DeFiHack
7,078 visningar
13 diskuterar
Rekommenderas
Senaste
The $230 Million DeFi Disaster: The Cetus Exchange Hack That No One Saw Coming (Part 7)
1️⃣ The Silent Threat That Took Down Cetus
It was May 22, 2025, and the SUI ecosystem was thriving. Cetus, a decentralized exchange, had built a reputation for fast transactions, deep liquidity, and cutting-edge smart contracts. Investors were pouring money into the platform, confident in its security.
Then, in a single devastating attack, $230 million vanished—drained by an exploit so subtle that even the best auditors missed it.
✔️ No Warning Signs—Unlike typical hacks, there were no suspicious transactions leading up to the breach.
✔️ A Mathematical Overflow Vulnerability—The flaw was hidden in the “checked_shlw” function, allowing an attacker to manipulate parameters and extract billions in liquidity using just one token.
✔️ Billions in Fake Liquidity—The attacker minted liquidity out of thin air, then cashed out, leaving Cetus crippled.
2️⃣ The Aftermath: Panic and Chaos
✔️ Cetus Exchange Collapses—The platform halted trading, freezing all withdrawals.
✔️ Investors Lose Everything—Users who had staked assets on Cetus saw their funds drained overnight.
✔️ DeFi Security in Question—The incident shattered trust in smart contract audits, proving that even minor coding errors can lead to catastrophic losses.
3️⃣ The Hunt for the Hacker
✔️ Blockchain Forensics Activated—Security firms tracked the stolen funds, but the attacker used mixers and privacy tools to cover their tracks.
✔️ No One Knows Who Did It—Unlike previous hacks linked to North Korean Lazarus Group, this attack had no clear fingerprints.
✔️ A New Breed of Exploits?—Experts fear that mathematical overflow vulnerabilities could become the next big threat in DeFi.
4️⃣ Lessons Learned
✔️ Smart Contracts Are Never Fully Secure—Even audited contracts can contain hidden flaws.
✔️ Liquidity Pools Need Better Safeguards—Platforms must implement stricter validation to prevent fake liquidity exploits.
✔️ DeFi Needs a Security Overhaul—Without stronger protections, the next attack could be even bigger.
#DeFiHack #CetusExploit #CryptoSecurity #SUIEcosystem #Write2Earn
It was May 22, 2025, and the SUI ecosystem was thriving. Cetus, a decentralized exchange, had built a reputation for fast transactions, deep liquidity, and cutting-edge smart contracts. Investors were pouring money into the platform, confident in its security.
Then, in a single devastating attack, $230 million vanished—drained by an exploit so subtle that even the best auditors missed it.
✔️ No Warning Signs—Unlike typical hacks, there were no suspicious transactions leading up to the breach.
✔️ A Mathematical Overflow Vulnerability—The flaw was hidden in the “checked_shlw” function, allowing an attacker to manipulate parameters and extract billions in liquidity using just one token.
✔️ Billions in Fake Liquidity—The attacker minted liquidity out of thin air, then cashed out, leaving Cetus crippled.
2️⃣ The Aftermath: Panic and Chaos
✔️ Cetus Exchange Collapses—The platform halted trading, freezing all withdrawals.
✔️ Investors Lose Everything—Users who had staked assets on Cetus saw their funds drained overnight.
✔️ DeFi Security in Question—The incident shattered trust in smart contract audits, proving that even minor coding errors can lead to catastrophic losses.
3️⃣ The Hunt for the Hacker
✔️ Blockchain Forensics Activated—Security firms tracked the stolen funds, but the attacker used mixers and privacy tools to cover their tracks.
✔️ No One Knows Who Did It—Unlike previous hacks linked to North Korean Lazarus Group, this attack had no clear fingerprints.
✔️ A New Breed of Exploits?—Experts fear that mathematical overflow vulnerabilities could become the next big threat in DeFi.
4️⃣ Lessons Learned
✔️ Smart Contracts Are Never Fully Secure—Even audited contracts can contain hidden flaws.
✔️ Liquidity Pools Need Better Safeguards—Platforms must implement stricter validation to prevent fake liquidity exploits.
✔️ DeFi Needs a Security Overhaul—Without stronger protections, the next attack could be even bigger.
#DeFiHack #CetusExploit #CryptoSecurity #SUIEcosystem #Write2Earn
Alex Protocol Hack:
❗️$8.3M Gone! Alex Protocol Hacked on Stacks
🔹 8.4M STX + sBTC + WBTC stolen
🔹 Vulnerability in self-listing logic
🔹 Team promises full reimbursement 💸
🔐 Big test for Bitcoin DeFi security!
