a look these two" - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="bsctransaction3-19806">[https://bscscan.com/tx/0x787dda04a7347d98b3e0293b3d19f7db06fa6a1ef923e36bc92bfef54bb564e7 Second Transaction Takes $11,288.97 BSC-USD - BSCScan] (Accessed May 28, 2025)</ref>

<ref name="lifeprototwitterx-19807">[https://twitter.com/LifeProto Life Protocol - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="jeanphillippebea-19808">[https://twitter.com/JeanPhilippeBea Jean-Philippe Beaudet - Founder Of Life Protocol - Twitter/X] (Accessed May 28, 2025)</ref>

<ref name="tenarmortweet-20899">[https://twitter.com/TenArmorAlert/status/1916312483792408688 Ten Armor - "It appears that attacks have been active recently. Here's another hack. Our system has detected that #LIFE Protocol @LifeProto on #BSC was attacked, resulting in an approximately loss of $26K." - Twitter/X] (Accessed Aug 5, 2025)</ref>

<ref name="lifeprotocolsmartcontract-20900">[https://bscscan.com/address/0x19b2834f99fb9eb4164cb5b49046ec207f894197 Life Protocol Smart Contract - BSCScan] (Accessed Aug 5, 2025)</ref>

<ref name="lifeprotocolsmartcontractcreation-20901">[https://bscscan.com/tx/0xe4b7206779f051bc72923f118c3f1e872ff59f452e27136f6b189ee3c18abebf Life Protocol Smart Contract Creation - BSCScan] (Accessed Aug 5, 2025)</ref>

<ref name="lifeprotocoltweet2-20902">[https://twitter.com/LifeProto/status/1916545378658447362 Life Protocol - "Pro tip: Always verify token address on BscScan before buying: 0x19B2834f99Fb9eB4164CB5b49046Ec207F894197." - Twitter/X] (Accessed Aug 5, 2025)</ref>

<ref name="lifeprotocoltweet3-20903">[https://twitter.com/LifeProto/status/1920520572196257990 Life Protocol - "You’re always backed by an immutable USDT reserve you can verify on-chain." - Twitter/X] (Accessed Aug 5, 2025)</ref>

<ref name="bitangelstweet-20904">[https://twitter.com/BitAngels/status/1928211447131295890 BitAngels - "The BitAngels team is having an absolute blast at BITCOIN2025! Catch us at the @btcstartuplab and @TokenizeCon events tonight." - Twitter/X] (Accessed Aug 5, 2025)</ref></references>

Equilibria Finance Reward Mechanism stk-ePendle Balance Hack

2025-08-27T21:43:43Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/equilibriafinancerewardmechanismstkependlebalancehack.php}} {{Unattributed Sources}} Equilibria FinanceEquilibria Finance, a DeFi platform built around the Pendle Finance ecosystem, experienced an exploit in its Ethereum auto-compounder due to a misconfigured contract that allowed reward farming through repeated transfers. The attacker drained approx..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/equilibriafinancerewardmechanismstkependlebalancehack.php}}
{{Unattributed Sources}}

[[File:Equilibriafinance.jpg|thumb|Equilibria Finance]]Equilibria Finance, a DeFi platform built around the Pendle Finance ecosystem, experienced an exploit in its Ethereum auto-compounder due to a misconfigured contract that allowed reward farming through repeated transfers. The attacker drained approximately 13.36 ETH in unclaimed rewards, but no user funds or core liquidity positions were affected. The team responded quickly by pausing protocol functions, containing the incident, and has since implemented fixes, committed to compensating affected users, and announced stricter deployment procedures to prevent future vulnerabilities.<ref name="tenarmortweet-21074" /><ref name="etherscanattack-21075" /><ref name="etherscanattacker-21076" /><ref name="equilibriafitweet1-21077" /><ref name="equilibriafitweet2-21078" /><ref name="equilibriarfitweet3-21079" /><ref name="equilibriafilinktree-21080" /><ref name="equilibriafihomepage-21081" /><ref name="equilibriafinancedocs-21082" /><ref name="equilibriafinancetwitterx-21083" />

== About Equilibria Finance ==
Equilibria Finance is a DeFi platform designed to help users maximize their yield potential, inspired by the dynamic motion of a pendulum at equilibrium. The project is purpose-built for the Pendle Finance ecosystem and caters specifically to $PENDLE holders and liquidity providers. Founded by experienced DeFi professionals, Equilibria provides a streamlined interface for users to amplify their earnings through smart yield strategies.

The platform integrates with Pendle’s veToken/boosted yield model by offering a liquid version of vePENDLE called ePENDLE. This allows $PENDLE holders to benefit from staking rewards and other incentives while maintaining liquidity, as ePENDLE can be traded or swapped back to PENDLE. Meanwhile, LPs who don’t hold vePENDLE can still enjoy boosted yields by routing their positions through Equilibria.

Equilibria’s goal is to extend beyond Pendle over time, bringing its yield-optimizing infrastructure to other protocols. With community and partner support, the platform aims to scale its ecosystem while continuing to deliver innovative solutions for DeFi participants.

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
Equilibria Finance experienced an exploit in its Ethereum auto-compounder caused by a misconfigured contract that allowed repeated reward claims through transferable stk-ePENDLE tokens.
{| class="wikitable"
|+Key Event Timeline - Equilibria Finance Reward Mechanism stk-ePendle Balance Hack
!Date
!Event
!Description
|-
|August 23rd, 2025 5:20:59 AM MDT
|Equilibria Finance Attack Transaction
|The Equilibria Finance protocol suffers from an attack.
|-
|August 23rd, 2025 6:23:00 AM MDT
|Issue Publicly Reported Initially
|Equilibria Finance reported an issue with its ePENDLE Balancer vault and assured users that all Pendle markets and LP positions remain safe. As a precaution, the protocol was automatically paused, and the team began investigating. A full incident report was promised to follow.
|-
|August 23rd, 2025 10:48:00 AM MDT
|Detailed Incident Tweet Posted
|Equilibria Finance publicly confirmed an exploit affecting its Ethereum ePENDLE auto-compounder, resulting in the loss of ~13.36 ETH from unclaimed rewards. They emphasized that no user funds or Pendle market positions were impacted. Protocol functions were paused immediately, the root cause was identified, and fixes are underway. Compensation for affected rewards and stricter deployment processes were also announced.
|-
|August 23rd, 2025 9:19:00 PM MDT
|TenArmor Posts Tweet
|TenArmor posts a tweet about the situation with the attack transaction and a tweet by the Equilibria Finance team.
|-
|August 23rd, 2025 10:33:00 PM MDT
|Functions Are Now Unpaused
|The Equilibria Finance team announces that all functions have now been unpaused "and are operating normally now".
|}

== Technical Details ==
According to the technical description provided by the Equilibria Finance team:

"The vulnerability stemmed from the Ethereum mainnet version of stk-ePENDLE not being configured as non-transferable. An attacker used flash loans through Balancer to acquire ePENDLE, stake it into stk-ePENDLE, and then repeatedly transfer stk-ePENDLE across multiple addresses. Each transfer triggered a reward claim, which harvested the unclaimed rewards from the contract."

== Total Amount Lost ==
The loss was reported as "approximately 13.36 ETH".

The total amount lost has been estimated at $63,000 USD.

== Immediate Reactions ==
Equilibria Finance reports that they "automatically paused all protocol functions" following "the very first transaction of the attack".

== Ultimate Outcome ==
The Equilibria Finance team enabled functions shortly after the exploit was contained and they had verified "no scenario impacted Pendle markets or LPs". They announced that "[t]he Ethereum stk-ePENDLE contract will be updated to match the secure implementation already active on other chains" and that "[t]he Equilibria treasury will compensate users who missed out on ETH rewards as a result of this incident".

== Total Amount Recovered ==
Equilibria Finance has announced that they will be covering all rewards which were intended to be paid out to users of the protocol.

The total amount recovered is unknown.

== Ongoing Developments ==
To help address future concerns and risks, Equilibria announced they will be adopting "stricter procedures for all contract deployments and updates on every supported network".
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21074">[https://twitter.com/TenArmorAlert/status/1959455608584757551 TenArmor - "Our system has detected that #Equilibria Finance @Equilibriafi on #ETH was attacked, resulting in an approximately loss of $62.5K. The root cause lies in the reward mechanism of the stk-ePendle contract, which calculates rewards for each account based on its stk-ePendle balance, making it easily exploitable by transferring stk-ePendle across multiple accounts." - Twitter/X] (Accessed Aug 27, 2025)</ref>

<ref name="etherscanattack-21075">[https://etherscan.io/tx/0x185a16017fb4d9b2fefdf5935435253d53d4758238275426b507fe54eb4fe97a Equilibria Finance Attack Transaction - Etherscan] (Accessed Aug 27, 2025)</ref>

<ref name="etherscanattacker-21076">[https://etherscan.io/address/0x4dccc719f277ebeb8f7fdb68cd4b105e5bc325db The Equilibria Finance Exploiter - Etherscan] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafitweet1-21077">[https://twitter.com/Equilibriafi/status/1959296722930483668 Equilibria Finance - "Earlier today, we identified an exploit in the Ethereum ePENDLE auto-compounder contract, which resulted in the loss of approximately 13.36 ETH. Importantly, no user funds were affected—including all Pendle Market LP positions and ePENDLE balances. The incident was contained to the auto-compounder’s accumulated ETH rewards, which had remained unclaimed for over a year." - Twitter/X] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafitweet2-21078">[https://twitter.com/Equilibriafi/status/1959474165272203740 Equilibria Finance - "All functions have been fully unpaused and are operating normally now." - Twitter/X] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriarfitweet3-21079">[https://twitter.com/Equilibriafi/status/1959230118641230251 Equilibria Finance - "Hey Equilibrians, we’ve encountered an issue with our ePENDLE Balancer vault. All Pendle Markets and LPs are safe, and our team is on top of it." - Twitter/X] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafilinktree-21080">[https://linktr.ee/equilibriafi Equilibria Finance Link Tree] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafihomepage-21081">[https://equilibria.fi/home Equilibria Finance Homepage] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafinancedocs-21082">[https://docs.equilibria.fi/ Equilibria Finance Documentation] (Accessed Aug 27, 2025)</ref>

<ref name="equilibriafinancetwitterx-21083">[https://twitter.com/Equilibriafi Equilibria Finance Twitter/X] (Accessed Aug 27, 2025)</ref></references>

File:Equilibriafinance.jpg

2025-08-27T21:43:32Z

Azoundria:

ShibaSwap Treasure Finder Convert() EOA Restriction Bypass

2025-08-27T21:43:03Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/shibaswaptreasurefinderconverteoarestrictionbypass.php}} {{Unattributed Sources}} ShibaSwap Logo/HomepageA vulnerability in the ShibaSwap: Treasure Finder smart contract led to an exploit resulting in an estimated $27,000 loss. The issue stemmed from the convert() function lacking slippage protection during LEASH-to-WETH swaps, making it vulnerable to sandwi..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/shibaswaptreasurefinderconverteoarestrictionbypass.php}}
{{Unattributed Sources}}

[[File:Shibaswap.jpg|thumb|ShibaSwap Logo/Homepage]]A vulnerability in the ShibaSwap: Treasure Finder smart contract led to an exploit resulting in an estimated $27,000 loss. The issue stemmed from the convert() function lacking slippage protection during LEASH-to-WETH swaps, making it vulnerable to sandwich attacks. Additionally, the onlyEOA() modifier, meant to restrict access to externally owned accounts, was bypassed using EIP-7702-compliant accounts, which mimic EOAs. The attacker used this to manipulate token prices and drain funds. No official acknowledgment, recovery, or follow-up appears to have been made by ShibaSwap’s team. The incident appears to have ended with a retained loss.<ref name="tenarmortweet-21063" /><ref name="etherescan1-21064" /><ref name="etherscan2-21065" /><ref name="etherscan3-21066" /><ref name="eigenphitweet-21067" /><ref name="shibaswaphomepage-8723" /><ref name="shibaswapdextwitterx-21068" />

== About ShibaSwap ==
The ShibaSwap platform offers a comprehensive suite of decentralized finance (DeFi) tools, including token swaps, liquidity pools, and bridging services. Users can interact with a wide range of tokens such as SHIB, LEASH, BONE, and TREAT, as well as stablecoins like USDT, USDC, and DAI. The interface also provides access to support, FAQs, a testnet faucet, and developer resources, making it accessible for both new and experienced users. Token prices and their daily performance are prominently displayed, showing market trends across the ShibaSwap ecosystem.

