Terraport Finance, a decentralized finance (DeFi) platform on the Terra Classic network, has lost over $2 million worth of digital assets through an exploit on its liquidity wallet. According to an announcement from the project’s official Twitter handle on April 10, the Terraport team is still investigating the hack and trying to secure the protocol....Read More
The blockchain security resource PeckShield was the first to inform about the exploit against SushiSwap’s approval contract. According to the firm, all 1,800 ETH (worth about $3.3 million) were drained from a single user – @0xsifu. The “RouterProcessor2” contract in question is used to execute trade routing on the popular decentralized exchange. It seems the...Read More
The multichain token bridge Allbridge, which was recently hacked, said that 1,500 BNB (worth around $465,000) was returned to its team. The rest of the funds will be considered a white hat bounty to the exploiter, according to the statement. The cross-chain bridge enables digital asset transfer from one blockchain network to another via liquidity...Read More
The exploiter behind the multi-million dollar Euler Finance attack has returned all recoverable funds, the decentralized finance (DeFi) lending protocol announced Tuesday. In a Twitter post, the project’s development team disclosed that the hacker returned all the funds after successful negotiations. Euler Finance Receives Stolen Funds Recall that Euler lost roughly $200 million on March...Read More
The blockchain security company – PeckShield – outlined that wrongdoers siphoned $211.5 million worth of cryptocurrencies last month via 26 attacks. The Euler Finance exploit accounted for the bigger part of the amount after hackers stole $197 million in staked ETH, USDC, wrapped BTC, and DAI. March Was Not All Sunshine and Roses The revival...Read More
A large Ethereum MEV bot was targeted in a sandwich attack on Sunday, netting an attacking validator roughly $25 million in funds. A sandwich attack is when an attacker places a large trade on either side of a target’s transaction, manipulating the price and profiting from the price change. In this case, the money was...Read More
Decentralized finance (DeFi) project SafeMoon saw its liquidity pool (LP) compromised on Tuesday through a public token bug, with the attacker draining wrapped BNB (WBNB) from the protocol. SafeMoon announced the attack on Twitter, disclosing it was working to resolve the issue as soon as possible. However, the platform did not share details of the...Read More
The hacker behind DeFi protocol Euler Finance’s $200 million exploit earlier this month has publicly communicated through the blockchain to apologize for his crime. The exploiter, going by the name “Jacob,” has gradually been returning funds related to the hack, now totalling $177 million. In an encoded blockchain message on Monday, the hacker promised to...Read More
The hacker behind the largest DeFi exploit of 2023 continues to demonstrate controversial behavior, as this time, they returned the majority of the funds stolen from Euler Finance. In two separate transactions, the perpetrator sent back over $100 million worth of ETH to the protocol. CryptoPotato reported the flash loan attack, which took place earlier...Read More
Omniscia, the auditing partner of Euler Finance, has released a post-mortem report on the same which stated that the vulnerability that was exploited by the malicious hackers originated from the decentralized finance lending protocol’s incorrect donation mechanism that failed to account for the donator’s debt health. The vulnerable code introduced in eIP-14 brought about several...Read More
As if the traditional banking system isn’t causing enough troubles, a DeFi lending protocol called Euler Finance was also hit by a flash-loan attack. The damage equates to almost $200 million worth of staked ether, USDC, wrapped BTC, and DAI. Euler Finance is a decentralized lending protocol that was most recently exploited for a whopping...Read More
Decentralized proof-of-stake (PoS) blockchain Hedera finally confirmed a security breach. In an update, the team behind the platform revealed that attackers managed to exploit the Smart Contract Service code of the protocol’s mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own. It said the root cause of the issue has...Read More
The hacker who stole $1.59 million worth of crypto assets from Arbitrum-based decentralized finance (DeFi) lending platform Tender.fi has returned nearly all the funds, keeping roughly $97,000 as a bounty reward. Tender.fi was exploited on the morning of March 7, with the project’s official Twitter handle confirming the incident in a tweet a few minutes...Read More
The hacker of the DeFi project – Uranium Finance – started moving 2,250 ETH, worth approximately $3.35 million, in stolen funds into the popular coin mixer, TornadoCash. The movement of funds from the wallet was detected by the blockchain security firm, PeckShield, on March 7th. Data from Etherscan reveals that the hacker transferred the funds...Read More
Algorand-based wallet provider MyAlgo has cautioned users to withdraw assets from all wallets created with a mnemonic phrase as the company continues investigating an exploit that led to a $10 million loss. The wallet provider tweeted on February 26, warning users that “a targeted attack was carried out against a group of high-profile MyAlgo accounts.”...Read More
