diff --git a/list.md b/list.md index 77fd03b..7fb4c83 100644 --- a/list.md +++ b/list.md @@ -2,48 +2,48 @@ |Date |Protocol |Ecosystem |Category |Subcategory |
What happened
|Value lost by protocol |Value gained by attacker |Source | |---|---|---|---|---|---|---|---|---| -|2023/11/23 |Kyberswap Network |Multi-Chain |System Design | |Tick manipulation and double liquidity county by swapping at edge of liquidity curve|$48m |$48m |[https://rekt.news/kyberswap-rekt/](https://rekt.news/kyberswap-rekt/) | | -|2022/09/28 |0xbad |Ethereum | | |MEV bot takedown |1,101 ETH |1,101 ETH |[https://rekt.news/ripmevbot/](https://rekt.news/ripmevbot/) | -|2023/03/14 |Angle Protocol |Ethereum |Contagion | |Angle ran out of liquidity following the Euler exploit due to its collateral mechanism. https://rekt.news/euler-rekt/ |$18.4m | |[https://anglemoney.notion.site/Angle-Protocol-Q-A-Regarding-Euler-Exploit-03af18cbe5e84430b3341b145554492e](https://anglemoney.notion.site/Angle-Protocol-Q-A-Regarding-Euler-Exploit-03af18cbe5e84430b3341b145554492e) | -|2023/06/13 |Atlantis Loans |BSC |Governance exploit |Governance, upgradeable contract |The attacker pushed and voted through a governance proposal granting them control of Atlantis Loans’ token contracts. They then upgraded with their own malicious contracts, allowing them to transfer tokens from any address which still had active approvals to Atlantis contracts. |$1m | |[https://rekt.news/atlantis-loans-rekt/](https://rekt.news/atlantis-loans-rekt/) | -|2021/05/25 |AutoShark |BSC |System design | |Exploiter sent BNB directly to the address used in reward calculations |~$745K |~$745K |[https://rekt.news/autoshark-rekt/](https://rekt.news/autoshark-rekt/) | -|2022/06/22 |Bancor |Ethereum |System design | |Bancor’s v3 design caused a death spiral in BNT’s price. Bancor paused the contract to prevent this |Not stated |Not stated |[https://rekt.news/bancor-lp-rekt/](https://rekt.news/bancor-lp-rekt/) | -|2022/04/18 |Beanstalk |Ethereum |Governance exploit | |A malicious governance proposal was pushed through by a flash loan, and the attacker then voted to transfer all the assets to themself |$181m |$76m |[https://rekt.news/beanstalk-rekt/](https://rekt.news/beanstalk-rekt/) | -|2021/05/16 |bEarnFi |BSC |System design | |bEarnFi’s contract assumed parity between two stablecoins, one of was natively interest-bearing, guaranteeing its price would differ |~$18M |~$18M |[https://rekt.news/bearn-rekt/](https://rekt.news/bearn-rekt/) | -|2023/02/03 |BonqDAO |Polygon |Oracle Manipulation |Insecure oracle |Tellor price updated with 10 TRB. Exploiter updated a Tellor oracle’s ALBT/MATIC price, stakes 0.1 ALBT and mints 100M bEUR, leaving the protocol with bad debt when he set the oracle price, this time lower to liquidate stakers of ALBT |$13m liquidity drained, exploiter netted ~$1.7m |Less than $2M |[https://rekt.news/bonq-rekt/](https://rekt.news/bonq-rekt/) | -|2022/02/14 |Build Finance | |Governance exploit | |The exploiter proposed and honestly voted for a proposal which gave him control over the contract, including the minting function, and assets in the treasury. Token holders were given several days’ notice and encouraged to vote against the proposal. The proposal passed; all of the treasury’s assets were all sold off, and the exploiter minted enough BUILD tokens to drain BUILD-paired pools of other assets |$522k |$470k |https://twitter.com/finance_build/status/1493223190071554049 | -|2023/08 |Circle |Ethereum |Vampire exploit | |Tether is actively vampire attacking USDC. Since Tether has a 0.1% redemption fee but Circle has no redemption fee, Tether is buying USDC, redeeming them, and minting more USDT | | |[https://twitter.com/DeFi_Made_Here/status/1687820451463024641](https://twitter.com/DeFi_Made_Here/status/1687820451463024641) | -|2020/11/26 |Compound |Ethereum |Oracle manipulation | |Compound’s dependence on Coinbase as an oracle led to $110m in liquidations. Whether this was foul play or poor system design is unknown |$110M | |[https://rekt.news/coinbase-the-oracle/](https://rekt.news/coinbase-the-oracle/) | -|2021/10/28 |CREAM Finance |Ethereum |Flash loan exploit | |Exploiters manipulated the price of the underlying yUSDVault token using a faulty share price calculation to double the value of their collateral, ultimately draining Cream's lending vaults of about $130 million. |~$130M |~$130M |[https://rekt.news/cream-rekt-2/](https://rekt.news/cream-rekt-2/) | -|2022/10/14 |DAO Maker |Patex |Governance | |Abject failure of governance |$7M and $4M (previous years) | |[https://rekt.news/dao-maker-community-investigates/](https://rekt.news/dao-maker-community-investigates/) | -|2022/03/15 |Deus DAO |Ethereum |Oracle manipulation | |Exploiter tricked the oracle into inflating the price of DEI, which was used as collateral to borrow funds from the protocol |~$3M |~$3M |[https://rekt.news/deus-dao-rekt/](https://rekt.news/deus-dao-rekt/) | -|2022/03/15 |Deus DAO |Ethereum |Oracle manipiulation | |Exploiter gained $3m borrowing DEI with a flashloan and sending it through the Solidex USDC/DEI pool, tanking the price, liquidating DEI borrowers, then repaying the transaction |~$3M |~$3M |[https://rekt.news/deus-dao-rekt/](https://rekt.news/deus-dao-rekt/) | -|2022/04/13 |Elephant Money |BSC |Oracle manipulation | |The attacker used flash loans to manipulate the price of the $ELEPHANT token during the minting process of the project’s stablecoin $TRUNK |$22.2m |$11.2m |[https://rekt.news/elephant-money-rekt/](https://rekt.news/elephant-money-rekt/) | -|2021/04/07 |Fei |Ethereum |System design | |Initial supply shocks from a poorly designed mechanism prompted a death spiral in the half-baked Fei | | |[https://rekt.news/fei-rekt/](https://rekt.news/fei-rekt/) | -|2022/05/09 |Fortress Protocol |BSC |Governance exploit | |A malicious governance proposal was passed which gave exploiter the ability to cheaply liquidate the treasury |$3m |$2.6M in ETH, 400k DAI |[https://rekt.news/fortress-rekt/](https://rekt.news/fortress-rekt/) | -|2020/10/26 |Harvest Finance |Ethereum |System design | |Exploiter took advantage of the minting process of assets in Harvest Finance and drained the protocol of funds |$33.8M |$24M |[https://rekt.eth.link/harvest-finance-rekt/](https://rekt.eth.link/harvest-finance-rekt/) | -|2021/10/15 |Indexed Finance |Ethereum |System design |Liquidity |The exploiter exploited Indexed Finance by using flash loans to manipulate the weights of assets in the DEFI5 and CC10 pools. This allowed him to deposit small amounts of over-weighted SUSHI tokens, minting inflated DEFI5 tokens which were then cashed out for other assets, resulting in a $16 million loss. |~$16M |~$16M |[https://rekt.news/indexed-finance-rekt/](https://rekt.news/indexed-finance-rekt/) | -|2022/04/02 |Inverse Finance |Ethereum |Oracle Manipulation | |The exploiter swapped ETH for INV with low liquidity, changing the price 50x, then deposited $644k worth of INV and borrowed $15.6m against the protocol“one of the most MEV aware hacks I've seen.” - bertcmiller |$15.6m |$15.6m |[https://rekt.news/inverse-finance-rekt/](https://rekt.news/inverse-finance-rekt/) | -|2023/03/05 |Iron Bank/Alpha Homora |Ethereum |Governance/contractual issue | |Iron Bank freezes Alpha Homora token holders’ funds using multisig following Alpha Homora hack, threatening to rug them if not paid back. Maybe not an economic security exploit, but another example of why not to use