| Date | Protocol | Ecosystem | Protocol Type | Category | Subcategory | What happened | Value lost by protocol | Value gained by attacker | Source | Vulnerability Level |
|---|---|---|---|---|---|---|---|---|---|---|
| 09/06/2024 | Polymarket | Polygon | Prediction Market | Price manipulation | Spot liquidity | A derivative market of the main US presidential election market spawned, attracting enough liquidity to make manipulating the underlying market profitable for a motivated group. Whales unsuccessfully attempted to manipulate the underlying presidential market in order to profit on the derivative market. | https://x.com/Dumpster_DAO/status/1832148090452898235 | |||
| 07/29/2024 | Compound Finance | Ethereum | Lending | Governance exploit | Hostile takeover | Golden Boys voting bloc led by Humpy accumulated COMP tokens over several months and pushed a proposal for COMP to earn yield in a novel scheme, granting themselves an additional 500,000 COMP in the process, giving them de facto control over the DAO. | $25m | https://blockonomi.com/compound-finance-faces-controversy-over-24-million-proposal/ | ||
| 06/10/2024 | UwU Lend | BSC | Lending | Price Manipulation | Exploiter borrowed tokens to manipulate prices in several pools to get a lower price when borrowing, and a higher price for the same tokens on being liquidated. | $23m | https://rekt.news/uwulend-rekt/ | |||
| 02/23/2024 | Compound Finance | Ethereum | Lending | Oracle | Oracle configuration | Compound's fallback oracle was triggered by an anomolous but legitimate 40% intrablock spike in the $UNI price. The difference between the primary oracle Chainlink, and the fallback oracle - a TWAP on the $UNI Uniswap v2 pool - was above the threshold, the fallback oracle price was used for Compound loans. Arbitrage bots quickly created loans on Compound which led to around $3 million of bad debt. | $3m | https://x.com/uriklarman/status/1761062094600864025 | ||
| 1/22/2024 | Solana | Solana | L1 | MEV Bot | MEV | An MEV arbitrage bot operated by 2Fast was able to extract 1.8m USD in value from a WIF trader, based on a targeted strategy for the memecoin. | 1.8m USD | https://www.theblock.co/post/272079/solana-based-mev-bot-earns-1-8-million-after-back-running-memecoin-trader-in-seconds | ||
| 01/01/2024 | Synthetix | Ethereum | Perpetual | Market manipulation | OI cap denomination | The $TRB cap on Synthetix ballooned ~50x, from USD 250K (when set initially) to 12.5m USD at the pump's peak. The price was pumped across multiple exchanges, including Binance. The team set the OI caps denominated in TRB tokens, not the notional USD value amount, fully exposing the market to the $TRB pump. | $2m | $2m | https://twitter.com/omeragoldberg/status/1741654953691578737 | |
| 11/20/2023 | dYdX | Ethereum | Perpetual | Market manipulation | Spot liquidity | The attacker entered long positions on $YFI on dYdX and pushed up the price of $YFI on spot. The attacker withdrew unrealised profits and entered into more long positions. The price of $YFI 2x-ed but before the attacker could close their positions, $YFI crashed by 35% liquidating the attackers positions. The lack of liquidity led to dYdX covering the positions from their insurance fund | $9m | $11m | https://rekt.news/dydx-rekt/ https://dydx.exchange/blog/sushi-yfi-incident | |
| 10/11/2023 | Tangible | Polygon | Stablecoin | Stablecoin was backed by a mix of real estate and crypto collateral (DAI). A large series of DAI redemptions dropped the price far below peg. | 12m USD | 12m USD | https://blockworks.co/news/tangible-real-usd-illiquid-stablecoin-real-world-assets | |||
| 10/11/2023 | Synthetify | Solana | Governance | A combination of a low threshold to pass DAO proposals, a largely inactive DAO, and low token price anabled the exploiter to drain the Synthetify treasury. The exploiter purchased the minimum amount of tokens needed to guarantee an approved proposal (~$4000 USD or 1.25% of the total circulating supply of the token) and pushed a malicious proposal to give them the ability to send DAO treasury funds to themselves. | $230k | $230k | https://blockworks.co/news/solana-exploit-dao-hacker/ | |||