The liquidity pools on ShibaSwap are diverse and active, with over 1,100 pools listed. Popular pairs include SHIB-WETH, LEASH-WETH, and BONE-WETH across both V1 and V2 pool versions. Each listing shows key metrics such as total liquidity, trading volume, and number of swaps, offering transparency into pool activity. Users can also create new liquidity positions or add liquidity to existing pools directly from the interface, facilitating participation in earning fees and supporting token liquidity.

In addition to swap and liquidity functions, ShibaSwap highlights trending and recently created tokens, allowing users to discover new opportunities. Ecosystem statistics reveal a strong presence, with $13 million in total value locked and nearly $1 million in daily trading volume. The broader Shiba Inu ecosystem is integrated through features like Shibarium, the Shib Metaverse, Shib Names, and more, signaling a push toward a more expansive decentralized infrastructure.

== The Reality ==
The ShibaSwap: Treasure Finder smart contract contained two key vulnerabilities: the convert() function lacks slippage protection when swapping LEASH tokens for WETH, making it susceptible to price manipulation; and the onlyEOA() modifier, intended to restrict access to externally owned accounts, can be bypassed using EIP-7702-compliant accounts that behave like EOAs.

== What Happened ==
A vulnerability in ShibaSwap's Treasure Finder contract—lacking slippage protection and using a bypassable onlyEOA() check—was exploited via sandwich attacks, resulting in a $27,000 loss.
{| class="wikitable"
|+Key Event Timeline - ShibaSwap Treasure Finder Convert() EOA Restriction Bypass
!Date
!Event
!Description
|-
|August 22nd, 2025 1:24:23 AM MDT
|First Attack Transaction
|The first attack transaction was mined on the Ethereum blockchain.
|-
|August 24th, 2025 8:28:47 AM MDT
|Second Attack Transaction
|The second attack transaction is mined by the Ethereum blockchain. This transaction was reportedly made by a MEV bot.
|-
|August 24th, 2025 8:29:00 AM MDT
|Post About Second Transactions
|A Twitter/X bot called EighenPhi_Alert posts about this transaction as a MEV bot making $2.3k with a ROI of 108,654% using 4 tokens.
|-
|August 24th, 2025 12:49:47 PM MDT
|Third Attack Transaction
|The third attack transaction is mined by the Ethereum blockchain.
|-
|August 24th, 2025 8:30:00 PM MDT
|TenArmor Tweet Posted
|TenArmor posted a security alert warning of multiple sandwich attacks on the ShibaSwap: Treasure Finder contract, resulting in an estimated $27K loss. The vulnerability was attributed to the convert() function lacking slippage protection when swapping LEASH for WETH, allowing attackers to manipulate prices and gain extra LEASH tokens. Additionally, attackers bypassed the onlyEOA() check using an EIP-7702 account, which mimics externally owned accounts.
|}

== Technical Details ==
The vulnerability in the ShibaSwap: Treasure Finder contract centers around the convert() function, which handles token swaps—specifically, converting LEASH tokens to WETH. This function lacks slippage protection, a mechanism meant to limit the price impact of a trade. Without slippage limits, attackers can exploit the function via sandwich attacks: by front-running the swap with their own transactions to manipulate the token price, they can cause the convert() function to execute at an unfavorable rate, and then profit by reversing the price movement afterward. This leads to the attacker ending up with more LEASH tokens than they should, effectively draining value from the protocol.

Compounding this vulnerability, the onlyEOA() modifier—intended to restrict function calls to Externally Owned Accounts (EOAs)—was bypassed using an EIP-7702-compliant account. EIP-7702 introduces a new account abstraction model that allows smart contract wallets to appear like EOAs in certain contexts. This means that attackers could use a contract-based wallet that behaves like an EOA, tricking the onlyEOA() check and gaining unauthorized access to functions that should have been restricted.

The attacker used a deceptive account type to pass access controls, then leveraged the lack of slippage safeguards to manipulate token swaps in their favor.

== Total Amount Lost ==
The loss amount was reported as being approximately $27k by TenArmor.

The total amount lost has been estimated at $27,000 USD.

== Immediate Reactions ==
There does not appear to be any notice or details posted on the @ShibainuCoin or @ShibaSwapDEX Twitter/X pages.

== Ultimate Outcome ==
It's believed that there was no recovery or further investigation.

== Total Amount Recovered ==
There are no reports of any funds being recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The case appears to be concluded with permanent loss.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21063">[https://twitter.com/TenArmorAlert/status/1959805512184140043 Ten Armor - "Our system has detected multiple suspicious sandwich attacks involving #ShibaSwap: Treasure Finder @ShibainuCoin @ShibaSwapDEX on #ETH, resulting in an approximately loss of $27K." - Twitter/X] (Accessed Aug 26, 2025)</ref>

<ref name="etherescan1-21064">[https://etherscan.io/tx/0xc5a388c3d94bdba3a2184f558c85d079aeaf2fbe5604bae07e96433a1a9ef188 First Attack Transaction - Etherscan] (Accessed Aug 26, 2025)</ref>

<ref name="etherscan2-21065">[https://etherscan.io/tx/0x18d9f84e106e26bdfe849ec7034a839b51cca715c84e380727d513276fea8fed Second Attack Transaction - Etherscan] (Accessed Aug 26, 2025)</ref>

<ref name="etherscan3-21066">[https://etherscan.io/tx/0x5c17e81b5b976cff66933bc4082ac3e9b21355a455d1864ae5f8ce6d069ea8e7 Third Attack Transaction - Etherscan] (Accessed Aug 26, 2025)</ref>

<ref name="eigenphitweet-21067">[https://twitter.com/EigenPhi_Alert/status/1959624004870005121 EigenPhi - "#MEV made $2,329 with a ROI of 108,654% from #Arbitrage , using 4 tokens ( $ETH , $WETH , $SSLP , $LEASH ):" - Twitter/X] (Accessed Aug 26, 2025)</ref>

<ref name="shibaswaphomepage-8723">[https://shibaswap.com/ Shibaswap] (Accessed Jul 23, 2022)</ref>

<ref name="shibaswapdextwitterx-21068">[https://twitter.com/ShibaSwapDEX ShipaSwapDEX Twitter/X] (Accessed Aug 26, 2025)</ref></references>

BNB Token Drain After Granting Multicall3 Contract Approval

2025-08-27T21:42:24Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bnbtokendrainaftergrantingmulticall3contractapproval.php}} {{Unattributed Sources}} Binance Security ImageA user or contract mistakenly approved token spending rights to the Multicall3 contract, a generic batching utility with no internal access controls, allowing an attacker to exploit that approval and drain approximately 41 BNB (around $36,000) by forwardi..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bnbtokendrainaftergrantingmulticall3contractapproval.php}}
{{Unattributed Sources}}

[[File:Bnbchain.jpg|thumb|Binance Security Image]]A user or contract mistakenly approved token spending rights to the Multicall3 contract, a generic batching utility with no internal access controls, allowing an attacker to exploit that approval and drain approximately 41 BNB (around $36,000) by forwarding malicious transferFrom() calls. Because Multicall3 executes arbitrary calldata without restrictions, the attacker used it as a proxy to execute unauthorized token transfers. The stolen funds were split between two destinations, and while the incident was flagged by TenArmor, no other major security firms have issued reports, and recovery is unlikely due to the anonymous nature of the exploit.<ref name="tenarmortweet-21047" /><ref name="multicallrepo-21055" /><ref name="etherscandocs-21056" /><ref name="dedaubpost-21057" /><ref name="ethstackqa-21058" />

== About Multicall3 ==
Multicall3 is a smart contract utility that allows users to batch multiple function calls into a single transaction. Originally designed to optimize on-chain data fetching and reduce gas costs, it has become widely adopted in the Ethereum and DeFi ecosystems. Instead of calling several contracts individually, users or developers can bundle those calls into a single aggregate or tryAggregate function call through Multicall3, which executes them and returns the results. This is particularly useful for frontends or analytical tools that need to retrieve large amounts of state data efficiently and atomically.

== The Reality ==
Multicall3 does not implement any internal access control or call validation, meaning it will blindly execute whatever calldata it is given, as long as it conforms to the expected structure. While this is by design—it’s meant to be a generic utility—it creates a significant security risk if tokens are approved to it. If a user mistakenly approves an ERC-20 token allowance to the Multicall3 contract, an attacker can craft a malicious payload that uses transferFrom() to drain those tokens via a call relayed through Multicall3. Since Multicall3 has the authority (via approve()) to transfer tokens on the user's behalf, it becomes a silent intermediary in the theft.

== What Happened ==
An attacker exploited a token approval to the unsecured Multicall3 contract to drain approximately 41 BNB (~$36,000) by relaying malicious transferFrom() calls.
{| class="wikitable"
|+Key Event Timeline - BNB Token Drain After Granting Multicall3 Contract Approval
!Date
!Event
!Description
|-
|August 20th, 2025 8:29:31 AM MDT
|Transaction On BSC
|The malicious transaction is accepted and executed by the Binance Smart Chain.
|-
|August 20th, 2025 8:26:00 PM MDT
|TenArmor Posts Tweet
|TenArmor posts a tweet which features details of the attack, along with another attack which occurred recently.
|}

== Technical Details ==
A user or contract granted token allowance (via approve()) to the Multicall3 contract, which then had permission to spend those tokens on the user's behalf. Multicall3 is a utility contract often used to bundle multiple read or write operations into a single call, but it is not inherently secure for token transfers unless carefully controlled.

If an attacker can trick a user into approving tokens to Multicall3—and then call it in a way that forwards transferFrom() calls to malicious logic—they can drain the tokens from the victim’s wallet or contract. This happens because the Multicall3 contract doesn't restrict how or by whom it’s used; it simply forwards calls based on input data. In this scenario, it was likely exploited as a "proxy executor" by an attacker to invoke token transfers using the previously granted allowance.

== Total Amount Lost ==
The loss total appears to be 41.034748173552867045 BNB, which had a value of roughly $36k at the time of the transaction. These funds have been split between 2 different destinations.

The total amount lost has been estimated at $36,000 USD.

== Immediate Reactions ==
It is unclear whether there is any immediate reaction to the transaction. It does not appear that the entity behind the smart contract is known.

== Ultimate Outcome ==
The incident was reported on by TenArmor. It does not appear that any other blockchain security firms issued any reports about this particular transaction.