contracts with upgradeable contracts |$30M of bad debt |None (funds frozen) |[https://rekt.news/iron-alpha/](https://rekt.news/iron-alpha/) | -|2021/06/17 |Iron Finance |BSC & Polygon |System design | |Mechanics of Iron Finance caused a death spiral in the price of its token, $TITAN. Mark Cuban unaffected |From $2B TVL to ~$260M | |[https://rekt.news/iron-finance-rekt/](https://rekt.news/iron-finance-rekt/) | -|2023/05/29 |Jimbo |Arbitrum |System design |System design |Jimbo tried to make a rebalancing stablecoin. The attacker took a flash loan of 10k ETH to buy JIMBO tokens, inflating their price. A rebalance was triggered via the shift() function in the JimboController contract, draining all WETH liquidity and crashing JIMBO's price |$7.5m |Over 4000k ETH (~$7.5M) |[https://rekt.news/jimbo-rekt/](https://rekt.news/jimbo-rekt/) | -|2022/12/12 |Lodestar Finance |Arbitrum |Oracle Manipulation |Price manipulation |The attacker manipulated the price oracle of plvGLP collateral using flash loans, allowing them to drain the lending pools. The GLPOracle did not properly account for the impact of a user calling donate() on the GlpDepositor contract |~$6.5M |~$6.5M |[https://rekt.news/lodestar-rekt/](https://rekt.news/lodestar-rekt/) | -|2022/10/12 |Mango Markets |Solana |Oracle manipulation | |Highly profitable trading strategy. Exploiter manipulated the price of the MNGO token, causing $115M of bad debt |$115m |$15m |[https://rekt.news/mango-markets-rekt/](https://rekt.news/mango-markets-rekt/) | -|2021/06/29 |Merlin Labs |BSC |System design | |The logic of reward issuance was such that the exploiter could profitably trick the contract into thinking he deserved rewards |$330K |$330K |[https://rekt.news/merlin3-rekt/](https://rekt.news/merlin3-rekt/) | -|2021/05/26 |Merlin Labs |BSC |System design | |Exploiter sent BNB directly to the address used in reward calculations |~$680K in ETH |~$680K in ETH |[https://rekt.news/merlinlabs-rekt/](https://rekt.news/merlinlabs-rekt/) | -|2022/10/19 |Moola Market |CELO |Price Manipulation |Highly profitable trading strategy |A no-code exploit. Exploiter started with $180k in CELO, used some to borrow the protocol’s governance token, which itself was used as collateral. Then the exploiter pumped MOO with the remaining CELO, which allowed them to borrow the remaining assets on |$8.4M |~$525k (returned majority) |[https://rekt.news/moola-markets-rekt/](https://rekt.news/moola-markets-rekt/) | -|2021/05/20 |Pancake Bunny |BSC |System design | |Exploiter flash loaned and deposited BNB into pools receiving BUNNY rewards, claimed those rewards within the same block, repaid the loan, then dumped the tokens |$45M |$45M |[https://rekt.news/pancakebunny-rekt/](https://rekt.news/pancakebunny-rekt/) | -|Nov 17, 2021 |ParaSwap |Ethereum |Sybil | |A single wallet farmed hundreds of wallets | | |[https://rekt.news/airdrop-hunters/](https://rekt.news/airdrop-hunters/) | -|2022/03/29 |Ronin Network |Bridge Hack |Multisig | |5/9 multisig was compromised. Poor design expecting 5/9 multisig to secure half a billion dollars |~$624M |~$624M |[https://rekt.news/ronin-rekt/](https://rekt.news/ronin-rekt/) | -|2021/06/28 |SafeDollar |Polygon |System design | |The economic exploit in the SafeDollar case involved manipulating the protocol's reward mechanism to claim enormous amounts of SDO tokens. The attacker depleted the PLX balance of the pool and inflated the reward rate, eventually crashing the price of SDO to zero and making off with 202k USDC and 46k USDT |$248K in USDC and USDT |$248K |[https://rekt.news/safedollar-rekt/](https://rekt.news/safedollar-rekt/) | -|2021/05/02 |Spartan Protocol |BSC |Oracle manipulation | |Prices manipulated and assets traded through pools