Smart Contract Bug attacks on Ethereum

Solv Protocol's BRO vault lost $2.73M when an ERC-3525 double-mint bug let the attacker turn 135 BRO into ~567M BRO over 22 deposits, then swap for 38 SolvBTC.

SagaEVM lost $7M in 11 minutes when an Ethermint bug let crafted messages bypass validation, minting Saga Dollar (D) without collateral and bridging to ETH.

Truebit lost $26.4M when an integer overflow in TRU's five-year-old bonding-curve contract let the attacker mint TRU near-free and sell back for 8,500 ETH.

An oracle upgrade created an 18-vs-8 decimal precision mismatch in Aevo's legacy Ribbon DOV vaults, draining $2.7M. Aevo shut down vaults hours later.

USPD, a newer decentralized stablecoin, lost ~$1M via a mint/collateral flaw that allowed minting against insufficient backing, briefly depegging the token.

Yearn's yETH StableSwap pool minted 235 septillion yETH from a 16-wei deposit after a liquidity removal reset supply to zero but left cached virtual balances.

Access-control oversight and rounding error in Balancer v2's invariant logic drained ~$120M across stable pools, the largest DeFi exploit of 2025.

Rounding error in Bunni DEX's withdraw function drained $8.4M on Ethereum and Unichain after devs misjudged how idle balances would move. Protocol shut down.

$9.8M drained from Resupply in under 90 minutes when a $4,000 flash loan exploited a 2-hour-old wstUSR vault via an ERC-4626 donation attack.

Attacker drained $12M (3,761 wstETH) from Cork Protocol by creating a market referencing another's DS, bypassing auth via a malicious Uniswap v4 hook.

Overflow-guard flaw in Sui's largest DEX let an attacker inject a tiny liquidity position that read as gigantic, draining $223M before validators intervened.

$355K (entire TVL) drained from leveraged-trading protocol SIR.trading via transient-storage misuse that spoofed the uniswapV3SwapCallback caller check.

A legacy Fusion v1 resolver bug let an attacker craft calldata to drain $5M from 1inch resolver TrustedVolumes. Core protocol and user funds were unaffected.

The Idols NFT lost ~$324K when a staking-rewards accounting flaw let an attacker repeatedly claim weighted rewards far beyond entitlement, draining the pool.

$11.6M drained from users who granted infinite approvals to LI.FI; a freshly deployed facet skipped a validation, letting any caller invoke arbitrary contracts.

A flaw in Holograph's operator contract let an attacker mint 1 billion HLG tokens, worth $14.4M nominal at first mint. HLG dropped 80% within nine hours.

$1.9M drained from Pike Finance after uninitialized upgradeable contracts let an attacker seize ownership and drain CCIP-bridged assets.

Hedgey Finance vesting lost $44.7M when missing parameter validation let the attacker craft campaigns whose claimLockup callback approved arbitrary transfers.

$2.1M drained from Unizen's DEX aggregator via an unsafe external-call vulnerability in a recent upgrade that hit users with token approvals.

$6.4M drained from Seneca users via unlimited approvals to its Chamber contract, which had no pause function. Attacker returned 80% for a 20% bounty.

$3.3M drained from Socket/Bungee bridge aggregator users via an unvalidated SocketGateway route that called transferFrom on infinite-approval wallets.

$54.7M drained from KyberSwap Elastic after a rounding error in concentrated-liquidity math let an attacker trick pools into recognising double the liquidity.

$3.3M of R stablecoin minted via a rounding/share-mint bug in Raft's collateral logic, but the attacker botched cash-out, burning ~1,570 ETH. R depegged.

$640K drained from Unibot users via a token-approval bug in the Telegram trading bot's new router contract. Unibot reimbursed affected users.

DEUS DAO's third incident drained $6.5M across BNB, Arbitrum and Ethereum via a flaw in DEI's burnFrom/approval logic that let attackers abuse allowances.

A misconfigured legacy Yearn iEarn contract pointing at the wrong Fulcrum token minted 1.2Q yUSDT and drained $11M from Aave v1 before anyone noticed.

A missing access check in Sushi's RouteProcessor2 router let bots drain $3.3M in WETH from users with token approvals before a white-hat rescue.

A missing health check on Euler's donateToReserves function let an attacker create a self-liquidatable position and walk away with $197M — most of it returned.

Dexible users lost $2M after selfSwap made arbitrary external calls with user-supplied data, letting the attacker transferFrom any wallet that had approved it.

Team Finance lost $15.8M in a Uniswap v2-to-v3 migration: locked tokens moved to a skewed v3 pair and refunded as 'leftover' for $2,700 in gas. $7M returned.

$2.3M drained from TempleDAO's StaxLPStaking after migrateStake() failed to validate the caller, letting anyone migrate another staker's full position.

Transit Swap users with infinite approvals lost $21M when claimTokens failed to validate which token to call transferFrom on. 70% returned after on-chain talks.

Saddle's sUSDv2 metapool lost $11.9M when a known MetaSwapUtils bug was redeployed by mistake; BlockSec's bots front-ran $3.97M to safety, cutting the net loss.

A reward-distribution accounting flaw in Bent Finance let one address claim ~$1.7M in rewards far beyond its entitlement before the bug was caught and paused.

$31M drained from MonoX's single-token pools after the attacker swapped a token with itself, pumping MONO in the protocol's own oracle until pools emptied.

A bug in Compound's Proposal 62 governance upgrade paid out up to $147M of unintended COMP rewards. Most was returned voluntarily; a portion was kept by users.

An unprotected init() function in DAO Maker's vesting contracts let an attacker seize ownership and call emergencyExit, draining $4M across multiple user pools.

Cross-chain manager contract bug allowed an attacker to swap the keeper public key and withdraw $611M from three chains — eventually returned in full.

$9M drained from Punk Protocol minutes after launch via a delegatecall to Initialize setting the attacker as forge address; $5M recovered by white-hats.

A deployment script bug created phantom Alchemix vaults that misdirected $6.5M in rewards to pay off users' debts. The team froze minting within 15 minutes.

DODO's V2 Crowdpools lost $3.8M after the attacker re-called init() with a fake token; the pools had no re-initialization guard. MEV bots front-ran ~$1.9M.

Furucombo users lost $14M after the attacker tricked the proxy into delegatecalling a malicious 'Aave v2 implementation' that swept every approved balance.

Saddle Finance lost ~$276K within an hour of launch when a flawed stableswap let arbitrageurs swap at badly mispriced rates, draining LP value day one.

A Solidity storage/memory bug in Cover's Blacksmith contract minted 40 quintillion COVER, crashing price from $700 to under $5. A white-hat returned all funds.

$19.76M DAI drained from Pickle Finance after the attacker created two fake 'Jar' contracts and exploited a missing whitelist check in swapExactJarForJar.

Two incidents four months apart: a public initWallet flaw drained $30M, then a user 'accidentally' suicided the library, freezing $150M+ across 151 multi-sigs.