Hinkal Privacy Protocol Drain
An attacker drained about $820,000 in USDC from privacy protocol Hinkal — nearly its entire cross-chain TVL — then laundered it via Tornado Cash and THORChain; the root cause is unconfirmed.
Loss
820.0K
USD
An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.
An attacker drained about $820,000 in USDC from privacy protocol Hinkal — nearly its entire cross-chain TVL — then laundered it via Tornado Cash and THORChain; the root cause is unconfirmed.
A counter-MEV honeypot tricked Ethereum's most active sandwich bot, jaredfromsubway.eth, into approving 66 fake-token contracts, draining about $7.5M in WETH, USDC and USDT.
An attacker drained roughly $480K from AFI Protocol's afiUSD vault on Ethereum, swapping DAI to ETH and routing about 150 ETH through Tornado Cash; the root cause was not immediately disclosed.