using flash loans for a net gain |$30.5M |$30.5M |[https://rekt.news/spartan-rekt/](https://rekt.news/spartan-rekt/) | -|2022/05/14 |Terra |Terra |System design | |Terra’s poor system design included:- unmitigated risks from the use of endogenous collateral for a stablecoin- fixed yields- hard-coded redemption limits |$2.5b+ | | [https://eatsleepcrypto.com/terra-luna-tokenomic-post-mortem/](https://eatsleepcrypto.com/terra-luna-tokenomic-post-mortem/) | -|2023/05/22 |Tornado Cash |Ethereum |Governance exploit |System design |The attacker took control of the DAO via a trojan horse proposal, gaining control of the TORN governance token and the power to modify the router. They later published another proposal to revert the changes |None (~$275M at risk) |430 ETH (~$750k) |[https://rekt.news/tornado-gov-rekt/](https://rekt.news/tornado-gov-rekt/) | -|2021/11/18 |Uniswap |Ethereum |Externality | |Poor design of Uniswap v3 lead to LPs’ impermanent loss (IL) |Over $260M in impermanent loss | |[https://rekt.news/uniswap-v3-lp-rekt/](https://rekt.news/uniswap-v3-lp-rekt/) | -|2022/05/13 |Venus/Blizz LUNA fallout |BSC |Oracle manipulation | |Oracles on BSC mispriced $LUNA in the chaos of the Terra collapse and enabled protocols dependent on them to be exploited |$13.5M (Venus), $8.3m (Blizz) | |[https://rekt.news/venus-blizz-rekt/](https://rekt.news/venus-blizz-rekt/) | -|2020/12/18 |Warp Finance |Ethereum |Oracle manipulation | |Warp relied on a Uniswap liquidity pool as an oracle. The exploiter traded through the pool, manipulating the price and borrowing against the protocol |~$7.8M |~$7.8M |[https://rekt.news/warp-finance-rekt/](https://rekt.news/warp-finance-rekt/) | -|2021/05/12 |XToken |Ethereum |Oracle manipulation |Price manipulation |Prices manipulated and assets traded through pools using flash loans for a net gain |2.4k ETH ($10.3M), 781k BNT ($6.2M), 407k SNX ($8M) |~$24M |[https://rekt.news/xtoken-rekt/](https://rekt.news/xtoken-rekt/) | -|2021/02/05 |Yearn |Ethereum | | |The Yearn exploit involved arbitrage of the Yearn DAI v1 vault using 9 flash loans. The exploiter executed a series of complex transactions to manipulate the vault and withdraw funds. The exploit was possible because the withdrawal fee had been turned off for vault migration, making it an opportunistic exploit rather than a fundamental flaw in Yearn's economic design |$11m |$2.7m |[https://rekt.news/yearn-rekt/](https://rekt.news/yearn-rekt/) | +|11/23/2023 |Kyberswap Network |Multi-Chain |System Design | |Tick manipulation and double liquidity county by swapping at edge of liquidity curve|$48m |$48m |[https://rekt.news/kyberswap-rekt/](https://rekt.news/kyberswap-rekt/) | | +|09/28/2022 |0xbad |Ethereum | | |MEV bot takedown |1,101 ETH |1,101 ETH |[https://rekt.news/ripmevbot/](https://rekt.news/ripmevbot/) | +|03/14/2023 |Angle Protocol |Ethereum |Contagion | |Angle ran out of liquidity following the Euler exploit due to its collateral mechanism. https://rekt.news/euler-rekt/ |$18.4m | |[https://anglemoney.notion.site/Angle-Protocol-Q-A-Regarding-Euler-Exploit-03af18cbe5e84430b3341b145554492e](https://anglemoney.notion.site/Angle-Protocol-Q-A-Regarding-Euler-Exploit-03af18cbe5e84430b3341b145554492e) | +|06/13/2023 |Atlantis Loans |BSC |Governance exploit |Governance, upgradeable contract |The attacker pushed and voted through a governance proposal granting them control of Atlantis Loans’ token contracts. They then upgraded with their own malicious contracts, allowing them to transfer tokens from any address which still had active approvals to Atlantis contracts. |$1m | |[https://rekt.news/atlantis-loans-rekt/](https://rekt.news/atlantis-loans-rekt/) | +|05/25/2021 |AutoShark |BSC |System design | |Exploiter sent BNB directly to the address used in reward calculations |~$745K |~$745K |[https://rekt.news/autoshark-rekt/](https://rekt.news/autoshark-rekt/) | +|06/22/2022 |Bancor |Ethereum |System design | |Bancor’s v3 design caused a death spiral in BNT’s price. Bancor paused the contract to prevent this |Not stated |Not stated |[https://rekt.news/bancor-lp-rekt/](https://rekt.news/bancor-lp-rekt/) | +|04/18/2022 |Beanstalk |Ethereum |Governance exploit | |A malicious governance proposal was pushed through by a flash loan, and the attacker then voted to transfer all the assets to themself |$181m |$76m |[https://rekt.news/beanstalk-rekt/](https://rekt.news/beanstalk-rekt/) | +|05/16/2021 |bEarnFi |BSC |System design | |bEarnFi’s contract assumed parity between two stablecoins, one of was natively interest-bearing, guaranteeing its price would differ |~$18M |~$18M |[https://rekt.news/bearn-rekt/](https://rekt.news/bearn-rekt/) | +|02/03/2023 |BonqDAO |Polygon |Oracle Manipulation |Insecure oracle |Tellor price updated with 10 TRB. Exploiter updated a Tellor oracle’s ALBT/MATIC price, stakes 0.1 ALBT and mints 100M bEUR, leaving the protocol with bad debt when he set the oracle price, this time lower to liquidate stakers of ALBT |$13m liquidity drained, exploiter netted ~$1.7m |Less than $2M |[https://rekt.news/bonq-rekt/](https://rekt.news/bonq-rekt/) | +|02/14/2022 |Build Finance | |Governance exploit | |The exploiter proposed and honestly voted for a proposal which gave him control over the contract, including the minting function, and assets in the treasury. Token holders were given several days’ notice and encouraged to vote against the proposal. The proposal passed; all of the treasury’s assets were all sold off, and the exploiter minted enough BUILD tokens to drain BUILD-paired pools of other assets |$522k |$470k |https://twitter.com/finance_build/status/1493223190071554049 | +|08/01/2023 |Circle |Ethereum |Vampire exploit | |Tether is actively vampire attacking USDC. Since Tether has a 0.1% redemption fee but Circle has no redemption fee, Tether is buying USDC, redeeming them, and minting more USDT | | |[https://twitter.com/DeFi_Made_Here/status/1687820451463024641](https://twitter.com/DeFi_Made_Here/status/1687820451463024641) | +|11/26/2020 |Compound |Ethereum |Oracle manipulation | |Compound’s dependence on Coinbase as an oracle led to $110m in liquidations. Whether this was foul play or poor system design is unknown |$110M | |[https://rekt.news/coinbase-the-oracle/](https://rekt.news/coinbase-the-oracle/) | +|10/28/2021 |CREAM Finance |Ethereum |Flash loan exploit | |Exploiters manipulated the price of the underlying yUSDVault token using a faulty share price calculation to double the value of their collateral, ultimately draining Cream's lending vaults of about $130 million. |~$130M |~$130M |[https://rekt.news/cream-rekt-2/](https://rekt.news/cream-rekt-2/) | +|10/14/2022 |DAO Maker |Patex |Governance | |Abject failure of governance |$7M and $4M (previous years) | |[https://rekt.news/dao-maker-community-investigates/](https://rekt.news/dao-maker-community-investigates/) | +|03/15/2022 |Deus DAO |Ethereum |Oracle manipulation | |Exploiter tricked the oracle into inflating the price of DEI, which was used as collateral to borrow funds from the protocol |~$3M |~$3M |[https://rekt.news/deus-dao-rekt/](https://rekt.news/deus-dao-rekt/) | +|03/15/2022 |Deus DAO |Ethereum |Oracle manipiulation | |Exploiter gained $3m borrowing DEI with a flashloan and sending it through the Solidex USDC/DEI pool, tanking the price, liquidating DEI borrowers, then repaying the transaction |~$3M |~$3M |[https://rekt.news/deus-dao-rekt/](https://rekt.news/deus-dao-rekt/) | +|04/13/2022 |Elephant Money |BSC |Oracle manipulation | |The attacker used flash loans to manipulate the price of the $ELEPHANT token during the minting process of the project’s stablecoin $TRUNK |$22.2m |$11.2m |[https://rekt.news/elephant-money-rekt/](https://rekt.news/elephant-money-rekt/) | +|04/07/2021 |Fei |Ethereum |System design | |Initial supply shocks from a poorly designed mechanism prompted a death spiral in the half-baked Fei | | |[https://rekt.news/fei-rekt/](https://rekt.news/fei-rekt/) | +|05/09/2022 |Fortress Protocol |BSC |Governance exploit | |A malicious governance proposal was passed which gave exploiter the ability to cheaply liquidate the treasury |$3m |$2.6M in ETH, 400k DAI |[https://rekt.news/fortress-rekt/](https://rekt.news/fortress-rekt/) | +|10/26/2020 |Harvest Finance |Ethereum |System design | |Exploiter took advantage of the minting process of assets in Harvest Finance and drained the protocol of funds |$33.8M |$24M |[https://rekt.eth.link/harvest-finance-rekt/](https://rekt.eth.link/harvest-finance-rekt/) | +|10/15/2021 |Indexed Finance |Ethereum |System design |Liquidity |The exploiter exploited Indexed Finance by using flash loans to manipulate the weights of assets in the DEFI5 and CC10 pools. This allowed him to deposit small amounts of over-weighted SUSHI tokens, minting inflated DEFI5 tokens which were then cashed out for other assets, resulting in a $16 million loss. |~$16M |~$16M |[https://rekt.news/indexed-finance-rekt/](https://rekt.news/indexed-finance-rekt/) | +|04/02/2022 |Inverse Finance |Ethereum |Oracle Manipulation | |The exploiter swapped ETH for INV with low liquidity, changing the price 50x, then deposited $644k worth of INV and borrowed $15.6m against the protocol“one of the most MEV aware hacks I've seen.” - bertcmiller |$15.6m |$15.6m |[https://rekt.news/inverse-finance-rekt/](https://rekt.news/inverse-finance-rekt/) | +|03/05/2023 |Iron Bank/Alpha Homora |Ethereum |Governance/contractual issue | |Iron Bank freezes Alpha Homora token holders’ funds using multisig following Alpha Homora hack, threatening to rug them if not paid back. Maybe not an economic security exploit, but another example of why not to use contracts with upgradeable contracts |$30M of bad debt |None (funds frozen) |[https://rekt.news/iron-alpha/](https://rekt.news/iron-alpha/) | +|06/17/2021 |Iron Finance |BSC & Polygon |System design | |Mechanics of Iron Finance caused a death spiral in the price of its token, $TITAN. Mark Cuban unaffected |From $2B TVL to ~$260M | |[https://rekt.news/iron-finance-rekt/](https://rekt.news/iron-finance-rekt/) | +|05/29/2023 |Jimbo |Arbitrum |System design |System design |Jimbo tried to make a rebalancing stablecoin. The attacker took a flash loan of 10k ETH to buy JIMBO tokens, inflating their price. A rebalance was triggered via the shift() function in the JimboController contract, draining all WETH liquidity and crashing JIMBO's price |$7.5m |Over 4000k ETH (~$7.5M) |[https://rekt.news/jimbo-rekt/](https://rekt.news/jimbo-rekt/) | +|212/12/022 |Lodestar Finance |Arbitrum |Oracle Manipulation |Price manipulation |The attacker manipulated the price oracle of plvGLP collateral using flash loans, allowing them to drain the lending pools. The GLPOracle did not properly account for the impact of a user calling donate() on the GlpDepositor contract |~$6.5M |~$6.5M |[https://rekt.news/lodestar-rekt/](https://rekt.news/lodestar-rekt/) | +|10/12/2022 |Mango Markets |Solana |Oracle manipulation | |Highly profitable trading strategy. Exploiter manipulated the price of the MNGO token, causing $115M of bad debt |$115m |$15m |[https://rekt.news/mango-markets-rekt/](https://rekt.news/mango-markets-rekt/) | +|06/29/2021 |Merlin Labs |BSC |System