The Archive
All catalogued events
Every structured record CryptoMortem has published, ordered from most recent. 34 total.
Gnosis Pay Delay Module Exploit — June 2026
Gnosis Pay disclosed an active exploit affecting its delay module and card wallet infrastructure on June 1, 2026, then said the issue was being contained and all affected users would be reimbursed in full.
Funds affected$0Gravity Bridge Halted After Reported $5.4M Exploit
Gravity Bridge, a Cosmos-Ethereum bridge, was reported exploited on 2026-05-31 for about $5.4 million; public reporting and analyst commentary pointed to a possible signing-key or contract-key compromise, after which the bridge was halted.
Funds affected$5.4MDxSale BNB Chain Liquidity Exploit on May 29, 2026
DxSale lost about $7.3 million in a BNB Chain locker exploit that reportedly affected roughly 1,400 liquidity providers, after a prior ownership transfer and a withdrawal-loop abuse were identified by analysts.
Funds affected$7.3MStakeDAO vsdCRV Key Compromise on Arbitrum
A suspected StakeDAO deployer-key compromise let an attacker redirect vsdCRV bridge settings, mint more than 5.4 trillion tokens on Arbitrum, and extract roughly $91,000 before liquidity constraints halted further selling.
Funds affected$91000Safe Wallet Third-Party Module Exploit in May 2026
A suspected external module tied to Safe wallet integrations drained about $3.2 million from 86 accounts across Ethereum and Base, while Safe Labs and Squid said their core systems were not the source of the breach.
Funds affected$3.2MMantra OM Token Crash — April 2025
The OM token, native asset of the Mantra Chain, lost approximately 90 percent of its market value over the course of a few hours on 13 April 2025. The team attributed the collapse to forced liquidations on offshore venues; on-chain analysts identified pre-event token movements from team-associated addresses.
Funds affected$5.50BBybit Cold-Wallet Hack — February 2025
During a routine multi-sig transfer from an Ethereum cold wallet, malicious code injected into the signing UI tricked three Bybit executives into approving the transfer of approximately 401,000 ETH to a Lazarus-controlled address — at $1.46 billion, the largest cryptocurrency theft on record.
Funds affected$1.46BWazirX Multi-Sig Hack — July 2024
India's largest cryptocurrency exchange lost approximately $235M from a multi-sig wallet compromise attributed to North Korea's Lazarus Group. Singapore restructuring proceedings remain open.
Funds affected$235.0MDMM Bitcoin Hack — May 2024
The Japanese exchange lost approximately $305M of BTC to a private-key compromise attributed by the FBI to North Korea's TraderTraitor (Lazarus). DMM covered customer balances and wound down operations in 2025.
Funds affected$305.0MStake.com Hot-Wallet Hack — September 2023
The Australian-licensed crypto-betting platform lost ~$41M to a hot-wallet compromise attributed by the FBI to North Korea's Lazarus Group. Customer balances were unaffected.
Funds affected$41.0MMultichain Bridge Disappearance — July 2023
The cross-chain bridge stopped processing transactions and approximately $130M was drained from bridge contracts after its founder and CEO Zhaojun He was reportedly detained by Chinese authorities.
Funds affected$130.0MAtomic Wallet Hack — June 2023
Approximately 5,500 users of the Estonian non-custodial Atomic Wallet lost a combined ~$100M in June 2023, in an attack attributed by Elliptic and US law enforcement to North Korea's Lazarus Group.
Funds affected$100.0MEuler Finance Hack — March 2023
A flash-loan exploit of a missing solvency check drained $197M from the Ethereum money market — and was returned in full within three weeks after the protocol's public negotiations with the attacker.
Funds affected$197.0MUSDC Depeg — March 2023
When Silicon Valley Bank was seized by US regulators on 10 March, Circle disclosed $3.3 billion of USDC reserves were stuck at the bank — and USDC traded as low as $0.87 over the weekend before federal backstop assurances restored the peg.
Funds affected$3.30BBlockFi Collapse — November 2022
The New Jersey crypto lender filed Chapter 11 sixteen days after FTX, citing direct exposure to FTX and Alameda as the final blow on top of earlier losses to Three Arrows Capital.
Funds affected$1.30BFTX Collapse — November 2022
The world's second-largest crypto exchange filed for Chapter 11 bankruptcy within nine days of a leaked Alameda balance sheet that revealed commingled customer funds.
Funds affected$8.00BMango Markets Oracle Manipulation — October 2022
A trader pumped the MNGO oracle on a thin Solana spot market, used the inflated collateral to borrow $114M from the protocol, then later argued in court that the manoeuvre constituted legitimate trading.
Funds affected$114.0MOFAC Sanctions on Tornado Cash — August 2022
The US Treasury added Tornado Cash smart-contract addresses to the SDN list — the first time OFAC sanctioned autonomous code rather than persons or entities — and arrested co-founder Roman Storm a year later.
Celsius Network Collapse — July 2022
The largest centralised crypto lender suspended withdrawals on 12 June 2022 and filed for Chapter 11 a month later, owing approximately $4.7 billion to retail depositors.
Funds affected$4.70BVoyager Digital Collapse and Bankruptcy in 2022
After Three Arrows Capital defaulted on a roughly $670 million loan, Voyager froze customer activity, entered Chapter 11, and later liquidated, returning about 35.7% of customer claim value.
Funds affected$670.0M