Lendhub, a relatively small cross-chain crypto lending platform operating on HECO, was exploited to the tune of $6 million dollars earlier this January. Attack Possible Solely Due to Poor Coding The attack was carried out due to a poorly-executed removal of a deprecated IBSV cToken. Its replacement, which was already active, had an identical price...Read More
The Solana-based Wormhole Bridge was hacked for $325 million after the attacker managed to exploit a security flaw, making it one of the largest exploits in crypto history. A year later, a group of white hats, along with two crypto firms, launched a “counter-exploit” against the malicious entities and clawed back a portion of stolen...Read More
Avraham Eisenberg, the 27-year-old Puerto Rico man who made over $100 million by exploiting the decentralized finance (DeFi) protocol Mango Markets in October 2022, is seeking to keep part of the funds as a bug bounty. In a court document filed at the US District Court for the Southern District of New York on Wednesday,...Read More
It’s been over half a year since the Harmony bridge was breached, allowing hackers believed to be a part of the Lazarus Group to make off with about $100 million in cryptocurrencies at the time they were stolen. Multiple Cashout Attempts Nearly $91 million of those funds have seen attempted cashouts so far. The most...Read More
The hacker who exploited Solana’s cross-chain bridge Wormhole a year ago has moved another $61 million in ether (ETH) of the stolen funds. Blockchain security firm PeckShield disclosed Sunday that the exploiter moved some of the assets to the Ethereum-based decentralized protocol MakerDAO. Wormhole Attacker Moves Stolen Funds Again Recall that Wormhole Bridge was exploited...Read More
Decentralized finance (DeFi) protocol dForce has suffered a reentrancy vulnerability attack leading to the loss of $3.6 million worth of crypto assets. The attacker targeted the protocol’s vault on the automated market maker (AMM) platform Curve Finance, which operates on the Arbitrum and Optimism blockchains. dForce Exploited for $3.65M The hack was first flagged by...Read More
Trust Wallet – a multi-chain crypto wallet provider – provided a statement on Wednesday explaining recent events allowing for $4 million to be stolen from one of its users. The company chalked the theft’s cause up to a social engineering attack by an organized crime unit in Rome, rather than a flaw in its software. ...Read More
Decentralized finance (DeFi) protocol CoW Swap has suffered a smart contract exploit, leading to the loss of approximately 551 BNB ($181,600). According to reports, the attacker added a wallet address as a “solver” of CoW Swap and invoked a transaction to approve DAI transfers to SwapGuard before moving the assets to other addresses. A Settlement...Read More
Orion Protocol – a liquidity aggregator for both CeFi and DeFi exchanges – saw its core contract hacked on Thursday across both its Ethereum and Binance Smart Chains (BSC) deployments. The hacker netted over 1700 ETH, cumulatively worth over $3 million at writing time. Another Reentrancy Hack As explained by the blockchain security company PeckShield...Read More
Self-sovereign financial services provider BonqDAO has been exploited through an oracle hack leading to the theft of $110 million in crypto from the protocol. During the exploit, the attacker managed to manipulate the price of AllianceBlock wrapped tokens (wALBT) and made away with 100 million wALBT worth over $10 million. What Happened? An analysis by...Read More
2022 can easily be considered the worst year when it comes to securing cryptocurrencies, as projects suffered a series of devastating hacks and exploits. According to the latest Chainalysis report shared with CryptoPotato, $3.8 billion was stolen from cryptocurrency businesses, with decentralized finance (DeFi) being the primary target. March and October saw huge spikes, with...Read More
Late last night, the attackers behind the Harmony exploit back in June 2022 attempted to cash out another batch of their ill-begotten ETH gains. Following the 41k ETH laundered via TornadoCash and Railgun two weeks ago, worth about 63.5 million at the time, the North Korean Lazarus Group made an attempt at laundering another $27.7...Read More
Mango Markets’ exploiter Avraham Eisenberg was hit with a lawsuit by Mango Labs, the company behind the DeFi protocol, for $47 million in damages. The Wednesday filing with the United States District Court for the Southern District of New York alleges that Eisenberg executed a malicious attack on Mango Markets by manipulating the native token,...Read More
As we’ve seen over the years, blockchains aren’t quite as secure as some pretend they are. Rather, although the technology is one of the most secure ways of storing data available to the public, poor coding, social engineering, and the like can still allow bad actors to take advantage of unwary victims. Guessing Games In...Read More
Robinhood is a platform well-known for its user-friendly approach to stocks, allowing them to make investments quickly in a variety of ways. It also enables them to buy crypto and is a household name among such investors. However, Robinhood is primarily a stock trading platform and, as such, does not have a proprietary cryptocurrency. That...Read More
