Quick Summary: On April 27, 2025, a hacker stole 3,520 BTC (~$330.7M) from a victim’s wallet, using social engineering to exploit vulnerabilities. The stolen funds were swapped into Monero (XMR), triggering a 50% price spike in XMR.

Details of the Exploit: The attack involved moving stolen BTC to address bc1qcrypchnrdx87jnal5e5m849fw460t4gk7vz55g, from where it was laundered via six instant exchanges. The increased demand for Monero resulted in a sharp price surge. Analysts pointed to social engineering as the likely attack vector. The incident also raised concerns about security practices and market volatility.

Quick Summary: On April 26, 2025, Loopscale, a Solana-based DeFi lending protocol, was exploited for $5.8M due to an oracle manipulation bug. The hacker exploited the system’s loan functions, draining USDC and SOL vaults.

Details of the Exploit: Attackers exploited a vulnerability in Loopscale’s RateX PT token pricing, allowing them to take out undercollateralized loans. This drained ~5.7M USDC and 1,200 SOL from the vaults, affecting 12% of the protocol’s TVL. Loopscale paused operations and negotiated a 10% bounty with the attacker, who agreed to return 90% of the funds. This exploit highlights ongoing risks with oracle manipulation in DeFi protocols.

Quick Summary: A compromised admin wallet quietly swept $5 million in unclaimed ZK tokens, shaving 20 % off the price before an on-chain ultimatum forced their return.

Details of the Exploit: Using the airdrop contract’s sweepUnclaimed() function, the attacker minted an extra 0.45 % of supply, then off-loaded tokens across DEXs. ZKsync offered a 10 % white-hat bounty and threatened litigation; funds were sent back on 23 April, closing the affair with unusually swift restitution.

Block Data:

• Transaction

Quick Summary: A gap in KiloEx’s access-control let an attacker spoof oracle prices, flip a leveraged long and walk away with $7 million.

Details of the Exploit: The intruder routed calls through the MinimalForwarder contract, injecting a forged signature that cascaded unchecked to the price-feed. First the oracle was slammed lower to open positions cheaply; minutes later it was pumped to close them at a premium. Funds ­originated from 0x00fac9…bcbd and have since been bridged to BNB Chain via Polyhedra. Trading remains halted while a full post-mortem and bounty programme are prepared.

Quick Summary: OM nosedived 90 %, erasing $5.5 bn in value in what looks less like code failure and more like a choreographed insider dump.

Details of the Exploit: Chain data shows 43 m OM funnelled to exchanges in the week before the plunge, including a single 14 m transfer. Mantra’s team blamed “reckless liquidations” by CEX desks, but unlocked-token movements and revamped emissions tell a different story. Market-cap carnage drew Terra-era comparisons and fresh scrutiny of token-unlock calendars.

Quick Summary: A hijacked ProxyAdmin contract let a thief lift 18.4 m UPC—worth roughly $70 m—in a single stroke.

Details of the Exploit: With admin keys in hand, the attacker upgraded the proxy to embed withdrawByAdmin, draining three treasury wallets to 0xFf7…334. Funds remain dormant, suggesting either negotiations or a very public game of chicken. UPCX paused transfers but insists user balances are ring-fenced.

Quick Summary: A bookkeeping glitch let an attacker self-liquidate, re-borrow and drain $13 m, before hopping from Arbitrum to Ethereum and into Tornado Cash.

Details of the Exploit: A failed GMX deposit stranded collateral in OrderAgent. The exploiter then triggered liquidation that wiped the debt record but not the collateral, recycling it for fresh loans until 6,260 ETH was gone. Abracadabra has dangled a 20 % bounty; GMX code was untouched.

Block Data:

• Exploit TX
• Exploiter Address

Quick Summary: An attacker with leaked admin rights hot-swapped Zoth’s logic contract, draining $8.32 m before anyone noticed.

Details of the Exploit: After funding from 0x3b33c5…, the perpetrator pointed the proxy at a malicious implementation, withdrew funds, and routed them through 0x7b0cd0…. Evidence points to key compromise rather than on-chain bug—an all-too-familiar tale of access-control failure.

Quick Summary: A re-entrancy loop in fillOrderInteraction() let thieves siphon $1.2 m USDC and 638 ETH.

Details of the Exploit: Because the function echoed back user-supplied takingAmount, attackers could recursively gain fresh approvals each call. Chained via fillOrderTo() in the Aggregation Router, the loop drained balances well beyond any bona-fide order size.

Block Data:

• Exploit TX

Quick Summary: Mask Network’s founder lost $4 m after his phone—and, seemingly, his keys—went walkabout at a birthday party.

Details of the Exploit: Cyvers flagged the drain of 113 ETH, 923 WETH and a grab-bag of liquid-staked assets. The loot was atomised across six wallets (one ending …df7). Yan suspects an offline compromise of his handset; SlowMist, ZachXBT and police are on the case.