| 08/01/2023 | Circle | Ethereum | Vampire exploit | Tether is actively vampire attacking USDC. Since Tether has a 0.1% redemption fee but Circle has no redemption fee, Tether is buying USDC, redeeming them, and minting more USDT | https://twitter.com/DeFi_Made_Here/status/1687820451463024641 | |||||
| 06/13/2023 | Atlantis Loans | BSC | Governance exploit | Governance, upgradeable contract | The attacker pushed and voted through a governance proposal granting them control of Atlantis Loans’ token contracts. They then upgraded with their own malicious contracts, allowing them to transfer tokens from any address which still had active approvals to Atlantis contracts. | $1m | https://rekt.news/atlantis-loans-rekt/ | |||
| 05/29/2023 | Jimbo | Arbitrum | Stablecoin | Jimbo tried to make a rebalancing stablecoin. The attacker took a flash loan of 10k ETH to buy JIMBO tokens, inflating their price. A rebalance was triggered via the shift() function in the JimboController contract, draining all WETH liquidity and crashing JIMBO's price | $7.5m | $7.5m | https://rekt.news/jimbo-rekt/ | |||
| 05/22/2023 | Tornado Cash | Ethereum | Governance | The attacker took control of the DAO via a trojan horse proposal, gaining control of the TORN governance token and the power to modify the router. They later published another proposal to revert the changes | None (~$275M at risk) | 430 ETH (~$750k) | https://rekt.news/tornado-gov-rekt/ | |||
| 05/09/2023 | Aragon | Ethereum | DAO | Governance | Hostile Takeover | Conflict with "Risk-Free Value Raiders" activist investor group, led to fundamental defensive changes and general DAO collapse. Still unresolved as of late 2023. Fundamental issue: "The value of ANT did not keep pace with the value of the treasury behind the project." | https://blog.aragon.org/aragon-repurposes-dao-to-ensure-treasury-serves-its-mission/ | |||
| 04/13/2023 | RookDAO | Ethereum | DAO | Governance | Hostile Takeover | Conflict with "Risk-Free Value Raiders" activist investor group, who framed their actions in the narrative of "protecting users from rugpull". Social engineering (FUD disinformation campaign) leads to collapse of DAO, with treasury distribute to users. Even this distribution process turns out to be quite rocky. | https://unchainedcrypto.com/rfv-raiders-sold-450000-rook-from-treasury-migration/ https://www.coindesk.com/business/2023/04/13/rook-investors-begin-swapping-tokens-for-25m-crypto-treasury/ | |||
| 03/14/2023 | Angle Protocol | Ethereum | Stablecoin | Angle ran out of liquidity following the Euler exploit due to its collateral mechanism. | $18.4m | https://anglemoney.notion.site/Angle-Protocol-Q-A-Regarding-Euler-Exploit-03af18cbe5e84430b3341b145554492e | ||||
| 03/05/2023 | Iron Bank/Alpha Homora | Ethereum | Governance/contractual issue | Iron Bank freezes Alpha Homora token holders’ funds using multisig following Alpha Homora hack, threatening to rug them if not paid back. Maybe not an economic exploit, but another example of why not to build on top of upgradeable contracts. | $30m | None (funds frozen) | https://rekt.news/iron-alpha/ | |||
| 02/03/2023 | BonqDAO | Polygon | Stablecoin | Oracle | Oracle configuration | Tellor price updated with 10 TRB. Exploiter updated a Tellor oracle’s ALBT/MATIC price, stakes 0.1 ALBT and mints 100M bEUR, leaving the protocol with bad debt when he set the oracle price, this time lower to liquidate stakers of ALBT | $13m liquidity drained, exploiter netted ~$1.7m | Less than $2M | https://rekt.news/bonq-rekt/ | |
| 02/02/2023 | IPOR Protocol | Ethereum | Price manipulation | A user or group of users leveraged approximately $40m to manipulate interest rates on Aave and Compound for several hours and trade against IPOR LPs. | $55k | $55k | https://blog.ipor.io/ipor-usdt-index-sustained-oracle-attack-and-risk-mitigation-4f3618876a2c | |||
| 12/12/2022 | Lodestar Finance | Arbitrum | Oracle Manipulation | Price manipulation | The attacker manipulated the price oracle of plvGLP collateral using flash loans, allowing them to drain the lending pools. The GLPOracle did not properly account for the impact of a user calling donate() on the GlpDepositor contract | ~$6.5M | ~$6.5M | https://rekt.news/lodestar-rekt/ | ||
