2024-10

Play Ransomware

Unit 42 linked Jumpy Pisces, also known as Andariel or PLUTONIUM, to an intrusion that preceded Play ransomware deployment and assessed with moderate confidence that the North Korean state-sponsored actor collaborated with Play operators or acted as an in…

Unknown

2024-10

Tapioca DAO

In October 2024, Tapioca DAO on Arbitrum was hacked, losing $4.4 million due to a private key compromise. The attacker exploited the vesting contract and minted quintillions of USDO stablecoin, causing a 97% drop in TAP token value. The funds were bridged…

🇺🇸 United States

2024-10

Radiant Capital

In October 2024, Radiant Capital lost more than $53 million after attackers compromised multiple developer devices and manipulated multisig transaction signing. Radiant later said the operation began with a September 2024 Telegram lure impersonating a tru…

🇭🇰 Hong Kong

2024-09

Truflation

Truflation disclosed a significant cryptocurrency incident in which the team and third parties tracked the hacker’s on-chain wallets, blacklisted affiliated accounts, and observed 1.37 million DAI exchanged for 500 ETH before transfer to the eXch exchange…

🇺🇸 United States

2024-09

BingX

On September 19, 2024, BingX detected abnormal network access after attackers drained about $44.7 million from hot wallets across Ethereum, BNB Chain, Polygon, and other networks. The exchange suspended withdrawals and moved remaining assets while investi…

🇸🇬 Singapore

2024-09

DeltaPrime

On September 16, 2024, DeltaPrime, a DeFi protocol on Arbitrum, lost $5.98 million due to a private key compromise. The attacker used the compromised admin address to upgrade proxy contracts, inflating their deposits and withdrawing funds in USDC, WBTC, a…

🇻🇬 Virgin Islands, British

2024-09

Indodax#2

On September 10, 2024, Indonesia's largest crypto exchange, Indodax, lost over $25 million in a sophisticated hack. Attackers exploited the exchange's withdrawal system, siphoning funds across multiple blockchains, including Ethereum, Bitcoin, Polygon, an…

🇮🇩 Indonesia

2024-08

Nexera

On August 7, 2024, Nexera’s Fundrs staking contracts on Ethereum were abused after a social-engineering intrusion exposed wallet credentials. The attacker transferred 47.24 million NXRA tokens; Nexera paused NXRA and NAI token contracts across chains, lim…

🇳🇱 Netherlands

2024-07

WazirX

WazirX recently experienced a cyber attack on one of its multisig wallets, leading to a loss of over $230 million. This wallet, managed using Liminal’s digital asset custody services since February 2023, had six signatories: five from WazirX and one from …

🇮🇳 India

2024-06

AnOctopus

Andariel targeted centralized management solutions used by South Korean enterprises, abusing exposed administrator console ports, vulnerable management software, and later supply-chain distribution paths through developers with downstream customers. Linke…

🇰🇷 Korea, Republic of

2024-06

CoinStats

On June 22, 2024, CoinStats suffered a wallet breach attributed by the company to Lazarus Group or a related nation-state-level organization. The attacker gained unauthorized access across CoinStats infrastructure and service providers, exposing private k…

🇦🇲 Armenia

2024-06

UwU Lend

Uwulend, a lending protocol, suffered a $19.4 million hack due to an oracle manipulation attack. The attacker used three transactions to exploit a price discrepancy in Uwulend's oracles, facilitated by a flash loan. Despite a recent security audit, the at…

Unknown

2024-06

Lykke

On June 4, centralized cryptocurrency exchange Lykke suffered a security breach that resulted in the theft of over $22 million in crypto assets. The exchange initially halted withdrawals—citing unscheduled maintenance—and was later accused by researcher S…

🇬🇧 United Kingdom

2024-05

DMM

In May 2024, Japan’s DMM Bitcoin lost 4,502.9 BTC, worth about $308 million, in a theft attributed by the FBI, DC3, and Japan’s National Police Agency to North Korea-linked TraderTraitor activity. The actors socially engineered a Ginco employee with a mal…

🇯🇵 Japan

2024-05

FakePenny Ransomware

In April 2024, Microsoft observed Moonstone Sleet deploying FakePenny, a custom ransomware loader and encryptor, against a company the actor had previously compromised in February. Microsoft assessed the deployment as financially motivated and significant…

ZZZ