Quick Summary: A developer-held backdoor let $50 m USDC slip out of Infini’s coffers and into Tornado-funded wallets.

Details of the Exploit: Retained admin privileges nullified Infini’s defences. The thief routed USDC to DAI, then into 17,696 ETH at 0xfcc8…6e49. CEO Christian Li vowed reimbursement, but the timing—three days after the Bybit mega-breach—deepened jitters over internal controls.

Block Data:

• Exploiter Wallet

Quick Summary: A phished multisig transaction bled 401,346 ETH—roughly $1.4 bn—from one of Bybit’s cold wallets.

Details of the Exploit: The UI showed a familiar Safe address; behind the curtain, contract permissions were rewritten to hand the attacker the keys. ETH, mETH and stETH were swept out, swapped and scattered across fresh wallets. ZachXBT rang the alarm; Bybit says the damage is ring-fenced to a single vault and withdrawals continue.

Block Data:

• Withdraw TX

Quick Summary: The LIBRA memecoin—championed on X by Argentina’s president—went from $4.4 bn cap to ashes, saddling 74 k traders with $286 m in paper losses.

Details of the Exploit: Insiders pre-mined and pre-pumped, then rugged. Leaked chats tie Hayden Davis and Kelsier Ventures to earlier scams (MELANIA, OG FUN) and suggest leverage over President Milei. Dave Portnoy’s $5 m hit, later mysteriously reimbursed, stoked talk of hush payouts. Argentina’s equity market slid 6 %; Congress whispers impeachment.

Quick Summary: zkLend suffered a $9.5M exploit on Starknet when an attacker attempted to launder funds via Railgun.

Details of the Exploit: An unknown attacker moved stolen assets from zkLend to Ethereum through Railgun – a privacy protocol that unexpectedly reversed the laundering attempt. zkLend then offered a whitehat bounty allowing the attacker to retain 10% if approximately 3,300 ETH (valued at ~$8.6M) were returned by the deadline. This case highlights the compliance benefits of Railgun over other anonymizing mixers.

Block Data:

• zkLend Ethereum Return Address
• Hacker Railgun Deposit
• Railgun Returns Deposit

Quick Summary: DogWifTools was exploited for $10M, draining multiple wallet types.

Details of the Exploit: Malicious actors infiltrated users’ devices and drained hot, hardware, and centralized exchange wallets by exploiting a reversed GitHub token extraction method. Experts warn this breach exposes deep systemic vulnerabilities.

Quick Summary: Phemex lost $37M amid multi-chain wallet breaches.

Details of the Exploit: Attackers targeted hot wallets on Ethereum, BNB, Polygon, Arbitrum, Base, and Optimism. Suspicious stablecoin transactions were rapidly converted to ETH and laundered via mixers, prompting emergency protocols.

Quick Summary: $29M in SUI tokens were stolen and laundered via Tornado Cash.

Details of the Exploit: Around 6.27M SUI tokens were illicitly moved from the Sui network to Ethereum and then laundered, complicating traceability despite significant user growth.

Quick Summary: Gifto minted 1.2B extra tokens, triggering an $8.6M dump.

Details of the Exploit: Following Binance’s delisting notice, massive on-chain minting flooded exchanges. The oversupply crashed the token’s value, drawing sharp criticism for exploiting the grace period.

Quick Summary: Radiant Capital lost over $58M in a cyberattack.

Details of the Exploit: Attackers obtained three private keys and drained funds across BSC and Arbitrum. This breach exposed critical weaknesses in multi-signature wallet security and spurred immediate system upgrades.

Block Data Reference:

• Arbitrum Exploiter Address
• BSC Exploiter Address

Quick Summary: A phishing scam cost $2.47M in sDAI.

Details of the Exploit: A user unwittingly signed a fraudulent permit transaction, granting an attacker control over their sDAI wallet via temporary CREATE2 addresses.

Quick Summary: A $130K loss hit an Arbitrum lender via oracle manipulation.

Details of the Exploit: The attacker manipulated the UniswapV3Pool price feed to inflate WETH-USDC LP token values, enabling excessive withdrawals from the protocol.

Block Data Reference:

• Transaction Hash

Quick Summary: FireToken was exploited 24 seconds post-launch for $24K.

Details of the Exploit: A flaw in the token-burning mechanism reduced circulating supply without affecting ETH reserves, allowing an attacker to profit from subsequent price manipulation in the liquidity pool.

Block Data Reference:

• Exploit Transaction

Quick Summary: Bedrock lost $2M by targeting its synthetic Bitcoin token, uniBTC.

Details of the Exploit: Attackers exploited a flaw in the staking mechanism for uniBTC, draining $2M from liquidity pools while core BTC reserves remained intact. A post-mortem and reimbursement plan are underway.

Block Data Reference:

• Exploiter Address
• Exploit Transaction

Quick Summary: uniBTC’s minting flaw led to a $1.7M loss.