design | |The logic of reward issuance was such that the exploiter could profitably trick the contract into thinking he deserved rewards |$330K |$330K |[https://rekt.news/merlin3-rekt/](https://rekt.news/merlin3-rekt/) | +|05/26/2021 |Merlin Labs |BSC |System design | |Exploiter sent BNB directly to the address used in reward calculations |~$680K in ETH |~$680K in ETH |[https://rekt.news/merlinlabs-rekt/](https://rekt.news/merlinlabs-rekt/) | +|10/19/2022 |Moola Market |CELO |Price Manipulation |Highly profitable trading strategy |A no-code exploit. Exploiter started with $180k in CELO, used some to borrow the protocol’s governance token, which itself was used as collateral. Then the exploiter pumped MOO with the remaining CELO, which allowed them to borrow the remaining assets on |$8.4M |~$525k (returned majority) |[https://rekt.news/moola-markets-rekt/](https://rekt.news/moola-markets-rekt/) | +|05/20/2021 |Pancake Bunny |BSC |System design | |Exploiter flash loaned and deposited BNB into pools receiving BUNNY rewards, claimed those rewards within the same block, repaid the loan, then dumped the tokens |$45M |$45M |[https://rekt.news/pancakebunny-rekt/](https://rekt.news/pancakebunny-rekt/) | +|11/17/2021 |ParaSwap |Ethereum |Sybil | |A single wallet farmed hundreds of wallets | | |[https://rekt.news/airdrop-hunters/](https://rekt.news/airdrop-hunters/) | +|03/29/2022 |Ronin Network |Bridge Hack |Multisig | |5/9 multisig was compromised. Poor design expecting 5/9 multisig to secure half a billion dollars |~$624M |~$624M |[https://rekt.news/ronin-rekt/](https://rekt.news/ronin-rekt/) | +|06/28/2021 |SafeDollar |Polygon |System design | |The economic exploit in the SafeDollar case involved manipulating the protocol's reward mechanism to claim enormous amounts of SDO tokens. The attacker depleted the PLX balance of the pool and inflated the reward rate, eventually crashing the price of SDO to zero and making off with 202k USDC and 46k USDT |$248K in USDC and USDT |$248K |[https://rekt.news/safedollar-rekt/](https://rekt.news/safedollar-rekt/) | +|05/02/2021 |Spartan Protocol |BSC |Oracle manipulation | |Prices manipulated and assets traded through pools using flash loans for a net gain |$30.5M |$30.5M |[https://rekt.news/spartan-rekt/](https://rekt.news/spartan-rekt/) | +|05/14/2022 |Terra |Terra |System design | |Terra’s poor system design included:- unmitigated risks from the use of endogenous collateral for a stablecoin- fixed yields- hard-coded redemption limits |$2.5b+ | | [https://eatsleepcrypto.com/terra-luna-tokenomic-post-mortem/](https://eatsleepcrypto.com/terra-luna-tokenomic-post-mortem/) | +|05/22/2023 |Tornado Cash |Ethereum |Governance exploit |System design |The attacker took control of the DAO via a trojan horse proposal, gaining control of the TORN governance token and the power to modify the router. They later published another proposal to revert the changes |None (~$275M at risk) |430 ETH (~$750k) |[https://rekt.news/tornado-gov-rekt/](https://rekt.news/tornado-gov-rekt/) | +|11/18/2021 |Uniswap |Ethereum |Externality | |Poor design of Uniswap v3 lead to LPs’ impermanent loss (IL) |Over $260M in impermanent loss | |[https://rekt.news/uniswap-v3-lp-rekt/](https://rekt.news/uniswap-v3-lp-rekt/) | +|05/13/2022 |Venus/Blizz LUNA fallout |BSC |Oracle manipulation | |Oracles on BSC mispriced $LUNA in the chaos of the Terra collapse and enabled protocols dependent on them to be exploited |$13.5M (Venus), $8.3m (Blizz) | |[https://rekt.news/venus-blizz-rekt/](https://rekt.news/venus-blizz-rekt/) | +|12/18/2020 |Warp Finance |Ethereum |Oracle manipulation | |Warp relied on a Uniswap liquidity pool as an oracle. The exploiter traded through the pool, manipulating