== Total Amount Recovered ==
It is unlikely that any funds will be recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There is likely more to be gleaned from a further analysis of the transaction in question.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21047">[https://twitter.com/TenArmorAlert/status/1958354933247590450 TenArmor - "Another two hacks: The victim contract 0x8d2e was exploited due to missing access control in the uniswapV3SwapCallback function. Someone approved tokens to the Multicall3 contract, resulting in the tokens being drained." - Twitter/X] (Accessed Aug 21, 2025)</ref>

<ref name="multicallrepo-21055">[https://github.com/mds1/multicall Multicall3 GitHub Repository] (Accessed Aug 21, 2025)</ref>

<ref name="etherscandocs-21056">[https://docs.etherscan.io/apis/multicall Multicall API - Etherscan Docs] (Accessed Aug 21, 2025)</ref>

<ref name="dedaubpost-21057">[https://dedaub.com/blog/multicall-approval Why Approving Multicall Contracts Is Dangerous - Dedaub] (Accessed Aug 21, 2025)</ref>

<ref name="ethstackqa-21058">[https://ethereum.stackexchange.com/questions/116841/what-is-the-multicall-contract-and-why-should-i-care What is the Multicall contract and why should I care? - Ethereum Stack Exchange] (Accessed Aug 21, 2025)</ref></references>

Coinbase MainnetSettler Approve Bug Hold Token Theft 2

2025-08-27T21:42:11Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/coinbasemainnetsettlerapprovebugholdtokentheft2.php}} {{Unattributed Sources}} Coinbase Building/LogoCoinbase, a major cryptocurrency platform known for its security and broad user base, had a second repeat of a previous vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract all..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/coinbasemainnetsettlerapprovebugholdtokentheft2.php}}
{{Unattributed Sources}}

[[File:Coinbase.jpg|thumb|Coinbase Building/Logo]]Coinbase, a major cryptocurrency platform known for its security and broad user base, had a second repeat of a previous vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract allowed an attacker to execute a malicious transferFrom call, stealing Hold tokens valued at over $291,000. The exploit was identified and reported by TenArmor, who advised users to revoke approvals to the contract. As of now, Coinbase has not publicly acknowledged the incident, and it remains uncertain whether the affected user will recover the lost funds or if Coinbase will provide compensation.<ref name="tenarmortweet-21042" /><ref name="tokentransactions-21043" /><ref name="coinbasehomepage-20344" /><ref name="mainnetsettlertransaction-21039" /><ref name="devengineoztweet-21040" /><ref name="agentargustweet-21041" />

== About Coinbase ==
Coinbase is a secure and user-friendly platform that facilitates the buying, selling, and storage of cryptocurrencies like Bitcoin and Ethereum. Designed to serve both beginners and experienced investors, it has become one of the most widely used cryptocurrency exchanges in the United States.

Since its founding in 2012, Coinbase has grown into a leading platform in the crypto space. It supports a wide range of services, including basic crypto investing, advanced trading tools, institutional custodial accounts, and a standalone wallet for individual users. It also launched its own U.S. dollar-backed stablecoin to enhance crypto transactions.

Trusted by approximately 73 million verified users, 10,000 institutions, and 185,000 partners across more than 100 countries, Coinbase plays a key role in the global crypto ecosystem. Fully regulated and licensed (except in Hawaii), Coinbase began with Bitcoin trading but has since expanded to support a variety of cryptocurrencies that meet its decentralized standards.
== About MainnetSettler Contract ==
The MainnetSettler smart contract is a smart contract on the Ethereum blockchain. The name indicates that it's called "Settler V1.6". This smart contract appears to interact and handle main ethereum chain events.

== The Reality ==
Unfortunately, the Mainnet Settler smart contract was launched with mistaken approvals being set, which allowed funds to be accessed and removed.

== What Happened ==
A vulnerability in the Mainnet Settler smart contract allowed an attacker to stealHold tokens worth an estimated $300,000.
{| class="wikitable"
|+Key Event Timeline - Coinbase MainnetSettler Approve Bug Hold Token Theft 2
!Date
!Event
!Description
|-
|August 13th, 2025 9:15:00 PM MDT
|TenArmor Posts Tweet
|TenArmor - "It appears that @coinbase #Coinbase: Fees on #ETH was attacked (mostly by bots), resulting in approximately a loss of $300k due to mistaken approvals to the #MainnetSettler contract." - Twitter/X
|}

== Technical Details ==
The issue was reportedly possible "due to mistaken approvals to the #MainnetSettler contract."

This is likely a repeat of the November issue where a victim "had an approval for #Hold token to the #MainnetSettler contract, which allowed arbitrary calls to be executed by anyone. As a result, the attacker managed to gain ... #Hold tokens as profit by executing a transferFrom call."

MainnetSettler Contract: 0x70bf6634eE8Cb27D04478f184b9b8BB13E5f4710

== Total Amount Lost ==
Losses were reported as a total of $300k across multiple attacks.

The total amount lost has been estimated at $300,000 USD.

== Immediate Reactions ==
So far, the only third party to officially recognize this exploit appears to have been TenArmor. There is no indication that Coinbase has publicly recognized the exploit. There may be private communication that is not known.

== Ultimate Outcome ==
There is limited publicly available information. The outcome of any recovery is unknown and it is also unclear how aware Coinbase is of the situation.

== Total Amount Recovered ==
It is unclear if Coinbase will cover the loss for the affected wallet. It appears that most of the losses were caused by MEV bots, which would suggest that the prospects for recovery are very good for the exchange.

The total amount recovered is unknown.

== Ongoing Developments ==
The ultimate outcome and any information which will be made available is unknown at this point.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21042">[https://twitter.com/TenArmorAlert/status/1955830852182794602 TenArmor - "It appears that @coinbase #Coinbase: Fees on #ETH was attacked (mostly by bots), resulting in approximately a loss of $300k due to mistaken approvals to the #MainnetSettler contract." - Twitter/X] (Accessed Aug 15, 2025)</ref>

<ref name="tokentransactions-21043">[https://etherscan.io/tokentxns?a=0x382ffce2287252f930e1c8dc9328dac5bf282ba1 MainnetSettler Token Transactions - Etherscan] (Accessed Aug 15, 2025)</ref>

<ref name="coinbasehomepage-20344">[https://coinbase.com/ Coinbase Homepage] (Accessed Jun 20, 2025)</ref>

<ref name="mainnetsettlertransaction-21039">[https://etherscan.io/address/0x70bf6634eE8Cb27D04478f184b9b8BB13E5f4710 Mainnet Settler Smart Contract - Etherscan] (Accessed Aug 15, 2025)</ref>

<ref name="devengineoztweet-21040">[https://twitter.com/DevEngineOz/status/1848999237612408930 Dev Engine Oz - "Some extremely abnormal behaviour going on with $saito erc20 purchases on #uniswap currently. Some big clips coming in and immediately transferring the tokens to another wallet. Could this be an exchange wallet?" - Twitter/X] (Accessed Aug 15, 2025)</ref>

<ref name="agentargustweet-21041">[https://twitter.com/Agent_Argus/status/1884006883427766384 Agent Argus - "Recent Transaction Amount: 33 $USDC Chain: ETHEREUM" - Twitter/X] (Accessed Aug 15, 2025)</ref></references>

GrizziFi milestoneReward Mechanism collectRefBonus Exploit

2025-08-27T21:41:57Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/grizzifimilestonerewardmechanismcollectrefbonusexploit.php}} {{Unattributed Sources}} Grizzifi Demo Site Logo/HomepageGrizziFi was a decentralized finance (DeFi) platform launched on the Binance Smart Chain on August 12, 2025, offering BNB staking with attractive fixed returns and a 17-level passive income system. While it promoted itself as a secure, comm..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/grizzifimilestonerewardmechanismcollectrefbonusexploit.php}}
{{Unattributed Sources}}

[[File:Grizzifiapp.jpg|thumb|Grizzifi Demo Site Logo/Homepage]]GrizziFi was a decentralized finance (DeFi) platform launched on the Binance Smart Chain on August 12, 2025, offering BNB staking with attractive fixed returns and a 17-level passive income system. While it promoted itself as a secure, community-driven ecosystem with audited smart contracts and long-term sustainability goals, a critical flaw in its rewards mechanism was quickly exploited. According to security firms TenArmor and AgentLisa, the exploit involved manipulating milestone rewards through self-created wallets and flawed logic that counted total rather than active investments. The attacker drained approximately $61,000, and the GrizziFi team has not issued any response. The project's website is now offline, with no signs of recovery or support for affected users, raising concerns about a possible rug pull.<ref name="tenarmortweet-21020" /><ref name="firstattack-21021" /><ref name="secondattack-21022" /><ref name="grizzifiexploiter-21023" /><ref name="metatrustlabstweet-21024" /><ref name="agentlisa-21025" /><ref name="metatrustalerttweet-21026" /><ref name="grizzifismartcontract-21027" /><ref name="grizzifismartcontractcreation-21028" /><ref name="dappradar-21029" /><ref name="grizzifihomepage-21030" /><ref name="grizzifiinstagram1-21031" /><ref name="grizzifiinstagram2-21032" /><ref name="About Grizzi Fi - DappRadar-21033" /><ref name="hazecryptoaudit-21034" /><ref name="rkdemolink-21035" /><ref name="hazecrypto-21036" />

== About GrizziFi ==
GrizziFi is a decentralized finance (DeFi) platform launched on the Binance Smart Chain (BSC) on August 12th, 2025. Designed to simplify and democratize access to DeFi, it allows users to stake BNB tokens through fully autonomous smart contracts, eliminating the need for administrative control and enhancing security. The platform caters to both novice and experienced users by offering an easy-to-use interface and transparent operations.

The core feature of GrizziFi is its staking model, which offers three fixed-term options with competitive returns: 5.6% over 7 days, 14% over 14 days, and 36% over 30 days. Users benefit not only from their own staking activities but also from a unique 17-level passive income system, encouraging community engagement and incentivizing users to grow the network.

Security and sustainability are central to GrizziFi’s mission. The smart contracts are audited, and the platform incorporates strategic yield farming and liquidity provision to support long-term viability. GrizziFi positions itself as more than just a staking tool—it aims to be a robust, community-driven ecosystem focused on steady, sustainable income and capital growth within the broader crypto space.

The description on DappRadar reads:

"GrizziFi is a next-generation decentralized finance (DeFi) staking and yield farming platform built on the Binance Smart Chain (BSC). Our mission is to simplify DeFi, making it secure, transparent, and accessible to everyone — from beginners to seasoned investors.

With GrizziFi, you can stake your BNB directly through 100% smart contracts, ensuring there is no admin control and your funds remain safe. Our platform offers competitive and flexible staking plans:

5.6% – 7 Days
14% – 14 Days
36% – 30 Days
In addition to personal staking rewards, GrizziFi introduces a 17-Level Passive Income System, allowing you to earn from your network’s activity and grow together as a community.

We prioritize security with audited contracts and long-term sustainability through strategic yield farming and liquidity provision.

GrizziFi is more than just a staking platform — it’s a community-driven ecosystem built for steady income and long-term capital growth in the evolving crypto landscape."

== The Reality ==
Unfortunately, it appears the the Grizzifi smart contract rewards mechanism contained a fundamental flaw which allowed for a quick exploit.

== What Happened ==
GrizziFi, a DeFi staking platform on Binance Smart Chain, was exploited shortly after launch due to a flawed rewards mechanism, resulting in a $61,000 loss.
{| class="wikitable"
|+Key Event Timeline - GrizziFi milestoneReward Mechanism collectRefBonus Exploit
!Date
!Event
!Description
|-
|August 12th, 2025 12:24:07 AM MDT
|Grizzifi Contract Created
|The Grizzifi smart contract is first created on the Binance Smart Chain.
|-
|August 13th, 2025 12:34:46 PM MDT
|First Attack Transaction
|The first attack transaction is successfully mined into the Binance Smart Chain.
|-
|August 13th, 2025 12:37:53 PM MDT
|Second Attack Transaction
|The second attack transaction is successfully mined into the Binance Smart Chain.
|-
|August 13th, 2025 8:54:00 PM MDT
|TenArmor Posts Tweet
|TenArmor posts an announcement about the exploit happening.
|-
|August 14th, 2025 6:20:00 AM MDT
|Meta Trust Alert Post
|An alert post is made by the MetaTrust team.
|-
|August 14th, 2025 6:56:00 AM MDT
|Meta Trust Labs Post
|The Meta Trust Labs team posts a more detailed analysis of the exploit on Twitter/X.
|}

== Technical Details ==
According to a report by TenArmor, the rewards mechanism of the Grizzifi smart contract was exploited by the attacker.

The hacker separated the attack into two steps, first creating news controlled wallets to amplify the `milestoneReward` through the `harvestHoney` function, then withdraw the `milestoneReward` with the `collectRefBonus`.

