SharedStake, a decentralized ETH2.0 Staking-as-a-Service protocol, is in disarray after a suspected inside job.  In a series of transactions on June 19 and June 23, a ‘rogue developer’ withdrew $500K worth of SGT, the project’s governance token, from the team’s allocation. These tokens were locked in a vesting contract and were meant to be unlocked…

Anyone in DeFi is probably familiar with the rug pull — the scam in which crypto developers abandon a project and vanish with investors’ tokens and funds. Now say hello to the “soft rug.” In this new breed of grift a project’s founders simply dump their tokens and exit a project instead of taking control…

A bug was discovered in the Alchemix Finance alETH contract on Wednesday morning, leaving the project undercollateralized by 2,688 ETH, or roughly $6.4M, as users were able to withdraw these funds without repaying their loans first. Alchemix Finance recently launched alETH, a synthetic yield derivative that lets DeFi users borrow 1 alETH for every 4…

xToken, a project which automates staking and liquidity strategies and wraps them into ERC-20 tokens, has been hacked to the tune of ~$25M. The attack resulted in xToken’s TVL dropping by roughly 30% to $63M, according to DeFi Llama. The xSNXa and xBNTa token contracts, for which xToken automates the staking strategies as well as…

Hey there! ? Welcome to the final part of the series. Give yourself a pat if you’ve made it so far! In this three-part series, we have provide a framework to help identify red flags in crypto projects. Part I analyzed tokenomics, Part II analyzes team, social media and backers and Part III will analyze…

While most of the DeFi community had their eyes glued to the ETH rally over the weekend, hackers took the opportunity to steal mooning assets through several protocol exploits. From Wednesday through Saturday, exploits occurred across three different protocols—Rari Capital, Value DeFi, and within Larva Labs’ Meebits NFT project—resulting in over $22M worth of stolen…

Let’s start with a story, Jean was just chilling on a Sunday afternoon and her phone buzzes, she picks up his phone and sees a bunch of messages by her friend who’s a so-called crypto expert.  After some more back and forth with her friend, she finds out that they offer 1% daily compound interest.…

Uranium Finance, an automated market maker on Binance Smart Chain, suffered its second hack this month, this time to the tune of $50M. The hack is due to a misstep in code modification which allowed the hacker to exchange one unit of an input token for 98% of the value as output according to Kyle…

EasyFi, a Compound Finance fork launched directly on the Polygon Layer 2 Network, suffered a major hack on Monday, losing over $60M of the project’s EASY tokens and also $6M of users’ provided liquidity. The hacker gained access to the project’s admin key, which allows developers to make changes to their protocol. The attack is…

Hackers compromised PancakeSwap’s and Cream Finance’s websites yesterday.  The Domain Name Service (DNS) attack modified the affected protocols’ website to display a request for the user’s seed phrase, which, if submitted, would compromise their entire account. PancakeSwap and Cream urged their users to stay away from their URLs as they scrambled to regain control of…