Details of the Exploit: An infinite minting vulnerability enabled the attacker to generate unlimited tokens, dump them on the market, and significantly devalue uniBTC.

Block Data:

• Exploit Reference

Quick Summary: Onyx lost $4M via a liquidation flaw.

Details of the Exploit: The attacker exploited a vulnerability in the liquidation logic, allowing them to force unfavorable liquidations and siphon off $4M from the protocol.

Block Data:

• Exploit Reference

Quick Summary: Truflation lost $5M after a malware breach.

Details of the Exploit: Malware infiltrated the infrastructure and compromised a critical private key, enabling attackers to drain $5M from the platform.

Block Data:

• Exploit Reference

Quick Summary: Shezmu’s flaw dumped tokens for a $4.9M loss.

Details of the Exploit: A minting logic vulnerability allowed unlimited token creation, which were rapidly sold off—crashing the token’s value and causing severe financial damage.

Block Data:

• Exploit Reference

Quick Summary: BingX lost $52M through multi-chain wallet breaches.

Details of the Exploit: Vulnerabilities in 15 hot wallets across Ethereum, BSC, Base, Optimism, Polygon, Arbitrum, and Avalanche allowed unauthorized transfers. Emergency protocols were enacted and assets secured in cold storage.

Block Data:

• Hacker Wallet Address
• BingX Wallet Maintenance Notice

Quick Summary: DeltaPrime lost $6M via a key compromise.

Details of the Exploit: The admin’s lost private key allowed attackers to maliciously upgrade contracts and drain liquidity pools on Arbitrum. Stolen USDC was swapped to ETH, emphasizing the need for enhanced key security.

Block Data:

• Suspicious Address: 0x0ef5a5130c795dba28e6b2cbfda05cf1ef81cc54

Quick Summary: Indodax lost $22M through multi-chain wallet breaches.

Details of the Exploit: Hackers exploited vulnerabilities in hot wallets across Bitcoin, Ethereum, and Tron using Tornado Cash to obfuscate transfers, draining a total of $22M and exposing critical flaws in the withdrawal system.

Block Data:

• Bitcoin: bc1q5uqpn0ha5llrvhcvkq3nfalp8fj7qe3rydcvmf
• Tron: TBooefeY6FvGuyKfvp5yE1HmzhzvXnvA1P
• Ethereum: 0xb0a2e43d3e0dc4c71346a71484ac6a2627bbcbed
• Polygon: 0x90fffbc09e9a5f6d035e92d25d67e244ef5e904f
• Optimism: 0x3b8f1131a20e131c195bda6fdd6e9be38935eb6d

Quick Summary: A flash loan attack drained $1.4M from CUT.

Details of the Exploit: Exploiting a yield flaw via a PancakeSwap flash loan, the attacker manipulated the CUT-BUSD pair to drain $1.4M from the liquidity pool.

Block Data:

• Exploiter Address

Quick Summary: Penpie lost over $27M via reentrancy.

Details of the Exploit: A reentrancy flaw enabled attackers to generate fraudulent yield tokens and siphon funds through multiple transactions, draining over $27M from the protocol.

Block Data:

• Exploiter 1
• Exploiter 4

Quick Summary: Aave lost $56K via an unchecked allowance flaw.

Details of the Exploit: A flaw in the _buyOnParaSwap function allowed unauthorized transfers by exploiting unchecked token allowances, draining $56K from the collateral adapter.

Block Data:

• Exploiter
• Transaction

Quick Summary: A phishing scam cost $55M in DAI.

Details of the Exploit: A user unwittingly signed a fraudulent permit transaction, granting an attacker control over their proxy, draining $55M in DAI from the account.

Quick Summary: Vow lost $1.2M due to a conversion flaw.

Details of the Exploit: A smart contract bug enabled attackers to create valueless tokens and convert them into real assets by manipulating the burn rate, causing a $1,200,000 loss.

Block Data:

• Exploiter Address

Quick Summary: Nexera lost $449K via unauthorized access.

Details of the Exploit: Attackers exploited compromised security credentials to gain control of Nexera’s smart contracts and transfer NXRA tokens, resulting in a $449K loss.

Block Data:

• Exploiter

Quick Summary: Ronin lost $12M via a bridge vulnerability.

Details of the Exploit: An uninitialized variable in the updated Ronin bridge contract enabled unauthorized withdrawals of ETH and USDC totaling $12M.

Block Data:

• Exploit Transaction

Quick Summary: Convergence lost $210K via a liquidity pool exploit.

Details of the Exploit: A vulnerability in the reward distribution contract allowed an attacker to claim excessive rewards and drain $210K from liquidity pools.

Block Data:

• Exploiter

Quick Summary: Terra lost $6.5M via an oracle manipulation attack.

Details of the Exploit: An attacker manipulated Terra’s oracle price feeds, triggering massive liquidations that resulted in a $6.5M asset loss and exposed critical flaws in the pricing mechanism.

Block Data:

• Exploit Transaction