| 10/19/2022 | Moola Market | Celo | Derivatives | Price Manipulation | Highly profitable trading strategy | A no-code exploit. Exploiter started with $180k in CELO, used some to borrow the protocol’s governance token, MOO to use as collateral. The exploiter then pumped MOO with the remaining CELO, which allowed them to borrow the remaining assets on | $8.4M | https://rekt.news/moola-markets-rekt/ | ||
| 10/14/2022 | DAO Maker | Patex | Governance | Abject failure of governance | https://rekt.news/dao-maker-community-investigates/ | |||||
| 10/12/2022 | Mango Markets | Solana | Oracle manipulation | Highly profitable trading strategy. Exploiter manipulated the price of the MNGO token, causing $115M of bad debt | $115m | $115m | https://rekt.news/mango-markets-rekt/ | |||
| 09/28/2022 | 0xbad | Ethereum | MEV bot takedown | 1,101 ETH | 1,101 ETH | https://rekt.news/ripmevbot/ | ||||
| 07/28/2022 | Nirvana Finance | Solana | Price Manipulation | Flash loan of 10m was used to mint ANA, inflating the price. This was redeemed against the Nirvana treasury at inflated prices for a profit. | $3.5m | $3.5m | https://rekt.news/nirvana-rekt/ https://twitter.com/0xFA2/status/1552576624121352193 https://www.justice.gov/usao-sdny/pr/former-security-engineer-international-technology-company-pleads-guilty-hacking-two | |||
| 06/22/2022 | Bancor | Ethereum | Mechanism design | Bancor’s v3 design caused a death spiral in BNT’s price. Bancor paused the contract to prevent this | Not stated | Not stated | https://rekt.news/bancor-lp-rekt/ | |||
| 05/13/2022 | Venus | BSC | Oracle | Oracles on BSC mispriced LUNA in the chaos of the Terra collapse and enabled protocols dependent on them to be exploited. | $13.5m | https://rekt.news/venus-blizz-rekt/ | ||||
| 05/13/2022 | Blizz | BSC | Oracle | Oracles on BSC mispriced LUNA in the chaos of the Terra collapse and enabled protocols dependent on them to be exploited. | $8.3m | https://rekt.news/venus-blizz-rekt/ | ||||
| 05/10/2022 | Terra | Cosmos | L1 | Mechanism design | Multiple mechanisms in Terra's Anchor Protocol which fueled its meteoric rise led to a death spiral in the price of LUNA. | $2.5b+ | https://eatsleepcrypto.com/terra-luna-tokenomic-post-mortem/ | |||
| 05/09/2022 | Fortress Protocol | BSC | Governance exploit | A malicious governance proposal was passed which gave exploiter the ability to cheaply liquidate the treasury | $3m | $3m | https://rekt.news/fortress-rekt/ | |||
| 04/18/2022 | Beanstalk | Ethereum | Governance | A large flash loan was taken out by the exploiter, who aggregated tokens and from several pools in order to accumulate voting power in Beanstalk, then voted to transfer all the assets to himself. | $181m | $76m | https://rekt.news/beanstalk-rekt/ | |||
| 04/13/2022 | Elephant Money | BSC | Stablecoin | Oracle manipulation | The attacker used flash loans to manipulate the price of the $ELEPHANT token during the minting process of the project’s stablecoin $TRUNK | $22.2m | $11.2m | https://rekt.news/elephant-money-rekt/ | ||
| 04/02/2022 | Inverse Finance | Ethereum | Oracle Manipulation | The exploiter swapped ETH for INV with low liquidity, changing the price 50x, then deposited $644k worth of INV and borrowed $15.6m against the protocol. | $15.6m | $15.6m | https://rekt.news/inverse-finance-rekt/ | |||
| 03/31/2022 | Neutrino Dollar | Waves | Stablecoin | Mechanism design | Neutrino (USDN) began to depeg as the value of its collateral, WAVES - the native token of the Waves blockchain and ecosystem - trended lower. The depeg entered a death spiral, as panicked holders redeemed USDN for WAVES and sold, driving the price down further. | https://cointelegraph.com/news/neutrino-dollar-breaks-peg-falls-to-0-82-amid-waves-price-manipulation-accusations | ||||
| 03/15/2022 | Deus DAO | Ethereum | Oracle manipulation | Exploiter tricked the oracle into inflating the price of DEI, which was used as collateral to borrow funds from the protocol | ~$3M | ~$3M | https://rekt.news/deus-dao-rekt/ | |||
