hack

You stole $37M, now what? The $CREAM $ALPHA exploit unpacked

You Stole $37M, Now What? The $CREAM $ALPHA Exploit Unpacked

Last weekend Alpha Finance was hacked to the tune of $37m but this was a hack so specific and well-informed it was immediately assumed to have been an inside job. Have you ever wondered what happens when a hack goes down, or how a perpetrator can successfully escape with the money?

DeFi Dev Offers $320k to Whoever Finds Critical Bug in Ethereum Dapp

ArmorFi’s CTO Robert Forster is partnering with bug bounty platform Immunefi to personally offer the equivalent of $320k to anyone who can find a critical smart contract bug in any Ethereum ecosystem project. The program, which is hosted on Immunefi and called the R Bounty, is designed to encourage responsible disclosure of critical vulnerabilities. The …

DeFi Dev Offers $320k to Whoever Finds Critical Bug in Ethereum Dapp Read More »

Screen Shot 2021 02 16 at 3.16.06 PM

CREAM and Alpha Finance Get Hacked for $37.5M

DeFi experienced one of its more complex exploits over the weekend. An attack which resulted in ~$37.5M drained from CREAM Finance’s Iron Bank using Alpha Homora’s leveraged debt. An attacker was able to use Alpha’s sUSD contracts which had not yet been released to the public or made available in the UI to act as …

CREAM and Alpha Finance Get Hacked for $37.5M Read More »

YFI Logo

Yearn Restores yDAI Vault and Compensates Hack Victims

Yearn Finance, the yield aggregator protocol which suffered the first major hack of 2021 last week, is healing, making its Dai savings smart contract available to users again, and compensating victims of its recent hack. Yearn has restored its yDAI vault and returned $9.7M in DAI funds to users who had their stablecoins deposited in …

Yearn Restores yDAI Vault and Compensates Hack Victims Read More »

pirate flag

Yearn Loses $11M in 2021’s First DeFi Hack

Yearn Finance, the yield aggregation protocol founded by Andre Cronje, has been hacked. One of the platform’s so-called vaults lost $11M, and the attacker got away with $2.8M.   It’s the first DeFi hack of the year, after $100M worth of attacks in the sector last year, according to a report by Ciphertrace. About half of …

Yearn Loses $11M in 2021’s First DeFi Hack Read More »

Insurance Protocol Cover Exploited for $9.4M

DeFi’s rising insurance protocol Cover Finance was exploited for $9.4M worth of user funds after a group of hackers used a faulty smart contract to mint quadrillions of COVER tokens. Cover Finance allows users to buy smart contract protection on supported DeFi protocols by buying CLAIM tokens that can be redeemed in the event of …

Insurance Protocol Cover Exploited for $9.4M Read More »

lock

Ledger Data Hack Shows Crypto Storage is a Catch 22 

Crypto hardware wallet provider Ledger had thousands of its users’ sensitive information leaked to the public this weekend. The data breach that occurred in June was brought to light after a public hacker shared the stolen data on leaking site Raidforum, after months of it supposedly ‘selling for six figures’ on dark marketplaces. The proprietary …

Ledger Data Hack Shows Crypto Storage is a Catch 22  Read More »

Flash Loan Attacker Drains $8M From Warp Finance 

Investors are depositing millions into new DeFi protocols launched by anonymous developers, at times only to be wiped away in a hack.   The latest to suffer that unfortunate fate is Warp Finance.  Promising to be a money market where users can borrow and lend tokens and stablecoins representing liquidity in automated market makers, Warp rapidly …

Flash Loan Attacker Drains $8M From Warp Finance  Read More »

Evil Pickle Jars Makes Off with $20M

The latest affected project in a series of DeFi exploits is Pickle Finance – an automated yield aggregator with a mission to make stablecoins stable. Over the weekend, a hacker was able to exploit Pickle’s code to transfer $19M worth of Dai to an ‘Evil Jar’, leaving most LP’s in a pickle. The project allows …

Evil Pickle Jars Makes Off with $20M Read More »

Flash Loans and Attacks explained

Flash Loans, and Attacks – Explained

After five attacks and millions of dollars lost due to an exploit, this week we’re diving deep into the mechanism behind what made this possible: Flash Loans. Some called it a magnificent attack, some called it art. But there are other important questions to be asked: were the flash loan attack prevention, fake token attack …

Flash Loans, and Attacks – Explained Read More »

Pink Lightning

Flash Loan Hackers Drain $16M+ From DeFi Protocols in One Week

Hackers were able to drain $16.4 million in ETH and Dai from DeFi projects Akropolis, Value DeFi Protocol, and Origin Protocol using flash loans, just in the past week. Value DeFi Attack An attacker on Value DeFi swapped flash-loaned ETH for DAI and USDT, deposited part of the flash-loaned DAI into Value DeFi’s multi-stablecoin vault. They …

Flash Loan Hackers Drain $16M+ From DeFi Protocols in One Week Read More »

Screen Shot 2020 10 27 at 3.41.25 PM

Harvest Finance Grapples to Make Users Whole After ~$34M Hack

Harvest Finance, one of the latest DeFi projects to ride on the waning yield farming wave, was exploited over the weekend, shortly after its total value locked crossed the $1B mark. The hacker was able to drain $33.8M worth of stablecoins. Users can deposit a variety of stablecoins and governance tokens in the Harvest platform …

Harvest Finance Grapples to Make Users Whole After ~$34M Hack Read More »

Screen Shot 2020 09 29 at 6.19.42 PM

Andre Cronje Diehards Take “Test in Prod” Over The Edge With $15M Hack

The latest ‘test in prod’ experiment from Yearn founder Andre Cronje has many degen traders questioning their YOLO nature following a flash loan attack of contracts which hadn’t been officially released to the public yesterday afternoon. Eminence Finance, an NFT gaming ecosystem which was still in development, was exploited by a hacker who stole $15M …

Andre Cronje Diehards Take “Test in Prod” Over The Edge With $15M Hack Read More »

Hacker 1 1

bZx Hacked for $8M After Security-Focused Relaunch

bZx had relaunched just two weeks ago, highlighting its increased focus on security after attackers were able to make $900k in two exploits earlier this year. Last night, it was exploited once more. The hacker was able to duplicate tokens received in exchange for deposits in the protocol, called iTokens, and then use those iTokens …

bZx Hacked for $8M After Security-Focused Relaunch Read More »