hack

DeFi lending protocol CREAM Finance has been exploited for over $100M, according to data compiled by security firm Peckshield. 

Lossless is the first DeFi hack mitigation tool for token creators. Lossless Protocol freezes fraudulent transaction based on a set of fraud identification parameters and returns stolen funds back to the owner’s account.

DODO, a crypto exchange with contracts on both Binance’s Smart Chain and Ethereum, has suffered a $2.1M hack. The hacker attacked DODO’s Crowdpools, which the project launched in February as part of their version 2 (V2). “On March 8, Several DODO V2 Crowdpools were attacked. WSZO, WCRES, ETHA, and FUSI pools were impacted, while AC…

Last weekend Alpha Finance was hacked to the tune of $37m but this was a hack so specific and well-informed it was immediately assumed to have been an inside job. Have you ever wondered what happens when a hack goes down, or how a perpetrator can successfully escape with the money?

ArmorFi’s CTO Robert Forster is partnering with bug bounty platform Immunefi to personally offer the equivalent of $320k to anyone who can find a critical smart contract bug in any Ethereum ecosystem project. The program, which is hosted on Immunefi and called the R Bounty, is designed to encourage responsible disclosure of critical vulnerabilities. The…

DeFi experienced one of its more complex exploits over the weekend. An attack which resulted in ~$37.5M drained from CREAM Finance’s Iron Bank using Alpha Homora’s leveraged debt. An attacker was able to use Alpha’s sUSD contracts which had not yet been released to the public or made available in the UI to act as…

Yearn Finance, the yield aggregator protocol which suffered the first major hack of 2021 last week, is healing, making its Dai savings smart contract available to users again, and compensating victims of its recent hack. Yearn has restored its yDAI vault and returned $9.7M in DAI funds to users who had their stablecoins deposited in…

Yearn Finance, the yield aggregation protocol founded by Andre Cronje, has been hacked. One of the platform’s so-called vaults lost $11M, and the attacker got away with $2.8M.   It’s the first DeFi hack of the year, after $100M worth of attacks in the sector last year, according to a report by Ciphertrace. About half of…

DeFi’s rising insurance protocol Cover Finance was exploited for $9.4M worth of user funds after a group of hackers used a faulty smart contract to mint quadrillions of COVER tokens. Cover Finance allows users to buy smart contract protection on supported DeFi protocols by buying CLAIM tokens that can be redeemed in the event of…

Crypto hardware wallet provider Ledger had thousands of its users’ sensitive information leaked to the public this weekend. The data breach that occurred in June was brought to light after a public hacker shared the stolen data on leaking site Raidforum, after months of it supposedly ‘selling for six figures’ on dark marketplaces. The proprietary…

Investors are depositing millions into new DeFi protocols launched by anonymous developers, at times only to be wiped away in a hack.   The latest to suffer that unfortunate fate is Warp Finance.  Promising to be a money market where users can borrow and lend tokens and stablecoins representing liquidity in automated market makers, Warp rapidly…

Another week, another hack… what have we learned this time?

The latest affected project in a series of DeFi exploits is Pickle Finance – an automated yield aggregator with a mission to make stablecoins stable. Over the weekend, a hacker was able to exploit Pickle’s code to transfer $19M worth of Dai to an ‘Evil Jar’, leaving most LP’s in a pickle. The project allows…

After five attacks and millions of dollars lost due to an exploit, this week we’re diving deep into the mechanism behind what made this possible: Flash Loans. Some called it a magnificent attack, some called it art. But there are other important questions to be asked: were the flash loan attack prevention, fake token attack…

Hackers were able to drain $16.4 million in ETH and Dai from DeFi projects Akropolis, Value DeFi Protocol, and Origin Protocol using flash loans, just in the past week. Value DeFi Attack An attacker on Value DeFi swapped flash-loaned ETH for DAI and USDT, deposited part of the flash-loaned DAI into Value DeFi’s multi-stablecoin vault. They…

Harvest Finance, one of the latest DeFi projects to ride on the waning yield farming wave, was exploited over the weekend, shortly after its total value locked crossed the $1B mark. The hacker was able to drain $33.8M worth of stablecoins. Users can deposit a variety of stablecoins and governance tokens in the Harvest platform…

The latest ‘test in prod’ experiment from Yearn founder Andre Cronje has many degen traders questioning their YOLO nature following a flash loan attack of contracts which hadn’t been officially released to the public yesterday afternoon. Eminence Finance, an NFT gaming ecosystem which was still in development, was exploited by a hacker who stole $15M...

bZx had relaunched just two weeks ago, highlighting its increased focus on security after attackers were able to make $900k in two exploits earlier this year. Last night, it was exploited once more. The hacker was able to duplicate tokens received in exchange for deposits in the protocol, called iTokens, and then use those iTokens…