Summary # On April 28, 2021, Uranium Finance, a BSC-based decentralized exchange, was exploited due to a calculation error bug in its v2 pair contracts, which had been forked from the Uniswap v2 code. The bug allowed an attacker to swap minimum amount of the input token for 98% of the total balance of the output token, leading to massive losses. Uranium Finance had discovered the potential vulnerability but failed to prevent the attack:
...
Summary # In April 2021, Turkey-based cryptocurrency exchange Thodex collapsed in an exit scam, defrauding investors of $2 billion. Thodex’s founder, Faruk Fatih Ozer, fled to Albania with the stolen funds but was later arrested and extradited back to Turkey. In January 2023, Faruk Fatih Ozer and his two siblings were sentenced to 11,196 years in prison each for money laundering, fraud, and organized crime. Thodex’s rapid growth and promises of a safe and secure trading platform concealed its fraudulent intentions.
...
Summary # On April 19, 2021, a hacker stole $81 million worth of cryptocurrency from EasyFi, a decentralized finance platform. The hacker introduced a malicious version of MetaMask into the computer and stole the private key.
Attackers # The identity of the hackers who attacked EasyFi is unknown.
Hacker ETH Wallet:
0x83a2EB63B6Cc296529468Afa85DbDe4A469d8B37 Losses # EasyFi estimated the losses from the hack to be $81 million. The stolen assets included:
...
Summary # On June 23, 2021, Africrypt, a centralized platform claiming to connect banks, payment providers, and digital asset providers for seamless global money transfers, was reportedly compromised. Ameer and Raees Cajee, the exchange’s founders, were reported missing after alleging that almost $3.6 billion invested in the protocol was stolen in a “hack”. Africrypt staff lost access to the exchange’s back-end systems seven days before the claimed attack. Subsequent investigations found that most of the bitcoin invested with the exchange had been withdrawn and moved through tumblers and mixers, making it harder to track.
...
Summary # On February 13, 2021, Alpha Finance, a DeFi project, suffered a hack that resulted in a $37.5 million loss. The attacker exploited a rounding error in the repayment process, accumulating a substantial amount of cySUSD. They used this to obtain loans in different assets and distributed the stolen Ether. Iron Bank responded by modifying the smart contract configuration, freezing funds and preventing lenders on Alpha Homora from withdrawing their liquidity.
...
Summary # On December 21, 2020, the attackers gained unauthorized access to the EXMO exchange’s hot wallets. Through these security weaknesses, they managed to execute malicious transactions, resulting in the theft of a substantial amount of cryptocurrency.
Attackers # The identities of the attackers remain undisclosed. The following addresses were involved:
1A4PXZE5j8v7UuapYckq6fSegmY5i8uUyq 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce qrfrw5q9gag2vp6jc5nlx0haplm2jlhx9vsvxd9u3e t1StUQiw1YyHT515xDxwxjfhEcw2iGSq2yL rwU8rAiE2eyEPz3sikfbHuqCuiAtdXqa2v Destination Tag: 2033412069 0x4d9EF6846126Da2867AF503448be0508542C971e Losses # The EXMO security breach resulted in the theft of around $10.
...
Summary # On September 26, 2020, KuCoin, a Singapore-based cryptocurrency exchange, experienced a significant security breach, resulting in the theft of approximately $281 million worth of cryptocurrencies. The hackers obtained the private keys to the exchange’s hot wallets. The hackers sold the stolen cryptocurrency from their addresses on decentralized exchanges and anonymized the stolen cryptocurrencies through the mixing services. The incident caused a temporary drop in the price of KuCoin’s exchange token KCS by 14%, to $0.
...
Summary # Eterbase, a European cryptocurrency exchange, based in Slovakia, suffered a significant security breach on September 7, 2020. Multiple hot wallets were compromised, including in Bitcoin, Ethereum, Tron, Tezos, Algorand and Ripple chains, leading to the theft of approximately $5,400,000 in various cryptocurrencies. The stolen funds were moved to different addresses and subsequently withdrawn to centralized exchanges like Binance, Huobi, and HitBTC.
Attackers # The identity of the attackers remains unknown.
...
Summary # In August 2020, 2gether, a European cryptocurrency platform, was hacked, resulting in the loss of €1.183 million worth of cryptocurrencies. A combination of poor security practices and system vulnerabilities allowed the attackers to access user funds, causing significant damage to the platform’s reputation and customer trust.
Attackers # The attackers behind the 2gether hack remain unidentified.
Losses # 2gether lost €1.183 million worth of cryptocurrencies, which included various types of crypto assets.
...
Summary # Ethereum Classic, a well-known cryptocurrency, experienced a series of three 51% attacks in August 2020. The attackers reorganized over 14,000 blocks and managed to double-spend ETC coins.
Attackers # The identity of the attackers behind the Ethereum Classic 51% attack remains unknown.
Losses # During the Ethereum Classic 51% attack, it was reported that the attackers took home more than $9 million in double spend transactions. This loss was borne by crypto exchange OKEx; platform users did not endure any loss due to OKEx’s user-protection policy.
...