#DeFiHack #alexprotocol #Stacks #STX #CryptoAlert
❗️$8.3M Gone! Alex Protocol Hacked on Stacks
🔹 8.4M STX + sBTC + WBTC stolen
🔹 Vulnerability in self-listing logic
🔹 Team promises full reimbursement 💸
🔐 Big test for Bitcoin DeFi security!
#DeFiHack #alexprotocol #Stacks #STX #CryptoAlert
🚨 Очередной взлом в крипте: Layer-2 снова под ударом!
1️⃣ В протоколе Alex Protocol, работающем на Layer-2, была обнаружена уязвимость — хакеры похитили $8.3 млн.
2️⃣ Причина — ошибка в смарт-контракте, позволившая злоумышленникам манипулировать транзакциями.
3️⃣ Layer-2 решения становятся всё более популярными, но безопасность остаётся слабым местом — пользователи рискуют своими активами.
⚠️ Этот инцидент вновь ставит под вопрос доверие к DeFi и быструю интеграцию Layer-2 в Web3-экосистему.
💬 А ты доверяешь Layer-2 проектам? Или предпочитаешь держать активы на L1?
❤️ Ставь лайк, подписывайся и пиши своё мнение в комментариях!
---
#Layer2 #DeFiHack #CryptoSecurity #AlexProtocol #SmartContract
$ARB $OP $ETH
1️⃣ В протоколе Alex Protocol, работающем на Layer-2, была обнаружена уязвимость — хакеры похитили $8.3 млн.
2️⃣ Причина — ошибка в смарт-контракте, позволившая злоумышленникам манипулировать транзакциями.
3️⃣ Layer-2 решения становятся всё более популярными, но безопасность остаётся слабым местом — пользователи рискуют своими активами.
⚠️ Этот инцидент вновь ставит под вопрос доверие к DeFi и быструю интеграцию Layer-2 в Web3-экосистему.
💬 А ты доверяешь Layer-2 проектам? Или предпочитаешь держать активы на L1?
❤️ Ставь лайк, подписывайся и пиши своё мнение в комментариях!
---
#Layer2 #DeFiHack #CryptoSecurity #AlexProtocol #SmartContract
$ARB $OP $ETH
RyanThomas:
again your head, its 2 days ago news..
اختراق Alex Protocol وسرقة 8.37 مليون دولار بسبب ثغرة أمنية
التفاصيل:
• المهاجم استغل ثغرة في إدارة العقد الذكي.
• الخسائر شملت رموز ALEX، sUSDT، وxBTC.
• البروتوكول جمد الأنشطة ويُحقق في الاستعادة.
التحذير:
• دعوات لتعزيز تدقيق العقود الذكية قبل النشر.
#DeFiHack #AlexProtocol #SmartContractFlaw #CryptoSecurity #Exploit
#alexprotocol #exploit
التفاصيل:
• المهاجم استغل ثغرة في إدارة العقد الذكي.
• الخسائر شملت رموز ALEX، sUSDT، وxBTC.
• البروتوكول جمد الأنشطة ويُحقق في الاستعادة.
التحذير:
• دعوات لتعزيز تدقيق العقود الذكية قبل النشر.
#DeFiHack #AlexProtocol #SmartContractFlaw #CryptoSecurity #Exploit
#alexprotocol #exploit
🚨【KiloEx to Hacker: Return Funds, Get 10% Bounty】
On April 15, KiloEx said it has traced key clues with help from law enforcement, CEXs & bridges — and is actively monitoring addresses.
🛑 An offer to the attacker:
⚠️ Return 90% of stolen funds within 72 hours
💰 Keep 10% as a white hat bounty
📢 If agreed, KiloEx will issue a statement of cooperation and drop further action.
The DEX previously lost ~$7.5M in a major exploit.
#KiloEx #DeFiHack #BlockchainSecurity
On April 15, KiloEx said it has traced key clues with help from law enforcement, CEXs & bridges — and is actively monitoring addresses.
🛑 An offer to the attacker:
⚠️ Return 90% of stolen funds within 72 hours
💰 Keep 10% as a white hat bounty
📢 If agreed, KiloEx will issue a statement of cooperation and drop further action.
The DEX previously lost ~$7.5M in a major exploit.