Security report from #AgentLisa @AgentLISA_ai shows the root cause is that team milestones based on total investments (including withdrawn) instead of active investments.

Victim Contract: 0x21ab8943380b752306abf4d49c203b011a89266b

Attack Transaction 1: 0xdb5296b19693c3c5032abe5c385a4f0cd14e863f3d44f018c1ed318fa20058f7

Attack Transaction 2: 0xdb4f2c0d2ab8f029d9576dc96b0a9b547ef6c90e17a7a3146b27514dfeba6bba

== Total Amount Lost ==
TenArmor has reported a loss total of $61k.

The total amount lost has been estimated at $61,000 USD.

== Immediate Reactions ==
It appears that the GrizziFi project did not officially respond to the incident.

== Ultimate Outcome ==
The incident was reported on by TenArmor several hours later. The Grizzi Fi website appears to be offline.

== Total Amount Recovered ==
There is no indication of any recovery.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The GrizziFi website appears to have gone offline, and it is unclear if the project was exploited or has performed a rug pull. There does not appear to be any assistance available for affected users.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-21020">[https://twitter.com/TenArmorAlert/status/1955825401470578788 TenArmor - "Our system has detected a suspicious attack involving #Grizzifi on #BSC, resulting in an approximately loss of $61K." - Twitter/X] (Accessed Aug 14, 2025)</ref>

<ref name="firstattack-21021">[https://bscscan.com/tx/0xdb5296b19693c3c5032abe5c385a4f0cd14e863f3d44f018c1ed318fa20058f7 First Attack Transaction - BSCScan] (Accessed Aug 14, 2025)</ref>

<ref name="secondattack-21022">[https://bscscan.com/tx/0xdb4f2c0d2ab8f029d9576dc96b0a9b547ef6c90e17a7a3146b27514dfeba6bba Second Attack Transaction - BSCScan] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifiexploiter-21023">[https://bscscan.com/address/0xe2336b08a43f87a4ac8de7707ab7333ba4dbaf7c Grizzifi Exploiter Address - BSCScan] (Accessed Aug 14, 2025)</ref>

<ref name="metatrustlabstweet-21024">[https://twitter.com/MetaTrustLabs/status/1955976736560308302 Meta Trust Labs - "The hacker separated the attack into two steps, first creating news controlled wallets to amplify the `milestoneReward` through the `harvestHoney` function, then withdraw the `milestoneReward` with the `collectRefBonus`." - Twitter/X] (Accessed Aug 14, 2025)</ref>

<ref name="agentlisa-21025">[https://agentlisa.ai/scan/aecff939-ea8e-4f83-b63f-76c32f3c8ef4 Grizzifi Hack - Agent Lisa] (Accessed Aug 14, 2025)</ref>

<ref name="metatrustalerttweet-21026">[https://twitter.com/MetaTrustAlert/status/1955967862276829375 Meta Trust Alert - "#MetaTrustAlert #Grizzifi contract on #BNBChain was attacked with a loss of $61K." - Twitter/X] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifismartcontract-21027">[https://bscscan.com/address/0x21ab8943380b752306abf4d49c203b011a89266b Grizzifi Smart Contract - BSCScan] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifismartcontractcreation-21028">[https://bscscan.com/tx/0xb0f4b1d86dd6831af958bcf5138e884cf74ea3a9e2aeebd5fd73463b6e99ba68 Grizzifi Smart Contract Creation - BSCScan] (Accessed Aug 14, 2025)</ref>

<ref name="dappradar-21029">[https://dappradar.com/dapp/grizzi-fi Grizzi Fi - DappRadar] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifihomepage-21030">[https://grizzifi.app/ GrizziFi Homepage] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifiinstagram1-21031">[https://www.instagram.com/p/DNQwE4ZzKAj/ Grizzifi - "Hey Grizzifi Tribe! The wait is over — our hive doors are officially OPEN! It’s time to follow the bear, fill your jars, and start your journey to sweet profits." - Instagram] (Accessed Aug 14, 2025)</ref>

<ref name="grizzifiinstagram2-21032">[https://www.instagram.com/p/DNSQvejT4pp/ Grizzifi - "Ready to stake and earn with GrizziFi? It’s super simple! We’ve prepared a full step-by-step guide to help you start your journey and grow your passive income." - Instagram] (Accessed Aug 14, 2025)</ref>

<ref name="About Grizzi Fi - DappRadar-21033">[https://dappradar.com/dapp/grizzi-fi/about https://dappradar.com/dapp/grizzi-fi/about] (Accessed Aug 14, 2025)</ref>

<ref name="hazecryptoaudit-21034">[https://hazecrypto.net/audit/GrizziFi Apparent Audit - Haze Crypto] (Accessed Aug 14, 2025)</ref>

<ref name="rkdemolink-21035">[https://www.rkdemolink.live/refer.html Grizzi Fi Demo Link - RkDemoLink] (Accessed Aug 14, 2025)</ref>

<ref name="hazecrypto-21036">[https://hazecrypto.net/ Haze Crypto Homepage] (Accessed Aug 14, 2025)</ref></references>

File:Grizzifiapp.jpg

2025-08-27T21:41:48Z

Azoundria:

WXC Token Smart Contract Token Burn Mechanism Triggered

2025-08-27T21:41:26Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/wxctokensmartcontracttokenburnmechanismtriggered.php}} {{Unattributed Sources}} Binance Security ImageThe WXC smart contract was launched on the Binance Smart Chain. Shortly after, a vulnerability in its token burn mechanism—specifically triggered when selling tokens to the pair—was exploited by an attacker. As a result, approximately $30.9k was st..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/wxctokensmartcontracttokenburnmechanismtriggered.php}}
{{Unattributed Sources}}

[[File:Binancesecurity.jpg|thumb|Binance Security Image]]The WXC smart contract was launched on the Binance Smart Chain. Shortly after, a vulnerability in its token burn mechanism—specifically triggered when selling tokens to the pair—was exploited by an attacker. As a result, approximately $30.9k was stolen. The incident was analyzed and reported by TenArmor. The WXC protocol doesn't appear to have any visible social media, and it remains unclear whether any investigation or recovery efforts are underway.<ref name="tenarmortweet-20974" /><ref name="bscscanattack-20975" /><ref name="wxcsmartcontract-20976" /><ref name="wxcsmartcontractcreation-20977" /><ref name="pancakeswap-20978" /><ref name="apespace-20979" /><ref name="top100token-20980" />

== About WXC Smart Contract ==
The WXC smart contract is located on Binance Smart Chain, and was launched on July 31st, 2025.

== The Reality ==
Unfortunately, it appears that the burn mechanism of the smart contract introduced a vulnerability.

== What Happened ==
The smart contract for the WXC token on Binance Smart Chain was exploited due to a flaw in its token burn mechanism, resulting in a $30.9k loss.
{| class="wikitable"
|+Key Event Timeline - WXC Token Smart Contract Token Burn Mechanism Triggered
!Date
!Event
!Description
|-
|July 31st, 2025 9:59:53 PM MDT
|Smart Contract Crearted
|The victim smart contract is first created on Binance Smart Chain.
|-
|August 10th, 2025 8:59:18 PM MDT
|Attack Transaction
|The attack transaction is accepted and processed by the Binance Smart Chain.
|-
|August 10th, 2025 11:20:00 PM MDT
|TenArmor Tweet Posted
|TenArmor posts an alert regarding the attack transaction.
|}

== Technical Details ==
"It appears that the token burn mechanism, triggered when selling tokens to the pair, was exploited by the attacker."

== Total Amount Lost ==
TenArmor has reported that the total amount lost in the attack was $30.9k.

The total amount lost has been estimated at $31,000 USD.

== Immediate Reactions ==
There is no indication of any reaction from the protocol.

== Ultimate Outcome ==
The incident was reported on and analyzed by TenArmor.

== Total Amount Recovered ==
It is unlikely that the lost funds will be recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
It is unclear if any further investigation or recovery attempt is ongoing.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20974">[https://twitter.com/TenArmorAlert/status/1954774967481962832 TenArmor - "Our system has detected that #WXC on #BSC was attacked, resulting in an approximately loss of $30.9K. It appears that the token burn mechanism, triggered when selling tokens to the pair, was exploited by the attacker." - Twitter/X] (Accessed Aug 11, 2025)</ref>

<ref name="bscscanattack-20975">[https://bscscan.com/tx/0x1397bc7f0d284f8e2e30d0a9edd0db1f3eb0dd284c75e30d226b02bf09ad068f Attack Transaction - BSCScan] (Accessed Aug 11, 2025)</ref>

<ref name="wxcsmartcontract-20976">[https://bscscan.com/address/0x8087720eeea59f9f04787065447d52150c09643e WXC Smart Contract - BSCScan] (Accessed Aug 11, 2025)</ref>

<ref name="wxcsmartcontractcreation-20977">[https://bscscan.com/tx/0x7cf328acf73f2ddd209301e97bdcc2c0de0b4ff9f6953be115334bf9343cfe99 Creation Transaction For WXC - BSCScan] (Accessed Aug 11, 2025)</ref>

<ref name="pancakeswap-20978">[https://pancakeswap.finance/info/token/0x8087720EeeA59F9F04787065447D52150c09643E WXC Token - PancakeSwap] (Accessed Aug 11, 2025)</ref>

<ref name="apespace-20979">[https://apespace.io/bsc/0x8087720eeea59f9f04787065447d52150c09643e WXC Token - ApeSpace] (Accessed Aug 11, 2025)</ref>

<ref name="top100token-20980">[https://top100token.com/binance/0x8087720eeea59f9f04787065447d52150c09643e WXC Token - Top100Token] (Accessed Aug 11, 2025)</ref></references>

Ethereum ZeroTransfer Address Pollution Phishing Twice

2025-08-27T21:41:12Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ethereumzerotransferaddresspollutionphishingtwice.php}} {{Unattributed Sources}} Ethereum Address PoisoningAn Ethereum address fell victim to an address pollution phishing attack. The attacker created a similar-looking wallet address to impersonate the intended recipient’s address. Due to the visual similarity, the victim mistakenly sent fun..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ethereumzerotransferaddresspollutionphishingtwice.php}}
{{Unattributed Sources}}

[[File:Ethereumaddresspoisoning.jpg|thumb|Ethereum Address Poisoning]]An Ethereum address fell victim to an address pollution phishing attack. The attacker created a similar-looking wallet address to impersonate the intended recipient’s address. Due to the visual similarity, the victim mistakenly sent funds to the attacker’s wallet instead of the legitimate one. As a result, at least $843,166.84 USD in USDT was lost, with another transfer of over $1.75 million also recorded to the attacker’s address. The incident was reported by TenArmor, and there is no indication that any of the stolen funds have been recovered.
<ref name="tenarmortweet-20795" /><ref name="perpetrator-20796" /><ref name="phishedtransaction-20797" /><ref name="peckshieldtweet-20798" /><ref name="secondphishedtransaction-20799" /><ref name="aegisweb3tweet-20800" /><ref name="scamretrievaltweet-20801" /><ref name="web3watchdogtweet-20802" /><ref name="realscamsniffertweet-20803" /><ref name="victimwallet1-20804" /><ref name="victimwallet2-20805" /><ref name="victimwalletfunding-20806" />

== About The Ethereum Victim ==
The victim exists at Ethereum address 0x86C0300Fc369E54d22512564Cc0e8CC261102604.

== The Reality ==
Unfortunately, it is easy to get fooled by incorrect addresses. Creating addresses which appear similar to legitimate addresses is not that challenging. It is important to always verify all addresses.