| 2/14/2022 | Build Finance | Ethereum | DAO | Governance exploit | Hostile Takeover | Attacker created a proposal to claim the treasury for themselves. Despite repeated attempts to rally community support, there was not enough interest to vote the proposal down. | Total collapse | $450k | https://www.cryptotimes.io/2022/02/15/build-finance-suffered-hostile-governance-takeover-lost-470k/ | |
| 11/18/2021 | Uniswap | Ethereum | DEX | Externality | Poor understanding of Uniswap v3 led to LPs’ impermanent loss (IL). | Over $260M in impermanent loss | https://rekt.news/uniswap-v3-lp-rekt/ | |||
| 11/17/2021 | ParaSwap | Ethereum | DEX | Sybil | A single wallet posed as many distinct users in order to receive a greater share of tokens airdropped to users. | https://rekt.news/airdrop-hunters/ | ||||
| 10/28/2021 | CREAM Finance | Ethereum | Lending | Exploiters manipulated the price of the underlying yUSDVault token to double the value of their collateral, ultimately draining Cream's lending vaults of about $130 million. | $130m | $130m | https://rekt.news/cream-rekt-2/ | |||
| 10/15/2021 | Indexed Finance | Ethereum | Yield | Mechanism design | Indexed Finance attempted to maintain an index of multiple tokens by rebalancing onchain. The exploiter used a flash loan to manipulate the weights of assets in the DEFI5 and CC10 pools. This allowed him to deposit small amounts of over-weighted SUSHI tokens, minting inflated DEFI5 tokens which were then cashed out for other assets, resulting in a $16 million loss. | $16m | $16m | https://ndxfi.medium.com/indexed-attack-post-mortem-b006094f0bdc | ||
| https://rekt.news/indexed-finance-rekt/ | ||||||||||
| 7/18/2021 | PancakeBunny | Polygon | Yield | Mechanism design | Rewards calculation | $2.4m | $2.4m | https://rekt.news/pancakebunny2-rekt/ | ||
| 7/14/2021 | ApeRocket | BSC, Polygon | Yield | Mechanism design | Rewards calculation | Attacker made an initial deposit of 509k $CAKE into the ApeRocket AutoCake vault while another 1.1m $CAKE was transferred to the same vault as the reward. When withdrawn, $SPACE tokens were minted proportional to the rewards. | $1.26m | $1.26m | https://inspexco.medium.com/aperocket-finance-incident-analysis-improper-reward-minting-52153a8958fa https://twitter.com/peckshield/status/1415187038605758464 | |
| 06/29/2021 | Merlin Labs | BSC | Mechanism design | Rewards calculation | The logic of reward issuance was such that the exploiter could profitably trick the contract into thinking he deserved rewards. | $330k | $330k | https://rekt.news/merlin3-rekt/ | ||
| 06/28/2021 | SafeDollar | Polygon | Stablecoin | Mechanism design | Rewards calculations | The economic exploit in the SafeDollar case involved manipulating the protocol's reward mechanism to claim enormous amounts of SDO tokens. The attacker depleted the PLX balance of the pool and inflated the reward rate, eventually crashing the price of SDO to zero and making off with 202k USDC and 46k USDT | $248k | $248k | https://rekt.news/safedollar-rekt/ | |
| 06/17/2021 | Iron Finance | BSC, Polygon | Stablecoin | Mechanism design | Algorithmic | Iron Finance collateralized its stablecoin IRON with USDC and its own governance token, TITAN, which was issued in a mint-and-burn scheme proportional to its time-weighted average price. Market sells of TITAN spooked IRON holders who then sold, causing IRON to depeg. The arbitrage opportunity from redeeming a depegged IRON for TITAN created a death spiral that led to the total collapse of the protocol. | From $2b TVL to ~$260M | https://www.youtube.com/watch?v=HUokre-szPg | ||
| 05/26/2021 | Merlin Labs | BSC | Mechanism design | Rewards calculation | Exploiter sent BNB directly to the address used in reward calculations. | $680k | $680k | https://rekt.news/merlinlabs-rekt/ | ||
| 05/20/2021 | PancakeBunny | BSC | Mechanism design | Rewards calculation | Exploiter flash loaned and deposited BNB into pools receiving BUNNY rewards, claimed those rewards within the same block, repaid the loan, then dumped the tokens. | $45m | $45m | https://rekt.news/pancakebunny-rekt/ | ||
