Hack

Hacks and exploits

Forensic records of every major protocol or bridge exploit: attack vector, on-chain flow of stolen funds, recovery outcomes. 21 records.

• June 1, 2026·ongoing

  Gnosis Pay Delay Module Exploit — June 2026

  Gnosis Pay disclosed an active exploit affecting its delay module and card wallet infrastructure on June 1, 2026, then said the issue was being contained and all affected users would be reimbursed in full.

  $0
• May 31, 2026·resolved

  Gravity Bridge Halted After Reported $5.4M Exploit

  Gravity Bridge, a Cosmos-Ethereum bridge, was reported exploited on 2026-05-31 for about $5.4 million; public reporting and analyst commentary pointed to a possible signing-key or contract-key compromise, after which the bridge was halted.

  $5.4M
• May 29, 2026·ongoing

  DxSale BNB Chain Liquidity Exploit on May 29, 2026

  DxSale lost about $7.3 million in a BNB Chain locker exploit that reportedly affected roughly 1,400 liquidity providers, after a prior ownership transfer and a withdrawal-loop abuse were identified by analysts.

  $7.3M
• May 27, 2026·resolved

  StakeDAO vsdCRV Key Compromise on Arbitrum

  A suspected StakeDAO deployer-key compromise let an attacker redirect vsdCRV bridge settings, mint more than 5.4 trillion tokens on Arbitrum, and extract roughly $91,000 before liquidity constraints halted further selling.

  $91000
• May 25, 2026·ongoing

  Safe Wallet Third-Party Module Exploit in May 2026

  A suspected external module tied to Safe wallet integrations drained about $3.2 million from 86 accounts across Ethereum and Base, while Safe Labs and Squid said their core systems were not the source of the breach.

  $3.2M
• February 21, 2025·ongoing

  Bybit Cold-Wallet Hack — February 2025

  During a routine multi-sig transfer from an Ethereum cold wallet, malicious code injected into the signing UI tricked three Bybit executives into approving the transfer of approximately 401,000 ETH to a Lazarus-controlled address — at $1.46 billion, the largest cryptocurrency theft on record.

  $1.46B
• July 18, 2024·ongoing

  WazirX Multi-Sig Hack — July 2024

  India's largest cryptocurrency exchange lost approximately $235M from a multi-sig wallet compromise attributed to North Korea's Lazarus Group. Singapore restructuring proceedings remain open.

  $235.0M
• May 31, 2024·resolved

  DMM Bitcoin Hack — May 2024

  The Japanese exchange lost approximately $305M of BTC to a private-key compromise attributed by the FBI to North Korea's TraderTraitor (Lazarus). DMM covered customer balances and wound down operations in 2025.

  $305.0M
• September 4, 2023·resolved

  Stake.com Hot-Wallet Hack — September 2023

  The Australian-licensed crypto-betting platform lost ~$41M to a hot-wallet compromise attributed by the FBI to North Korea's Lazarus Group. Customer balances were unaffected.

  $41.0M
• June 3, 2023·ongoing

  Atomic Wallet Hack — June 2023

  Approximately 5,500 users of the Estonian non-custodial Atomic Wallet lost a combined ~$100M in June 2023, in an attack attributed by Elliptic and US law enforcement to North Korea's Lazarus Group.

  $100.0M
• March 13, 2023·resolved

  Euler Finance Hack — March 2023

  A flash-loan exploit of a missing solvency check drained $197M from the Ethereum money market — and was returned in full within three weeks after the protocol's public negotiations with the attacker.

  $197.0M
• October 11, 2022·resolved

  Mango Markets Oracle Manipulation — October 2022

  A trader pumped the MNGO oracle on a thin Solana spot market, used the inflated collateral to borrow $114M from the protocol, then later argued in court that the manoeuvre constituted legitimate trading.

  $114.0M
• March 23, 2022·resolved

  Ronin Bridge Hack — March 2022

  A North Korean state actor compromised 5 of 9 validator nodes on the Ronin sidechain, draining $625 million in ETH and USDC.

  $625.0M
• February 2, 2022·resolved

  Wormhole Bridge Hack — February 2022

  A signature-verification flaw in the Solana-Ethereum Wormhole bridge allowed an attacker to mint 120,000 wETH on Solana without depositing the matching ETH — a $325 million theft that Jump Trading replenished from its own balance sheet.

  $325.0M
• August 10, 2021·resolved

  Poly Network Whitehat Exploit — August 2021

  A cross-chain bridge exploit drained $611 million across Ethereum, Binance Smart Chain and Polygon — the largest crypto theft to that date — and was returned in full by an anonymous attacker who styled themselves "Mr. White Hat".

  $611.0M
• September 25, 2020·resolved

  KuCoin Hot-Wallet Hack — September 2020

  Attackers drained $281M from KuCoin hot wallets across BTC, ETH, ERC-20 and stablecoin balances. Project teams froze and blacklisted stolen tokens; approximately 84% of value was eventually recovered.

  $281.0M
• February 8, 2018·resolved

  BitGrail NANO Hack — February 2018

  The Italian exchange disclosed approximately $170M in losses of NANO tokens. Founder Francesco Firano was later found liable by Italian courts and BitGrail entered bankruptcy proceedings.

  $170.0M
• January 26, 2018·resolved

  Coincheck NEM Hack — January 2018

  The Tokyo exchange lost $530M in NEM tokens from a hot wallet — the largest crypto theft on record at the time. Customers were reimbursed in JPY at recovery prices.

  $530.0M
• November 6, 2017·dormant

  Parity Multi-Sig Wallet Freeze — November 2017

  A user calling himself 'devops199' invoked a library function that turned a critical Parity contract into a self-destructed shell, freezing approximately $300M worth of ETH across 587 wallets — permanently inaccessible.

  $300.0M
• August 2, 2016·resolved

  Bitfinex Hack — August 2016

  Attackers extracted 119,756 BTC from Bitfinex segregated hot wallets, worth $72M at the time. In February 2022 the US government seized $4.7B of the proceeds and arrested the two-person laundering operation.

  $72.0M