== What Happened ==
The victim mistakenly sent over $2.5 million in USDT to a phishing address that closely resembled the intended recipient’s, due to an address pollution phishing attack.
{| class="wikitable"
|+Key Event Timeline - Ethereum ZeroTransfer Address Pollution Phishing Twice
!Date
!Event
!Description
|-
|May 25th, 2025 2:10:59 AM MDT
|Victim Ethereum Wallet Created
|The victim's ethereum wallet is first funded.
|-
|May 25th, 2025 5:48:23 PM MDT
|Phishing Transaction Occurs
|A transaction for 843,166.835945 USDT sent to the phisher.
|-
|May 25th, 2025 6:00:00 PM MDT
|Real Scam Sniffer Tweet
|Real Scam Sniffer posts about the exploit, with just one transaction included.
|-
|May 25th, 2025 8:43:00 PM MDT
|Incident Post By TenArmor
|TenArmor creates a post reporting on the attack, with links to information about the relevant transactions.
|-
|May 25th, 2025 9:38:59 PM MDT
|Second Tricked Phishing Transaction
|A second transfer of 1,754,893.457191 USDT is also found to the same perpetrator.
|-
|May 25th, 2025 11:46:00 PM MDT
|PeckShield Reports Larger Loss
|PeckShield reports on the incident with a total loss of $1.7m reported.
|-
|May 26th, 2025 1:17:00 AM MDT
|AegisWeb3 Reporting Post
|AegisWeb3 reports with both phishing transactions included for a total loss of $2.6m.
|}

== Technical Details ==
The attack took place through address pollution phishing. Address pollution phishing is a type of cyberattack where scammers flood blockchain addresses with tiny, unsolicited transactions to obscure legitimate activity or manipulate data analysis. This tactic can be used to confuse users, overload transaction histories, or mask fraudulent behavior by making it harder to trace real transactions. Often seen in Web3 environments, address pollution phishing can also serve as a distraction while more serious phishing or scamming attempts occur elsewhere.

In this case, the victim intended to send their funds to the wallet address 0x4668d1fe87444a4d7508e83c89bfdaf1117e6b76. However, an attacker was successfully able to create a new wallet address 0x4668EE748c88DA4FEc595773b22f96f366eD6B76, and interact with their Ethereum wallet. The victim accidentally confused the wallet addresses and sent their funds to the attacker's wallet.

== Total Amount Lost ==
TenArmor has estimated the amount of the loss at $843,166.84 USD. The blockchain shows that 843,166.835945 USDT were sent to the perpetrator address. However, a second transfer of 1,754,893.457191 USDT is also found to the same perpetrator.

The total amount lost has been estimated at $2,598,000 USD.

== Immediate Reactions ==
The attack was reported on by TenArmor a few hours later. It is unclear how the victim reacted.

== Ultimate Outcome ==
It does not appear likely that any funds will be recovered.

== Total Amount Recovered ==
There is no evidence that any funds have been able to be recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There is limited information about any investigation or recovery that may be underway.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20795">[https://twitter.com/TenArmorAlert/status/1926831552261914891 TenArmor - "Our system has detected a suspicious Address Pollution Phishing attack on #ETH, causing an estimated loss of $843,166.84." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="perpetrator-20796">[https://etherscan.io/address/0x4668EE748c88DA4FEc595773b22f96f366eD6B76 The Perpetrator's Ethereum Address - Etherscan] (Accessed Jul 31, 2025)</ref>

<ref name="phishedtransaction-20797">[https://etherscan.io/tx/0xf55a4ed3cdb8bdadbe8f23d87cb52231b92357ad95ff41c97c211e5612aa9c2d The First Phishing Transaction - Etherscan] (Accessed Jul 31, 2025)</ref>

<ref name="peckshieldtweet-20798">[https://twitter.com/PeckShieldAlert/status/1926877652985495865 PeckShield - "#PeckShieldAlert A #ZeroTransfer scammer grabbed ~1.7M $USDT from 0x86C0...2604." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="secondphishedtransaction-20799">[https://etherscan.io/tx/0xfbac8a7f99c188ceb38bd6e5d9b12b2e88b4ad79d06625be86521fe5e986f156 The Second Phishing Transaction - Etherscan] (Accessed Jul 31, 2025)</ref>

<ref name="aegisweb3tweet-20800">[https://twitter.com/AegisWeb3/status/1926900530976080183 AegisWeb3 - "Scammed Twice in 5 Hours: Victim Loses $2.6M USDT in ZeroTransfer Attack. In a shocking repeat incident, a victim fell prey twice to the same #ZeroTransfer scam within just 5 hours — losing a total of $2.6M USDT." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="scamretrievaltweet-20801">[https://twitter.com/Scamretrieval_X/status/1933998767566676398 ScamRetrieval - "victim:...wrong address:...correct address:" - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="web3watchdogtweet-20802">[https://twitter.com/web3_watchdog/status/1926878020775665806 Web3Watchdog - "PeckShieldAlert: #PeckShieldAlert A #ZeroTransfer scammer grabbed ~1.7M $USDT from 0x86C0...2604." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="realscamsniffertweet-20803">[https://twitter.com/realScamSniffer/status/1926790455649263849 Real Scam Sniffer - "8 minutes ago, a victim lost $843,166 by copying the wrong address from a contaminated transfer history." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="victimwallet1-20804">[https://etherscan.io/address/0x86C0300Fc369E54d22512564Cc0e8CC261102604 The Victim Wallet Address - Etherscan] (Accessed Jul 31, 2025)</ref>

<ref name="victimwallet2-20805">[https://etherscan.io/address/0x4668d1fe87444a4d7508e83c89bfdaf1117e6b76 The Victim's Intended Recipient Address - Etherscan] (Accessed Jul 31, 2025)</ref>

<ref name="victimwalletfunding-20806">[https://etherscan.io/tx/0x2bb1adc93fd4d480935fb81c3cc197272039bb3bf1a5986e7e85e4411f91e701 The Victim Wallet Funding Transaction - Etherscan] (Accessed Jul 31, 2025)</ref></references>

YDT Yellow Duck Token proxyTransfer Backdoor Exploited

2025-08-27T21:40:57Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ydtyellowducktokenproxytransferbackdoorexploited.php}} {{Unattributed Sources}} Binance Security ImageThe Yellow Duck Token (YDT), launched on May 24th, suffered a \$41.4k loss due to a vulnerability—or possible backdoor—in its `proxyTransfer()` function, which allowed an attacker to transfer tokens from any address using a privileged account; the..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ydtyellowducktokenproxytransferbackdoorexploited.php}}
{{Unattributed Sources}}

[[File:Binancesecurity.jpg|thumb|Binance Security Image]]The Yellow Duck Token (YDT), launched on May 24th, suffered a \$41.4k loss due to a vulnerability—or possible backdoor—in its `proxyTransfer()` function, which allowed an attacker to transfer tokens from any address using a privileged account; the incident was reported by TenArmor, and there is no evidence of fund recovery or an ongoing investigation.<ref name="tenarmortweet-20807" /><ref name="bsctransaction-20808" /><ref name="blockthreat-20809" /><ref name="ydttokenbscscan-20810" /><ref name="ydtsmartcontractcreation-20811" />

== About Yellow Duck Token ==
YDT is short for "Yellow Duck Token". The smart contract was launched on May 24th.

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
A flaw in Yellow Duck Token’s `proxyTransfer()` function allowed unauthorized transfers, leading to a $41.4k loss.

{| class="wikitable"
|+Key Event Timeline - YDT Yellow Duck Token proxyTransfer Backdoor Exploited
!Date
!Event
!Description
|-
|May 24th, 2025 7:15:20 AM MDT
|Smart Contract Creation
|The Yellow Duck Token smart contract is first created.
|-
|May 25th, 2025 12:16:52 AM MDT
|Suspicious YDT Transaction
|The suspicious transaction is accepted by the Binance Smart Chain.
|-
|May 25th, 2025 4:34:00 AM MDT
|TenArmor Posting Incident Tweet
|TenArmor posts about the suspicious transaction.
|}

== Technical Details ==
"A simple bug (or possibly a backdoor?) in the proxyTransfer() function allows an attacker to transfer tokens from any address by passing in a privileged address."

== Total Amount Lost ==
TenArmor reports losses as $41.4k.

The total amount lost has been estimated at $41,000 USD.

== Immediate Reactions ==
The incident was reported on by TenArmor. It is unclear if the project has any public face.

== Ultimate Outcome ==
It is unclear if any funds have been recovered or any investigation is underway.

== Total Amount Recovered ==
There is no suggestion that any funds have been recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The incident appears to have faded to history. There's no indication that anything is still being investigated.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20807">[https://twitter.com/TenArmorAlert/status/1926587721885040686 TenArmor - "Our system has detected a suspicious attack involving #YDT token on #BSC, resulting in an approximately loss of $41.4K. A simple bug (or possibly a backdoor?) in the proxyTransfer() function allows an attacker to transfer tokens from any address by passing in a privileged address." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="bsctransaction-20808">[https://bscscan.com/tx/0x233b21d0355108593c3f136797aed886ae1d4655384b33d67b1fccee88cdfbc2 Suspicious YDT Transaction - BSCScan] (Accessed Jul 31, 2025)</ref>

<ref name="blockthreat-20809">[https://newsletter.blockthreat.io/p/blockthreat-week-21-2025 Week 21, 2025 - BlockThreat] (Accessed Jul 31, 2025)</ref>

<ref name="ydttokenbscscan-20810">[https://bscscan.com/address/0x3612e4cb34617bcac849add27366d8d85c102efdd YDT Token Smart Contract - BSCScan] (Accessed Jul 31, 2025)</ref>

<ref name="ydtsmartcontractcreation-20811">[https://bscscan.com/tx/0xe758400cb8328afc71f330f852cbc4e7601bc783b5c32256e14fadf28a19a19e YDT Smart Contract Creation - BSCScan] (Accessed Jul 31, 2025)</ref></references>

DAOSquare Treasury RICE Exploit Theft New Token Recovery

2025-08-27T21:40:43Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/daosquaretreasuryriceexploittheftnewtokenrecovery.php}} {{Unattributed Sources}} DAOSquare Logo/HomepageDAOSquare, a decentralized platform for launching and investing in Venture DAOs, suffered a security breach due to improper access controls in its smart contracts, allowing an attacker to withdraw RICE tokens without restriction. The exploit led to losses..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/daosquaretreasuryriceexploittheftnewtokenrecovery.php}}
{{Unattributed Sources}}

[[File:Daosquare.jpg|thumb|DAOSquare Logo/Homepage]]DAOSquare, a decentralized platform for launching and investing in Venture DAOs, suffered a security breach due to improper access controls in its smart contracts, allowing an attacker to withdraw RICE tokens without restriction. The exploit led to losses of approximately \$88.1k, as reported by TenArmor. In response, DAOSquare launched a new token—the DAOSquare Governomy Token (RICE)—on Ethereum Mainnet and Base, redistributing tokens to affected holders based on a pre-attack snapshot. While most distributions have been completed, recovery efforts are still ongoing, with some users on Gate CEX and Loopring awaiting resolution.<ref name="tenarmortweet-20812" /><ref name="ricetokentransaction-20813" /><ref name="daosquaretweet1-20814" /><ref name="typtodaosquaretweet-20815" /><ref name="daosquaretweet2-20816" /><ref name="daosquaretweet3-20817" /><ref name="victimaddress-20818" /><ref name="victimaddresscreation-20819" /><ref name="daosquarehomepage-20820" /><ref name="daosquarelaunch-20821" /><ref name="daosquaretwitterx-20822" /><ref name="typtodaosquaretwitterx-20823" /><ref name="daosquarefi-20824" />

== About DAOSquare ==
DAOSquare Incubator offers a decentralized platform for creating and investing in Venture DAOs, aiming to make venture capital more accessible and trustless. The platform provides users with easy-to-use tools that allow them to launch their own DAOs or invest in others as effortlessly as online shopping. Its core mission is to democratize investment opportunities and reduce global financial inequality by leveraging blockchain technology.

The platform is designed around several crypto-native features, including automated fund operations, escrow services, vesting schedules, and NFT receipts. These features ensure investments are executed securely and transparently using smart contracts. Investors can choose from three operational modes—Vintage, Collective, and Flex—each catering to different investment styles, levels of decision-making involvement, and fund structures, such as blind pools or deal-by-deal setups.

