SecondFi Wallet Key-Generation Exploit
A predictable-randomness flaw in SecondFi's Cardano wallet-generation software let attackers drain about $2.4M in ADA from 178 wallets, with up to $20M more potentially at risk.
An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.
A predictable-randomness flaw in SecondFi's Cardano wallet-generation software let attackers drain about $2.4M in ADA from 178 wallets, with up to $20M more potentially at risk.
A compromised Humanity Foundation key let an attacker drain wallets and mint 100M H tokens on BNB Chain, netting about $32M and crashing $H nearly 90%.
An attacker with control of privileged minting rights created 99 million TSR tokens on BNB Chain and dumped them for roughly $2.5 million, crashing the token nearly 99%.
An attacker controlling a legacy DxSale liquidity-locker contract on BNB Chain drained roughly $7.3 million of BNB from more than 1,400 locked pools, amid strong suspicions of insider involvement.
An attacker minted 1,000 unbacked eBTC (~$76.7M nominal) on Echo Protocol via an admin-key compromise, used it as Curvance collateral, and extracted ~$821K through Tornado Cash before containment.
~$10.8M drained from THORChain Asgard vaults across nine chains via a suspected GG20 threshold-signature flaw exploited by a malicious node operator.
Wasabi Protocol's perp vaults across Ethereum, Base, Berachain and Blast lost $5M when a compromised deployer EOA with sole ADMIN_ROLE allowed UUPS upgrades.
Volo Protocol's Sui vaults lost $3.5M after social engineering compromised the admin key. The team froze $500K in 30 minutes and blocked a $2.1M WBTC bridge.
Resolv Labs lost $25M after attackers compromised its AWS KMS keys; a $100K USDC deposit minted 50M USR and depegged the stablecoin 74% in 17 minutes.
Step Finance lost 261,854 SOL ($27M) from treasury and fee wallets to a 'sophisticated' actor. STEP fell 96%; Step, SolanaFloor and Remora all shut down.