the price and borrowing against the protocol |~$7.8M |~$7.8M |[https://rekt.news/warp-finance-rekt/](https://rekt.news/warp-finance-rekt/) | +|05/12/2021 |XToken |Ethereum |Oracle manipulation |Price manipulation |Prices manipulated and assets traded through pools using flash loans for a net gain |2.4k ETH ($10.3M), 781k BNT ($6.2M), 407k SNX ($8M) |~$24M |[https://rekt.news/xtoken-rekt/](https://rekt.news/xtoken-rekt/) | +|02/05/2021 |Yearn |Ethereum | | |The Yearn exploit involved arbitrage of the Yearn DAI v1 vault using 9 flash loans. The exploiter executed a series of complex transactions to manipulate the vault and withdraw funds. The exploit was possible because the withdrawal fee had been turned off for vault migration, making it an opportunistic exploit rather than a fundamental flaw in Yearn's economic design |$11m |$2.7m |[https://rekt.news/yearn-rekt/](https://rekt.news/yearn-rekt/) | |Ongoing |ZCash |ZCash |DDoS | |ZCash’s blockchain is growing at a rate most hobbyist miners can’t afford, forcing them off the network and enabling miners with greater scale to take over | | |[https://web3isgoinggreat.com/?id=zcash-continues-to-suffer-from-spam-attack-that-started-months-ago](https://web3isgoinggreat.com/?id=zcash-continues-to-suffer-from-spam-attack-that-started-months-ago) | -|2021/02/03 | Alpha Finance | Ethereum | Inside job | Lack of controls | This was more of a technical exploit than an economic one, although it did involve manipulating debt numbers.The attackers' contract made the Homora code “believe” that their malicious contract was one of their own in order to manipulate internal debt numbers in their system.This was a private battle between protocol and attacker. The exploited contract was not yet announced, nor was it available to users, meaning they were not directly affected. We have not yet seen such a blatant inside job. The contract was made available in the backend as they were preparing to launch sUSD later in the week. | ~$37.5 million | ~$37.5 million | https://rekt.news/alpha-finance-rekt/ | -|2022/07/28 |Nirvana Finance |Solana |Price Manipulation| Flash Loan| Flash loan of 10m was used to mint ANA, inflating the price. This was redeemed against the Nirvana treasury at inflated prices for a profit. |$3.49m |$3.49m| https://rekt.news/nirvana-rekt/ https://twitter.com/0xFA2/status/1552576624121352193 https://www.justice.gov/usao-sdny/pr/former-security-engineer-international-technology-company-pleads-guilty-hacking-two| \ No newline at end of file +|02/03/2021 | Alpha Finance | Ethereum | Inside job | Lack of controls | This was more of a technical exploit than an economic one, although it did involve manipulating debt numbers.The attackers' contract made the Homora code “believe” that their malicious contract was one of their own in order to manipulate internal debt numbers in their system.This was a private battle between protocol and attacker. The exploited contract was not yet announced, nor was it available to users, meaning they were not directly affected. We have not yet seen such a blatant inside job. The contract was made available in the backend as they were preparing to launch sUSD later in the week. | ~$37.5 million | ~$37.5 million | https://rekt.news/alpha-finance-rekt/ | +|07/28/2022 |Nirvana Finance |Solana |Price Manipulation| Flash Loan| Flash loan of 10m was used to mint ANA, inflating the price. This was redeemed against the Nirvana treasury at inflated prices for a profit. |$3.49m |$3.49m| https://rekt.news/nirvana-rekt/ https://twitter.com/0xFA2/status/1552576624121352193 https://www.justice.gov/usao-sdny/pr/former-security-engineer-international-technology-company-pleads-guilty-hacking-two| \ No newline at end of file