Vintage DAOs function similarly to traditional VC funds with designated governors managing investments, while Collective DAOs take a collaborative approach where all members decide together. Flex DAOs allow members to individually choose which deals to participate in. This versatility, combined with DAOSquare’s robust infrastructure, positions the platform as a comprehensive ecosystem for decentralized venture capital innovation.
== About DAOSquare Treasury Address ==
The victim address was one of DAOSquare treasuries located at 0xcfe0de4a50c80b434092f87e106dfa40b71a5563. This address was created on March 13th.

== The Reality ==
Unfortunately, the smart contract appears to lack proper access control, which allowed some RICE tokens to be taken.

== What Happened ==
DAOSquare suffered a $88.1k exploit due to smart contract vulnerabilities.

{| class="wikitable"
|+Key Event Timeline - DAOSquare Treasury RICE Exploit Theft New Token Recovery
!Date
!Event
!Description
|-
|March 12th, 2025 11:33:51 PM MDT
|DaoSquare Treasury Created
|The DaoSquare treasury Base wallet is first created and loaded with funds.
|-
|May 24th, 2025 9:42:19 AM MDT
|Rice Token Attack Transaction
|The attack transaction against the Rice token is accepted by the Base blockchain.
|-
|May 24th, 2025 8:13:00 PM MDT
|TenArmor Posts About Exploit
|TenArmor reported a suspicious attack involving the RICE token and an unverified contract at address 0xcfe0 on the Base network, resulting in an estimated loss of $88.1K. The vulnerability stems from the `registerProtocol()` and `setMasterContractApproval()` functions in the victim contract, which lacked proper access control, allowing unauthorized users to withdraw RICE tokens from the contract.
|-
|June 4th, 2025 8:27:00 AM MDT
|DaoSquare Post About Attack
|DaoSquare posts an extensive post about the attack and their plans forward.
|-
|June 4th, 2025 8:37:00 AM MDT
|Attacker Repeat Offender
|The attacker is described as a seasoned repeat offender by DaoSquare founder Typto, and it is announced that the community will relaunch stronger.
|-
|June 23rd, 2025 7:03:00 AM MDT
|New Rice Token Deployment
|DaoSquare posts about their new token deployment, which is a key step in the relaunch plan for the project.
|-
|June 26th, 2025 7:00:00 AM MDT
|Restarting RICE Community Distribution
|The DAOSquare community announces that RICE distributions have now restarted.
|}

== Technical Details ==
The exploit occurred because the victim contract’s `registerProtocol()` and `setMasterContractApproval()` functions lacked proper access control, allowing anyone to call these functions and authorize malicious contracts or addresses to withdraw RICE tokens without restriction.

== Total Amount Lost ==
Losses were reported as $88.1k by TenArmor.

The total amount lost has been estimated at $88,000 USD.

== Immediate Reactions ==
It is unclear who is behind this token. The incident was reported on by TenArmor.

== Ultimate Outcome ==
DAOSquare launched a new token, the DAOSquare Governomy Token (RICE), on both the Ethereum Mainnet and Base networks, following a previous attack on the original RICE token. Tokens have been redistributed to holders based on a snapshot taken before the attack.

== Total Amount Recovered ==
There is no indication that any funds have been recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
Investigation and community recovery appear to be ongoing. The Gate CEX Holders and Loopring Holders still have solutions pending.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20812">[https://twitter.com/TenArmorAlert/status/1926461662644633770 TenArmor - "Our system has detected a suspicious attack involving #RICE token and an unverified contract 0xcfe0 on #BASE, resulting in an approximately loss of $88.1K." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="ricetokentransaction-20813">[https://basescan.org/tx/0x8421c96c1cafa451e025c00706599ef82780bdc0db7d17b6263511a420e0cf20 Rice Attack Transaction - BSCScan] (Accessed Jul 31, 2025)</ref>

<ref name="daosquaretweet1-20814">[https://twitter.com/DAOSquare/status/1930270111211925914 DaoSquare - "On May 25, 2025, one of DAOSquare's treasuries was attacked, resulting in 22,189,176.505973791717313474 RICE tokens being maliciously dumped into the market." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="typtodaosquaretweet-20815">[https://twitter.com/Typto_DAOSquare/status/1930272781461270601 <nowiki>Typto DaoSquare - "The attacker [0x2a49c6FD18BD111d51C4ffFA6559bE1d950B8Eff] is a seasoned repeat offender. While $80,000 in illicit profits may mean little to you, you have brought devastating harm to DAOSquare. Yet we will not fall—we will emerge stronger." - Twitter/X</nowiki>] (Accessed Jul 31, 2025)</ref>

<ref name="daosquaretweet2-20816">[https://twitter.com/DAOSquare/status/1937134397955948598 DaoSquare - "We have deployed DAOSquare's new token—DAOSquare Governomy Token (RICE)—on Ethereum Mainnet and Base. We have also distributed these tokens to all RICE holders according to the snapshot before the RICE attack." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="daosquaretweet3-20817">[https://twitter.com/DAOSquare/status/1938220708854726947 DaoSquare - "Following the attack on $RICE, we have been dedicated to reconstruction efforts. We are now pleased to announce the restart of the RICE community distribution." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="victimaddress-20818">[https://basescan.org/address/0xcfe0de4a50c80b434092f87e106dfa40b71a5563 The Victim Smart Contract - Basescan] (Accessed Jul 31, 2025)</ref>

<ref name="victimaddresscreation-20819">[https://basescan.org/tx/0x7f753beb37a5b113637481d56cc5595a14f3351c2efd1b8f498fd7b69127069d The creation of the victim smart contract.] (Accessed Jul 31, 2025)</ref>

<ref name="daosquarehomepage-20820">[https://www.daosquare.fi/ DAOSquare Homepage] (Accessed Jul 31, 2025)</ref>

<ref name="daosquarelaunch-20821">[https://twitter.com/DAOSquare/status/1917564612914077773 DaoSquare - "Big News from DAOSquare Incubator! We’ve just launched 3 innovative DAOs, each with a unique approach to onchain ventures." - Twitter/X] (Accessed Jul 31, 2025)</ref>

<ref name="daosquaretwitterx-20822">[https://twitter.com/DAOSquare DaoSquare Twitter/X Profile] (Accessed Jul 31, 2025)</ref>

<ref name="typtodaosquaretwitterx-20823">[https://twitter.com/Typto_DAOSquare Typto (DaoSquare Founder) Twitter/X Profile] (Accessed Jul 31, 2025)</ref>

<ref name="daosquarefi-20824">[https://docs.daosquare.fi/expansion/protocol/protocol-contract-graph Protocol Contract Graph - DaoSquare] (Accessed Jul 31, 2025)</ref></references>

File:Daosquare.jpg

2025-08-27T21:40:34Z

Azoundria:

IRYS AI Programmable Blockchain Revolution Backdoor Rug Pull

2025-08-27T21:40:11Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/irysaiprogrammableblockchainrevolutionbackdoorrugpull.php}} {{Unattributed Sources}} IRYS AI Logo/HomepageIRYS AI was promoted as a groundbreaking blockchain platform enabling programmable, on-chain data interaction for smart contracts and AI agents. It introduced a multi-ledger architecture, the IrysVM execution layer, and a hybrid consensus model, positioning..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/irysaiprogrammableblockchainrevolutionbackdoorrugpull.php}}
{{Unattributed Sources}}

[[File:Irysai.jpg|thumb|IRYS AI Logo/Homepage]]IRYS AI was promoted as a groundbreaking blockchain platform enabling programmable, on-chain data interaction for smart contracts and AI agents. It introduced a multi-ledger architecture, the IrysVM execution layer, and a hybrid consensus model, positioning itself as a next-gen solution for decentralized AI and data storage. However, the project was exposed as a scam when investigators discovered a hardcoded backdoor in the token contract that allowed a designated wallet to bypass security checks and drain user funds. The deployer used this vulnerability to steal approximately $69.6K in a single transaction, revealing the malicious intent behind the project. Most have considered this a rug pull. Twitter/X is deleted while the website is still online.<ref name="tenarmortweet-20833" /><ref name="taxwalletset-20834" /><ref name="irysaismartcontract-20835" /><ref name="irysaismartcontractcreation-20836" /><ref name="bscirysaitwitterx-20837" /><ref name="derick34tweet-20838" /><ref name="stylerwalkertweet-20839" /><ref name="farmer0009tweet-20840" /><ref name="irysaihomepage-20841" /><ref name="irysaitelegram-20842" /><ref name="irysaicorefeatures-20843" /><ref name="irysailearnhug-20844" /><ref name="rugpulltx-20845" />

== About IRYS AI ==
IRYS AI claimed to be the first blockchain platform where data wasn’t just stored but made programmable—allowing users to write logic directly onto data for native onchain interaction by smart contracts and AI agents. It promised a revolutionary architecture with a multi-ledger system that validated data through a Submit Ledger before moving it to a Publish Ledger for long-term storage. Additional ledgers were advertised to support customizable storage durations, positioning IRYS as a data-first chain focused on flexibility, verifiability, and permanence.

The project also introduced the IrysVM, a supposedly high-performance, EVM-compatible execution layer designed to bring computation and storage under one system. According to its documentation, this would enable smart contracts to directly manage and enforce rules on programmable datasets, AI models, and inference proofs—eliminating the need for external oracles or databases. IRYS AI marketed this as a key innovation that would usher in a new era of decentralized AI automation.

To secure its network, IRYS AI promised a hybrid consensus model combining useful Proof of Work and staking. This model was touted as a way to ensure decentralization, prevent miner centralization, and maintain honest data storage. Prospective developers were encouraged to start building through the platform's tools and educational resources like the Irys Academy, which offered structured learning for both beginners and advanced blockchain users.

IRYS AI was a smart contract launched on May 10th, 2025. The contract was promoted on May 19th via Twitter/X.

== The Reality ==
Unfortunately, investigators have confirmed a backdoor in the token contract that allowed the designated `_taxWallet` to bypass standard permission checks, enabling the token deployer to drain user funds.

== What Happened ==
IRYS AI, a blockchain project claiming to revolutionize programmable data and decentralized AI, was exposed as a scam after a built-in backdoor enabled the theft of $69.6K in a deliberate rug pull.
{| class="wikitable"
|+Key Event Timeline - IRYS AI Programmable Blockchain Revolution Backdoor Rug Pull
!Date
!Event
!Description
|-
|May 10th, 2025 4:44:12 PM MDT
|IRYSAI Smart Contract Launch
|The IRYSAI smart contract is first launched on the Binance Smart Chain.
|-
|May 19th, 2025 6:39:00 AM MDT
|Original Responses To Post
|An initial post is made about the project, which appears to have gotten some engagement from different Twitter/X users.
|-
|May 20th, 2025 4:08:49 AM MDT
|Tax Wallet Address Updated
|The tax wallet is set to the attacker's wallet and a rug pull is completed to empty the funds to the attacker's wallet. This happens in two separate transactions, however both transactions are placed in the same block on the Binance Smart Chain.
|-
|May 20th, 2025 8:16:00 PM MDT
|Post By TenArmor Published
|TenArmor publishes an alert that a Rug Pull has occurred involving the IRYSAI token on the Binance Smart Chain (BSC), resulting in a loss of approximately $69,600. They have isolated the vulnerability to be a backdoor in the token's smart contract that allows the designated `_taxWallet` to bypass standard allowance checks, effectively granting it unrestricted access to user funds. The deployer address `0xc4ce` assigned this privileged role to address `0x6233` in a setup transaction, which was later used to execute the Rug Pull. This exploit was deliberately built into the contract.
|}

== Technical Details ==
The scam was enabled by a backdoor in the token's smart contract that allows the designated `_taxWallet` to bypass standard allowance checks, effectively granting it unrestricted access to user funds. The deployer address `0xc4ce` assigned this privileged role to address `0x6233` in a setup transaction, which was later used to execute the Rug Pull. This exploit was deliberately built into the contract.

