Every major crypto hack, documented & tracked
Transparent tracking of every major crypto hack since 2010. Full laundering analysis, on-chain flow narratives, and real sources.
Total Hacks Since 2010
175
Total Value Stolen
$13.71B
Hacks This Year
95
Avg Hack Size
$78.4M
Market Overview
Interactive data visualizations across the full hack dataset
Hacks per Year
Stolen Value by Chain
- Ethereum
- Solana
- Bitcoin
- BSC
- Ronin
- NEM
- Litecoin
- Sui
Cumulative Value Stolen Over Time
Recent Incidents
Latest reported hacks, sorted by date
StablR Euro
Ethereum$2.8M
Attacker compromised a 1-of-3 multisig signer key for StablR's minting contract, minted 8.35M unbacked USDR and 4.5M EURR, and dumped them on DEXes for ~1,115 ETH, realizing ~$2.8M profit.
Bonzo Lend
Hedera$9.1M
Attacker exploited a flaw in Supra's oracle verifier (treated a zeroed BLS signature as valid), submitted a forged price update inflating SAUCE token value by ~12 orders of magnitude, deposited 250 SAUCE as collateral, and borrowed millions from Bonzo Lend.
Hedera Network
Hedera$5.3M
Suspected exploit on Hedera network moved ~$5.25M in assets from Hedera to Ethereum via the LayerZero bridge; Hedera has not officially confirmed.
Ethereum Phishing (Uniswap Permit2)
Ethereum$1.0M
Trader lost ~$1M (999,999 USDT) after signing a malicious Uniswap Permit2 phishing message that granted attackers full wallet access; no protocol was hacked — a single bad signature caused the loss.
Injective npm SDK Backdoor
Injective$0
Attackers compromised a trusted maintainer's account and pushed a wallet-stealing backdoor into @injectivelabs/sdk-ts v1.20.21 on npm, exfiltrating BIP-39 seed phrases and private keys.
StakeDAO
Arbitrum$91K
Attacker exploited a compromised StakeDAO deployer private key on Arbitrum, reconfigured the LayerZero v2 OFT peer setting on the vsdCRV contract to redirect to a malicious contract, and forged a cross-chain message triggering a massive unauthorized mint of 5.446 trillion vsdCRV tokens.
BonkDAO
Solana$20.0M
Attacker acquired >99% voting power by buying BONK tokens, submitted BIP #76 to transfer the entire treasury to their wallet, and the proposal executed automatically with a 1% quorum threshold.
Summer.fi (Lazy Summer Protocol)
Ethereum$6.0M
Attacker manipulated FleetCommander.totalAssets() by donating stale-priced Silo Varlamore USDC Growth vault tokens into an Ark still counted in NAV, using a $65.4M flash loan to net ~$6.04M in DAI in a single atomic transaction.
Landmark Incidents
The most consequential hacks in crypto history — full laundering analysis inside
Bybit
Ethereum$1.40B
The largest crypto exchange hack in history — $1.4B siphoned from Bybit's Ethereum cold wallet via a compromised Safe multisig UI, orchestrated by North Korea's Lazarus Group.
Ronin Network
Ronin$625.0M
$625M drained from the Ronin Bridge by Lazarus Group after compromising five of nine validator private keys through a fake job offer social engineering campaign.
Poly Network
Multichain$611.0M
A cross-chain protocol exploit allowed an attacker to steal $611M across Ethereum, BSC and Polygon. Remarkably, the hacker returned nearly all funds within days.
Wormhole
Solana$325.0M
$325M exploited from Wormhole's Solana-Ethereum bridge by forging a signature verification bypass, allowing the attacker to mint 120,000 wETH from thin air.
Explore the full dataset
Filter by chain, technique, amount, and status. Every hack includes a full laundering analysis with on-chain flow narratives.