$3’312.8M in Ponzi, Scam in EOS/NEM/..13’162’579 ETH1,652,064 BTC

  • 513,774 ETH (Parity)
  • 12,000 ETH lost in typos 
  • 5,617,135 BTC

  • All
  • Altcoins
  • Attack
  • Bitcoin
  • Burned
  • DeFi
  • Ethereum
  • Exchanges
  • Hacks
  • Lost
  • Ponzi
  • Scam
  • SIM-swapping
  • Theft
  • October 26, 2020 - Harvest Finance (FARM) $34 million stolen funds

    The attacker used a flash loan to artificially deflate prices of stablecoins Tether and USDC on Harvest—and then snatch the tokens up at bargain-basement prices from liquidity pools. Attack essentially was. Harvest referred to it as “theft” within its attack post-mortem as the asset values had been manipulated. Source

  • October 2, 2020 - Kucoin Hack $275 million

    According to Chainalysis’ report, investigators have managed to track the whereabouts of the stolen funds, with an estimated 1,008 BTC being held in two separate addresses. Apart from Bitcoin, the hackers have stolen various other crypto assets, including:

    • 11,543 ETH ($4,030,957.90)
    • 19,834,042 USDT-ETH ($19,834,042.14)
    • 18,495,798 XRP ($4,254,547.54)
    • 26,733 LTC ($1,238,539.89)
    • 999,160 USDT ($999,160)
    • $147 million worth of ERC-20 tokens
    • $87 million of Stellar tokens

    Source: Chainalysis 

  • September 11, 2020 - Yfdex.Finance (Yfdex) exit scam $20 million

    Yfdex.Finance (Yfdex), a new liquidity mining pool, has reportedly exit scammed, making off with up to $20 million of investors’ funds. The decentralized finance (Defi) project convinced people to hand over their life savings following just two days of aggressive marketing on social media, and then disappeared without a trace. Source

  • August 5, 2020 - Ethereum Classic 51% Attack 807,260 ETC

    A report published by Aleksey Studnev of blockchain forensics firm Bitquery on August 5 has revealed the extent of the incident, with Bitquery estimating that the attacker made off with 807,260 ETC. Source: https://blog.bitquery.io/attacker-stole-807k-etc-in-ethereum-classic-51-attack

  • August 4, 2020 - Opyn ETH Put contract hack $370,000

    Attackers have exploited a vulnerability in the Opyn ETH Put contract. One of the first members of Crypto Twitter to report on the theft, DegenSpartan, stated on Aug. 4 that the traders used flash loans to buy Ethereum Put oTokens (oETH) from Uniswap. They then reportedly chose an ERC20 token — in this case, USD Coin (USDC) — as collateral and exercised the trading option. The result was reportedly a double transfer which effectively “stole” the collateral. According to blockchain records, the attackers received both their original Ethereum (ETH) deposits and USDC options. Source https://twitter.com/DegenSpartan/status/1290699622013231104 

  • June 30, 2020 - Balancer pools (again) drained of more than 10.8 ETH

    DeFi platform Balancer was a second time attacked. Hacker claimed about $2,300 worth of Compound tokens (COMP).

    The attack involved flash loans from both dYdX and Uniswap. The hacker loaned more than $33 million that was used to generate cTokens representing ownership in a Compound pool. Source

  • June 29, 2020 - Balancer pools drained of more than $450,000

    Two multi-token pools on DeFi platform Balancer were drained of ~$450,000 on June 29. The attacker conducted the attack in two separate flashloan transactions by draining one liquidity pool until close to zero, and then using that pool to attack another pool and draining the ETH for cheap.  The attacker drained 601.3 ETH, 11.36 WBTC, 22,593 LINK, and 60,915 SNX. Loss is estimated at around $450,000 at the time of the attack. Source

  • June 12, 2020 - Mr. Shin multi-level marketing scheme $41.5M

    Per reports from KBS and Joongang Ilbo, the ring made use of multi-level marketing (MLM) or pyramid tactics, and police believe some 1,500 people may have handed over cryptoassets to operators that they say they can no longer access. Source KBS and  Joongang Ilbo

  • April 19, 2020 - dForce hack $25 million

    the money was drained on 19 April 2020 from the contracts of Lendf.Me, a lending protocol that’s part of dForce, a collection of DeFi protocols. The money was taken due to a known renetrancy bug in ERC777.

    The Lendf.Me attacker  was 0xa9bf70a420d364e923c74448d9d817d3f2a77822

    AN in depth analysis can be read here https://medium.com/@slowmist/slowmist-details-of-lendf-me-reentrancy-attack-3e168ab5f2b1 

    The hackers got away with $25 million and even send some money back ($126,014) with a cheeky message: “Better luck next time”.


  • March 12, 2020 - MakerDAO: $8.32 million was liquidated for 0 DAI

    • Maker DAO liquidations on March 12 and 13 resulted in protocol losses of 5.67 million DAI
    • This happened due to the opportunity to win liquidation auctions with zero bids, which was 36% of all liquidations
    • The greatest Vault has lost ~35 000 ETH whereas the most successful liquidator has had a profit of 30 000 ETH
    • $8.32 million was withdrawn through zero bids auctions in total