Summary # In December 2021, Vulcan Forged, a well-known play-to-earn cryptocurrency operating on the Polygon Network, faced a devastating exploit involving the theft of $140 million. As outlined in the post-mortem report released by the developers, the attacker managed to employ social engineering tactics to compromise the credentials of user wallets, thereby gaining access to private keys. Consequently, the hacker succeeded in withdrawing 4.5 million Vulcan Forged tokens (PYR), which, at that time, held a value exceeding $140,000,000.
...
Summary # On March 24, 2019, DragonEx, a Singapore-based cryptocurrency exchange, was hacked for $7 million. The attacker gained access to one of the exchange’s hot wallets, which are used to store user funds that are available for withdrawal.
Attackers # Attackers associated with Lazarus Group gained access through a sophisticated phishing attack. More about Lazarus
ETH
DragonEx Hacker wallet: 0xa7f72Bf63EDeCa25636F0B13Ec5135296ca2eBb2 Losses # The attackers managed to steal a total of $7 million:
...
Summary # In January 2015, LocalBitcoins, a peer-to-peer Bitcoin trading platform, experienced a security breach that resulted in the theft of 17 BTC (approximately $3,850 at the time). The breach was caused by a vulnerability in the platform’s forum software, which allowed the attacker to gain access to user accounts. LocalBitcoins quickly responded to the incident by disabling the forum and reimbursing affected users.
Attackers # The identity of the attacker remains unknown.
...
Summary # During the events that unfolded between November 2014 and February 2015, an unknown attacker targeted Bitstamp employees through phishing messages and exploiting compromised accounts to steal the hot wallet file. During the attack, 18,866 BTC ($6.7 million adjusted for inflation) were stolen. Bitstamp suspended trading, notified customers, and eventually compensated them for their losses. The security failure stemmed from employees falling prey to social engineering attacks and distributing malware-laden files.
...