Social money issuer Roll was hacked for nearly $5.7M of creator tokens held in hot wallets on the platform over the weekend. Using Roll’s private keys, the hacker made off with tokens from 400+ creators on the platform. They immediately sold into Uniswap pools created around the vulnerable social tokens and transferred the ETH via…

DODO, a crypto exchange with contracts on both Binance’s Smart Chain and Ethereum, has suffered a $2.1M hack. The hacker attacked DODO’s Crowdpools, which the project launched in February as part of their version 2 (V2). “On March 8, Several DODO V2 Crowdpools were attacked. WSZO, WCRES, ETHA, and FUSI pools were impacted, while AC…

DeFi experienced one of its more complex exploits over the weekend. An attack which resulted in ~$37.5M drained from CREAM Finance’s Iron Bank using Alpha Homora’s leveraged debt. An attacker was able to use Alpha’s sUSD contracts which had not yet been released to the public or made available in the UI to act as…

Yearn Finance, the yield aggregator protocol which suffered the first major hack of 2021 last week, is healing, making its Dai savings smart contract available to users again, and compensating victims of its recent hack. Yearn has restored its yDAI vault and returned $9.7M in DAI funds to users who had their stablecoins deposited in…

Yearn Finance, the yield aggregation protocol founded by Andre Cronje, has been hacked. One of the platform’s so-called vaults lost $11M, and the attacker got away with $2.8M.   It’s the first DeFi hack of the year, after $100M worth of attacks in the sector last year, according to a report by Ciphertrace. About half of…

DeFi’s rising insurance protocol Cover Finance was exploited for $9.4M worth of user funds after a group of hackers used a faulty smart contract to mint quadrillions of COVER tokens. Cover Finance allows users to buy smart contract protection on supported DeFi protocols by buying CLAIM tokens that can be redeemed in the event of…

Investors are depositing millions into new DeFi protocols launched by anonymous developers, at times only to be wiped away in a hack.   The latest to suffer that unfortunate fate is Warp Finance.  Promising to be a money market where users can borrow and lend tokens and stablecoins representing liquidity in automated market makers, Warp rapidly…

The latest affected project in a series of DeFi exploits is Pickle Finance – an automated yield aggregator with a mission to make stablecoins stable. Over the weekend, a hacker was able to exploit Pickle’s code to transfer $19M worth of Dai to an ‘Evil Jar’, leaving most LP’s in a pickle. The project allows…

Hackers were able to drain $16.4 million in ETH and Dai from DeFi projects Akropolis, Value DeFi Protocol, and Origin Protocol using flash loans, just in the past week. Value DeFi Attack An attacker on Value DeFi swapped flash-loaned ETH for DAI and USDT, deposited part of the flash-loaned DAI into Value DeFi’s multi-stablecoin vault. They…

Many decentralized finance applications broke down earlier today after a series of unfortunate events resulted in an outage on a key piece of Ethereum infrastructure.  The main lesson of the day is that a *decentralized* financial system shouldn’t be so reliant on a single provider.  Here’s what happened: Developers of Ethereum client Geth —one of…