== Total Amount Lost ==
Losses were reported by TenArmor as $69.6k.

The total amount lost has been estimated at $70,000 USD.

== Immediate Reactions ==
Roughly $69.6K was stolen in a single transaction, revealing to the wider community that the project had been maliciously engineered from the start. What was marketed as a cutting-edge blockchain for programmable data turned out to be a carefully disguised scam.

== Ultimate Outcome ==
TenArmor posts a report, declaring the final transaction of the project as a "rug pull".

It appears that the original Twitter/X account was changed from username BSCIRYSAI to Use8BITAI.

== Total Amount Recovered ==
It is unclear if any recovery will be possible. While the website remains online, the project has deleted their official Twitter/X account.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
The project website appears to still be online. The individuals behind the project appear to have moved on to the launch of a new 8BIT AI project.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20833">[https://twitter.com/TenArmorAlert/status/1925012844052975776 TenArmor - "Our system has detected a suspicious RugPull involving #IRYSAI @BSCIRYSAI on #BSC, resulting in an approximately loss of $69.6K." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="taxwalletset-20834">[https://bscscan.com/tx/0x8c637fc98ad84b922e6301c0b697167963eee53bbdc19665f5d122ae55234ca6 Transaction Which Sets The Tax Wallet - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="irysaismartcontract-20835">[https://bscscan.com/address/0x20bb82f7c5069c2588fa900ed438fefd2ae36827 IRYSAI Smart Contract - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="irysaismartcontractcreation-20836">[https://bscscan.com/tx/0x7d1a0e4200c47d90e5bba07f98c62756047aa1adf40569c8330a903a191b2fac IRYSAI Smart Contract Created - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="bscirysaitwitterx-20837">[https://twitter.com/BSCIRYSAI Old IRYSAI Twitter/X account, reported by TenArmor.] (Accessed Aug 1, 2025)</ref>

<ref name="derick34tweet-20838">[https://twitter.com/De_rick34/status/1924444913506169041 DeRick34 - "Follow me back @BSCIRYSAI" - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="stylerwalkertweet-20839">[https://twitter.com/Styler_Walker/status/1924463931201925270 Styler Walker - "Are you looking for a marketing campaign? Lets collab!" - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="farmer0009tweet-20840">[https://twitter.com/Farmer_0009/status/1924550548721745992 Farmer0009 - "Hey! It looks like a very high quality project. let’s do it work together. Send me a message please." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="irysaihomepage-20841">[https://www.irysai.org/ IRYS AI Homepage] (Accessed Aug 1, 2025)</ref>

<ref name="irysaitelegram-20842">[https://t.me/BSCIRYSAI IRYS AI Telegram] (Accessed Aug 1, 2025)</ref>

<ref name="irysaicorefeatures-20843">[https://www.irysai.org/core-features IRYS AI Core Features] (Accessed Aug 1, 2025)</ref>

<ref name="irysailearnhug-20844">[https://www.irysai.org/learn-hub IRYS AI Learn Hub] (Accessed Aug 1, 2025)</ref>

<ref name="rugpulltx-20845">[https://bscscan.com/tx/0xe9a66bad8975f2a7b68c74992054c84d6d80ac4c543352e23bf23740b8858645 Rug Pull Transaction - BSCScan] (Accessed Aug 1, 2025)</ref></references>

File:Irysai.jpg

2025-08-27T21:40:01Z

Azoundria:

MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity

2025-08-27T21:39:05Z

Azoundria:

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/maplestoryuniversenxpcpancakeswaparbitrageopportunity.php}}
{{Unattributed Sources}}

[[File:Maplestoryuniverse.jpg|thumb|MapleStory Universe Logo/Homepage]]<ref name="tenarmortweet-20846" /><ref name="bscscantransaction-20847" /><ref name="soong1911tweet-20848" /><ref name="qashnfttweet-20849" /><ref name="nxpccontract-20850" /><ref name="nxpccreation-20851" /><ref name="nxpccoinmarketcap-20852" /><ref name="nxpccoingecko-20853" /><ref name="msuhomepage-20854" /><ref name="blogmexc-20855" /><ref name="phemexacademy-20856" /><ref name="maplestorytwitterx-20857" /><ref name="maplestoryuniversemedium-20858" /><ref name="polygonlabs-20859" /><ref name="web3games-20860" /><ref name="bingxzendesk-20861" /><ref name="maplestoryuniversemedium-20862" /><ref name="borderlessworld-20863" />

== About MapleStory Universe ==
MapleStory Universe (MSU) is a blockchain-powered metaverse ecosystem built around Nexon’s iconic MapleStory IP. Rather than being a single game, it’s a decentralized virtual world where multiple interconnected applications and mini-games share the same assets and economic systems. All in-game items—including characters, cosmetics, and weapons—are transformed into NFTs with fixed total supplies, enabling true ownership, cross-application transfer, and player-driven marketplaces).

At its core is MapleStory N, a brand-new blockchain-infused version of MapleStory, offering item scarcity, NFT rewards, and a revamped in-game economy free of the traditional cash shop model. This is joined by MapleStory N Mobile (a mobile version with cross-platform interoperability), MapleStory N Worlds (a sandbox creation platform for user-generated content), and the MapleStory N SDK—a suite of developer tools enabling creators to design new games or apps within the ecosystem.

The broader ambition behind MSU is to pioneer what Nexon calls “Reward Experience (RX)”—a decentralized model in which players, creators, and developers are incentivized and rewarded through transparent blockchain economics. By basing the ecosystem on the NEXPACE Protocol, MSU aims to expand beyond MapleStory into a multi-IP multiverse where interoperability, user contribution, and shared governance define future value. Chainlink VRF, Avalanche (and Polygon Supernet) support ensure fast, fair, and scalable operations across the ecosystem.
== About NXPC Token ==
NXPC is the native utility token of MapleStory Universe, a blockchain-based Layer 1 ecosystem created by Nexon to reimagine its iconic MMORPG franchise using Web3 technologies. Designed to fuel a new “Reward Experience” (RX) system, NXPC serves as the backbone of a digital economy where scarcity and utility of in-game items are preserved through tokenization. With a fixed supply of 1 billion tokens, NXPC supports item rarity and economic sustainability via NXPC Fission (exchanging tokens for NFT item sets) and Item Fusion (redeeming NFTs back into tokens), allowing organic regulation of supply based on demand.

NXPC works alongside two other elements—NFTs and NESO (the in-game token)—to maintain a balanced and interoperable economy. Its halving distribution model (similar to Bitcoin’s) gradually reduces token emissions over time, rewarding early contributors while preserving long-term scarcity. The token fuels trading, content creation, NFT utility, and even gas fees within MapleStory Universe’s blockchain. NXPC’s dynamic exchange mechanisms and cross-application interoperability ensure that game items retain significance and value across the entire ecosystem—not just within one game.

NXPC’s most ambitious goal is to evolve MapleStory into a creator-driven, community-powered economy. Developers can use the MapleStory Universe SDK to build new apps and games while earning NXPC through a contribution mechanism based on impact. As the project matures, NXPC is also expected to enable decentralized governance. Its use cases include powering NFT marketplaces, enhancing in-game strategies via dynamic reward systems, and ensuring fair, transparent token circulation. Backed by MapleStory’s global brand and 250M+ player legacy, NXPC is positioned as a pioneering example of how blockchain can enhance traditional gaming models.

== The Reality ==
The NPXU token launch was highly anticipated.

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity
!Date
!Event
!Description
|-
|May 14th, 2025 11:55:20 PM MDT
|Blockchain Transaction Happens
|The arbitrage transaction is accepted by the Binance Smart Chain.
|-
|May 15th, 2025 12:37:00 AM MDT
|TenArmor Posts About Transaction
|TenArmor posts on Twitter/X about the arbitrage exploit.
|}

== Technical Details ==
An MEV bot (automated smart contract) spotted a significant price discrepancy for the NXPC token between two different PancakeSwap V3 liquidity pools on the BSC network. Because these pools had diverging prices—something that shouldn't persist in a healthy market—the bot performed a cross-pool arbitrage to buy low in one pool and sell high in the other. This operation resulted in a $1.2 million profit.

To ensure its transaction was executed ahead of any other bots or users who may have noticed the same opportunity, the bot paid a 97 BNB “bribe” (roughly $50,000–$60,000 depending on BNB price at the time) to the block builder or validator who produced the block containing the transaction. This is common in MEV transactions to outbid competitors in the transaction mempool or private relays.

== Total Amount Lost ==
Profit from the arbitrage was reported as $1.2m.

The total amount lost has been estimated at $1,200,000 USD.

== Immediate Reactions ==
The incident was reported on by TenArmor and a couple of other Twitter/X users.

== Ultimate Outcome ==
The MEV bot gained a profit of $1.2m USD.

== Total Amount Recovered ==
Given that this was not the result of any crime or fraud, it is unlikely to be recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There is nothing remaining to learn about here.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20846">[https://twitter.com/TenArmorAlert/status/1922904270145454208 TenArmor - "An MEV bot captured a large arbitrage opportunity involving the #NXPC token due to a price misalignment between two PancakeSwapV3 pools of the $NXPC token on #BSC, earning a profit of $1.2M with a 97 BNB bribe to the builder." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="bscscantransaction-20847">[https://bscscan.com/tx/0xfc3b21235e96c947d797ead76fd0a33f0b3ff6d03990d36f7b62e62eb6e8b96e Arbitrage Exploit Transaction - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="soong1911tweet-20848">[https://twitter.com/soong1911/status/1922930142717911044 Soong1911 - "Big shot single transaction $NXPC arbitrage $1.2m, bribed 98BNB." - Twitter/X Translated] (Accessed Aug 1, 2025)</ref>

<ref name="qashnfttweet-20849">[https://twitter.com/qash_NFT/status/1922946060504175081 QASH_NFT - "Reflecting a bit on this Maple listing battle ($NXPC) from an Atomic Botter perspective. The top player paid 10 million yen in fees and made a profit of 200 million yen. i) Since the operator wallet launched the token on Avalanche and showed behavior likely to use LFJ's DEX, I created a contract for sniping." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccontract-20850">[https://bscscan.com/address/0xf2b51cc1850fed939658317a22d73d3482767591 NXPC Smart Contract - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccreation-20851">[https://bscscan.com/tx/0xa276469e334c26009e3a80b4e6653242d71a07cf6a558ca1ee028ff6d1b6e374 NXPC Smart Contract Creation - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccoinmarketcap-20852">[https://coinmarketcap.com/currencies/maplestory-universe/ Maplestory Universe - CoinMarketCap] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccoingecko-20853">[https://www.coingecko.com/en/coins/nexpace NXPC Price History - CoinGecko] (Accessed Aug 1, 2025)</ref>

<ref name="msuhomepage-20854">[https://www.msu.io/ MapleStory Universe Homepage] (Accessed Aug 1, 2025)</ref>

<ref name="blogmexc-20855">[https://blog.mexc.com/what-is-nxpc-maplestory-universe/ What is NXPC? Complete Guide to MapleStory Universe - MEXC Blog] (Accessed Aug 1, 2025)</ref>

<ref name="phemexacademy-20856">[https://phemex.com/academy/what-is-nxpc-maplestory-universe-game-changing-token-explained What Is NXPC? MapleStory Universe’s Game-Changing Token Explained - Phemex Academy] (Accessed Aug 1, 2025)</ref>

<ref name="maplestorytwitterx-20857">[https://twitter.com/maplestoryu MapleStory Universe - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="maplestoryuniversemedium-20858">[https://medium.com/maplestory-universe/the-nxpc-token-economy-30215315ea38 The NXPC Token Economy: Redefining Reward Experience - MapleStory Universe Medium] (Accessed Aug 1, 2025)</ref>