| 05/12/2021 | xToken | Ethereum | Yield | Oracle | Price manipulation | xToken allowed users to mint xAssets based on the prices in Uniswap pools. The exploiter used a flash loan to manipulate prices in these pools and mint an inflated amount of xAssets which were sold on the market. | $24m | https://rekt.news/xtoken-rekt/ | ||
| 04/07/2021 | Fei | Ethereum | Stablecoin | Mechanism design | Direct incentives | A death spiral in the newly launched FEI stablecoin was triggered by supply shocks. | https://rekt.news/fei-rekt/ | |||
| 02/05/2021 | Yearn | Ethereum | Yield | The exploiter repeatedly arbitraged the Yearn DAI v1 vault using flash loans while Yearn developers had disabled withdrawal fees in order to migrate liquidity. The Yearn exploit was possible because the withdrawal fee had been turned off for vault migration, making it an opportunistic exploit rather than a fundamental flaw in Yearn's economic design. | $11m | $2.7m | https://rekt.news/yearn-rekt/ | |||
| 12/18/2020 | Warp Finance | Ethereum | Lending | Price manipulation | Spot price oracle | Warp relied on a Uniswap liquidity pool as an oracle. The exploiter traded through the pool, manipulating the price and borrowing against the protocol. | $7.8m | $950k | https://rekt.news/warp-finance-rekt/ | |
| 11/26/2020 | Compound | Ethereum | Lending | Oracle | Oracle selection | Compound’s dependence on Coinbase's price oracle led to $110m in liquidations. | $110M | https://rekt.news/coinbase-the-oracle/ | ||
| 11/14/2020 | Value DeFi | Ethereum | Yield | Price manipulation | Spot price oracle | https://peckshield.medium.com/value-defi-incident-root-cause-analysis-fbab71faf373 | ||||
| 11/6/2020 | Cheese Bank | Ethereum | Lending | Price manipulation | Spot price oracle | Cheese Bank accepted LP tokens of its native token paired against ETH as collateral for borrowing. The exploiter deployed a contract which flash loaned 21,000 ETH to purchase CHEESE, create LP tokens, inflate the value of CHEESE and those LP tokens, and borrow Cheese Bank's entire TVL against the inflated position. | $3.3m | $3.3m | https://peckshield.medium.com/cheese-bank-incident-root-cause-analysis-d076bf87a1e7 | |
| 10/26/2020 | Harvest Finance | Ethereum | Yield | Mechanism design | $24m | $24m | https://rekt.eth.link/harvest-finance-rekt/ | |||
| 3/14/2020 | MakerDAO | Ethereum | Lending | Mechanism design | MakerDAO's zero-bid day aka Black Thursday | $8.3m | $8.3m | https://medium.com/@whiterabbit_hq/black-thursday-for-makerdao-8-32-million-was-liquidated-for-0-dai-36b83cac56b6 | ||
| 2/2/2020 | Steemit | L1 | Governance | Hostile takeover | Justin Sun offered to buy the Steemit blockchain from the original founders who controlled it. The community of users revolted, leading to intricate maneuvering in both communications channels and delegation/voting maneuvering. | -$ | https://decrypt.co/38050/steem-steemit-tron-justin-sun-cryptocurrency-war https://blockchain.news/news/vitalik-buterin:-time-will-tell-whether-the-hive-blockchain-will-surpass-steem https://www.altcoinbuzz.io/spotlight/peoples-hive-vs-justin-suns-steem-decentralization-wins/ |
|||
| 6/25/2019 | Synthetix | Ethereum | Synthetic Asset | Oracle configuration | Single source | A bot exploited an error in the price reported for KRW that was 1000x what it should have been. Synthetix took the average of two APIs (one with the error), allowing the bot to make a nominal profit of $1bn in the window that the price was being reported. However, SNX market cap was just under $40m at the time, and the owner of the bot returned the funds in exchange for an undisclosed bug bounty. | Undisclosed bug bounty | Undisclosed bug bounty | https://blog.synthetix.io/response-to-oracle-incident/ | |
| 6/08/2013 | Feathercoin | Feathercoin | L1 | 51% attack | Malicious | Sustained 51% attack leading to multiple orphaned blocks, shortly after the chain voted to reduce hash power. The attacker appeared to be malicious rather than primarily economically motivated. | $10k | https://www.coindesk.com/markets/2013/06/10/feathercoin-hit-by-massive-attack/ |