<ref name="polygonlabs-20859">[https://polygon.technology/blog/an-inside-look-at-maplestory-universe-nexons-web3-project Inside MapleStory Universe: Nexon’s Web3 Vision - Polygon Labs] (Accessed Aug 1, 2025)</ref>

<ref name="web3games-20860">[https://web3game.com/games/maple-story-universe MapleStory Universe Game Tokenomics & NXPC Overview - Web3Games] (Accessed Aug 1, 2025)</ref>

<ref name="bingxzendesk-20861">[https://bingxservice.zendesk.com/hc/en-001/articles/11273519895823-Understanding-MapleStory-Universe-A-Comprehensive-Guide Understanding MapleStory Universe: A Comprehensive Guide - BingX (Zendesk)] (Accessed Aug 1, 2025)</ref>

<ref name="maplestoryuniversemedium-20862">[https://medium.com/maplestory-universe/leaders-note-maplestory-universe-is-just-the-first-step-toward-the-multiverse-we-envision-c2f5a80b5767 <nowiki>[Leaders’ Note] MapleStory Universe Is Just the First Step Toward the Multiverse We Envision - MapleStory Universe Medium</nowiki>] (Accessed Aug 1, 2025)</ref>

<ref name="borderlessworld-20863">[https://medium.com/%40MaplestoryU/a-borderless-world-maplestory-universe-e29c53538361 A Borderless World: MapleStory Universe - MapleStory Universe Medium] (Accessed Aug 1, 2025)</ref></references>

MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity

2025-08-27T21:38:45Z

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/maplestoryuniversenxpcpancakeswaparbitrageopportunity.php}} {{Unattributed Sources}} MapleStory Universe Logo/Homepage<ref name="tenarmortweet-20846" /><ref name="bscscantransaction-20847" /><ref name="soong1911tweet-20848" /><ref name="qashnfttweet-20849" /><ref name="nxpccontract-20850" /><ref name="nxpccreation-20851" /><ref name="nxpccoinmarketca..."

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/maplestoryuniversenxpcpancakeswaparbitrageopportunity.php}}
{{Unattributed Sources}}

[[File:Maplestoryuniverse.jp|thumb|MapleStory Universe Logo/Homepage]]<ref name="tenarmortweet-20846" /><ref name="bscscantransaction-20847" /><ref name="soong1911tweet-20848" /><ref name="qashnfttweet-20849" /><ref name="nxpccontract-20850" /><ref name="nxpccreation-20851" /><ref name="nxpccoinmarketcap-20852" /><ref name="nxpccoingecko-20853" /><ref name="msuhomepage-20854" /><ref name="blogmexc-20855" /><ref name="phemexacademy-20856" /><ref name="maplestorytwitterx-20857" /><ref name="maplestoryuniversemedium-20858" /><ref name="polygonlabs-20859" /><ref name="web3games-20860" /><ref name="bingxzendesk-20861" /><ref name="maplestoryuniversemedium-20862" /><ref name="borderlessworld-20863" />

== About MapleStory Universe ==
MapleStory Universe (MSU) is a blockchain-powered metaverse ecosystem built around Nexon’s iconic MapleStory IP. Rather than being a single game, it’s a decentralized virtual world where multiple interconnected applications and mini-games share the same assets and economic systems. All in-game items—including characters, cosmetics, and weapons—are transformed into NFTs with fixed total supplies, enabling true ownership, cross-application transfer, and player-driven marketplaces).

At its core is MapleStory N, a brand-new blockchain-infused version of MapleStory, offering item scarcity, NFT rewards, and a revamped in-game economy free of the traditional cash shop model. This is joined by MapleStory N Mobile (a mobile version with cross-platform interoperability), MapleStory N Worlds (a sandbox creation platform for user-generated content), and the MapleStory N SDK—a suite of developer tools enabling creators to design new games or apps within the ecosystem.

The broader ambition behind MSU is to pioneer what Nexon calls “Reward Experience (RX)”—a decentralized model in which players, creators, and developers are incentivized and rewarded through transparent blockchain economics. By basing the ecosystem on the NEXPACE Protocol, MSU aims to expand beyond MapleStory into a multi-IP multiverse where interoperability, user contribution, and shared governance define future value. Chainlink VRF, Avalanche (and Polygon Supernet) support ensure fast, fair, and scalable operations across the ecosystem.
== About NXPC Token ==
NXPC is the native utility token of MapleStory Universe, a blockchain-based Layer 1 ecosystem created by Nexon to reimagine its iconic MMORPG franchise using Web3 technologies. Designed to fuel a new “Reward Experience” (RX) system, NXPC serves as the backbone of a digital economy where scarcity and utility of in-game items are preserved through tokenization. With a fixed supply of 1 billion tokens, NXPC supports item rarity and economic sustainability via NXPC Fission (exchanging tokens for NFT item sets) and Item Fusion (redeeming NFTs back into tokens), allowing organic regulation of supply based on demand.

NXPC works alongside two other elements—NFTs and NESO (the in-game token)—to maintain a balanced and interoperable economy. Its halving distribution model (similar to Bitcoin’s) gradually reduces token emissions over time, rewarding early contributors while preserving long-term scarcity. The token fuels trading, content creation, NFT utility, and even gas fees within MapleStory Universe’s blockchain. NXPC’s dynamic exchange mechanisms and cross-application interoperability ensure that game items retain significance and value across the entire ecosystem—not just within one game.

NXPC’s most ambitious goal is to evolve MapleStory into a creator-driven, community-powered economy. Developers can use the MapleStory Universe SDK to build new apps and games while earning NXPC through a contribution mechanism based on impact. As the project matures, NXPC is also expected to enable decentralized governance. Its use cases include powering NFT marketplaces, enhancing in-game strategies via dynamic reward systems, and ensuring fair, transparent token circulation. Backed by MapleStory’s global brand and 250M+ player legacy, NXPC is positioned as a pioneering example of how blockchain can enhance traditional gaming models.

== The Reality ==
The NPXU token launch was highly anticipated.

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity
!Date
!Event
!Description
|-
|May 14th, 2025 11:55:20 PM MDT
|Blockchain Transaction Happens
|The arbitrage transaction is accepted by the Binance Smart Chain.
|-
|May 15th, 2025 12:37:00 AM MDT
|TenArmor Posts About Transaction
|TenArmor posts on Twitter/X about the arbitrage exploit.
|}

== Technical Details ==
An MEV bot (automated smart contract) spotted a significant price discrepancy for the NXPC token between two different PancakeSwap V3 liquidity pools on the BSC network. Because these pools had diverging prices—something that shouldn't persist in a healthy market—the bot performed a cross-pool arbitrage to buy low in one pool and sell high in the other. This operation resulted in a $1.2 million profit.

To ensure its transaction was executed ahead of any other bots or users who may have noticed the same opportunity, the bot paid a 97 BNB “bribe” (roughly $50,000–$60,000 depending on BNB price at the time) to the block builder or validator who produced the block containing the transaction. This is common in MEV transactions to outbid competitors in the transaction mempool or private relays.

== Total Amount Lost ==
Profit from the arbitrage was reported as $1.2m.

The total amount lost has been estimated at $1,200,000 USD.

== Immediate Reactions ==
The incident was reported on by TenArmor and a couple of other Twitter/X users.

== Ultimate Outcome ==
The MEV bot gained a profit of $1.2m USD.

== Total Amount Recovered ==
Given that this was not the result of any crime or fraud, it is unlikely to be recovered.

There do not appear to have been any funds recovered in this case.

== Ongoing Developments ==
There is nothing remaining to learn about here.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="tenarmortweet-20846">[https://twitter.com/TenArmorAlert/status/1922904270145454208 TenArmor - "An MEV bot captured a large arbitrage opportunity involving the #NXPC token due to a price misalignment between two PancakeSwapV3 pools of the $NXPC token on #BSC, earning a profit of $1.2M with a 97 BNB bribe to the builder." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="bscscantransaction-20847">[https://bscscan.com/tx/0xfc3b21235e96c947d797ead76fd0a33f0b3ff6d03990d36f7b62e62eb6e8b96e Arbitrage Exploit Transaction - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="soong1911tweet-20848">[https://twitter.com/soong1911/status/1922930142717911044 Soong1911 - "Big shot single transaction $NXPC arbitrage $1.2m, bribed 98BNB." - Twitter/X Translated] (Accessed Aug 1, 2025)</ref>

<ref name="qashnfttweet-20849">[https://twitter.com/qash_NFT/status/1922946060504175081 QASH_NFT - "Reflecting a bit on this Maple listing battle ($NXPC) from an Atomic Botter perspective. The top player paid 10 million yen in fees and made a profit of 200 million yen. i) Since the operator wallet launched the token on Avalanche and showed behavior likely to use LFJ's DEX, I created a contract for sniping." - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccontract-20850">[https://bscscan.com/address/0xf2b51cc1850fed939658317a22d73d3482767591 NXPC Smart Contract - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccreation-20851">[https://bscscan.com/tx/0xa276469e334c26009e3a80b4e6653242d71a07cf6a558ca1ee028ff6d1b6e374 NXPC Smart Contract Creation - BSCScan] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccoinmarketcap-20852">[https://coinmarketcap.com/currencies/maplestory-universe/ Maplestory Universe - CoinMarketCap] (Accessed Aug 1, 2025)</ref>

<ref name="nxpccoingecko-20853">[https://www.coingecko.com/en/coins/nexpace NXPC Price History - CoinGecko] (Accessed Aug 1, 2025)</ref>

<ref name="msuhomepage-20854">[https://www.msu.io/ MapleStory Universe Homepage] (Accessed Aug 1, 2025)</ref>

<ref name="blogmexc-20855">[https://blog.mexc.com/what-is-nxpc-maplestory-universe/ What is NXPC? Complete Guide to MapleStory Universe - MEXC Blog] (Accessed Aug 1, 2025)</ref>

<ref name="phemexacademy-20856">[https://phemex.com/academy/what-is-nxpc-maplestory-universe-game-changing-token-explained What Is NXPC? MapleStory Universe’s Game-Changing Token Explained - Phemex Academy] (Accessed Aug 1, 2025)</ref>

<ref name="maplestorytwitterx-20857">[https://twitter.com/maplestoryu MapleStory Universe - Twitter/X] (Accessed Aug 1, 2025)</ref>

<ref name="maplestoryuniversemedium-20858">[https://medium.com/maplestory-universe/the-nxpc-token-economy-30215315ea38 The NXPC Token Economy: Redefining Reward Experience - MapleStory Universe Medium] (Accessed Aug 1, 2025)</ref>

<ref name="polygonlabs-20859">[https://polygon.technology/blog/an-inside-look-at-maplestory-universe-nexons-web3-project Inside MapleStory Universe: Nexon’s Web3 Vision - Polygon Labs] (Accessed Aug 1, 2025)</ref>

<ref name="web3games-20860">[https://web3game.com/games/maple-story-universe MapleStory Universe Game Tokenomics & NXPC Overview - Web3Games] (Accessed Aug 1, 2025)</ref>

<ref name="bingxzendesk-20861">[https://bingxservice.zendesk.com/hc/en-001/articles/11273519895823-Understanding-MapleStory-Universe-A-Comprehensive-Guide Understanding MapleStory Universe: A Comprehensive Guide - BingX (Zendesk)] (Accessed Aug 1, 2025)</ref>

<ref name="maplestoryuniversemedium-20862">[https://medium.com/maplestory-universe/leaders-note-maplestory-universe-is-just-the-first-step-toward-the-multiverse-we-envision-c2f5a80b5767 <nowiki>[Leaders’ Note] MapleStory Universe Is Just the First Step Toward the Multiverse We Envision - MapleStory Universe Medium</nowiki>] (Accessed Aug 1, 2025)</ref>

<ref name="borderlessworld-20863">[https://medium.com/%40MaplestoryU/a-borderless-world-maplestory-universe-e29c53538361 A Borderless World: MapleStory Universe - MapleStory Universe Medium] (Accessed Aug 1, 2025)</ref></references>