#KiloEx #DeFiHack #BlockchainSecurity
🔓 The $600 Million Poly Network Hack — And the Hacker Who Gave It Back
In August 2021, the decentralized finance (DeFi) protocol Poly Network was hacked for over $600 million in crypto assets — the largest DeFi exploit in history at the time.
🧑💻 The hacker exploited a vulnerability in Poly Network’s smart contracts to drain funds from Ethereum, BNB Chain, and Polygon. The crypto world watched in disbelief as massive transactions appeared on-chain.
🪙 But the twist? Within days, the attacker began returning the funds — bit by bit — claiming they did it “for fun” and to “expose vulnerabilities.”
🎭 The hacker, dubbed “Mr. White Hat,” was even offered a $500,000 bounty and a job by Poly Network (which they refused).
💬 The event raised serious questions about DeFi security, ethics in hacking, and how the community handles gray-hat attackers.
🏷️ #PolyNetwork
#DeFiHack
#WhiteHatHacker
#CryptoSecurity
#Crypto2025
In August 2021, the decentralized finance (DeFi) protocol Poly Network was hacked for over $600 million in crypto assets — the largest DeFi exploit in history at the time.
🧑💻 The hacker exploited a vulnerability in Poly Network’s smart contracts to drain funds from Ethereum, BNB Chain, and Polygon. The crypto world watched in disbelief as massive transactions appeared on-chain.
🪙 But the twist? Within days, the attacker began returning the funds — bit by bit — claiming they did it “for fun” and to “expose vulnerabilities.”
🎭 The hacker, dubbed “Mr. White Hat,” was even offered a $500,000 bounty and a job by Poly Network (which they refused).
💬 The event raised serious questions about DeFi security, ethics in hacking, and how the community handles gray-hat attackers.
🏷️ #PolyNetwork
#DeFiHack
#WhiteHatHacker
#CryptoSecurity
#Crypto2025
Hack de DeFi drena US$ 1 bilhão em maior ataque da história
Um ataque sofisticado a uma plataforma DeFi desconhecida resultou na perda de US$ 1 bilhão em ativos, expondo vulnerabilidades persistentes no setor e gerando pânico generalizado.
#DeFiHack #CryptoSecurity $AVAX
Um ataque sofisticado a uma plataforma DeFi desconhecida resultou na perda de US$ 1 bilhão em ativos, expondo vulnerabilidades persistentes no setor e gerando pânico generalizado.
#DeFiHack #CryptoSecurity $AVAX
KiloEx’s $7.5M Hack: A Wake-Up Call for DeFi Security and Oracle Integrity
How a single vulnerability exposed the critical need for holistic audits and relentless vigilance in decentralized finance.
KiloEx’s recent $7.5 million hack is a stark wake-up call for the DeFi world, underscoring how even multi-chain, audited projects can fall victim to basic security oversights.
The attacker exploited a glaring vulnerability in KiloEx’s price oracle access control essentially walking through an unlocked front door manipulating prices across multiple chains to drain funds with surgical precision.
Despite five audits since mid-2023, including one just last March, the critical flaw lay “out of scope” of those reviews, revealing a troubling gap between audit coverage and real-world security needs.
This exploit highlights that no amount of multi-chain deployment or fancy tech can substitute for rigorous, end-to-end security checks, especially on core components like oracles that feed trading logic.
KiloEx’s response has been swift and transparent they suspended trading immediately, engaged top security firms like SlowMist for a comprehensive 45-day audit, and are collaborating with law enforcement in Hong Kong to trace and recover funds.
Their plan to compensate users based on pre-attack price snapshots aims to restore trust, but the incident raises broader questions about how DeFi protocols balance innovation with security.
For the crypto community, this serves as a critical lesson: security audits must be holistic, covering every contract and interaction vector, not just the obvious ones. Protocols must prioritize access control and oracle integrity above all else because in DeFi’s high-stakes arena, a single weak link can cascade into multi-million dollar losses.
As KiloEx works through its audit and prepares to relaunch, the industry should watch closely. This episode is a vivid reminder that the promise of decentralized finance depends on relentless vigilance, continuous improvement, and the hard-earned wisdom that security is never finished—it’s a journey.
#KiloEx #DeFiHack #OracleExploit
$XRP
$RIF
$SOL
KiloEx’s recent $7.5 million hack is a stark wake-up call for the DeFi world, underscoring how even multi-chain, audited projects can fall victim to basic security oversights.
The attacker exploited a glaring vulnerability in KiloEx’s price oracle access control essentially walking through an unlocked front door manipulating prices across multiple chains to drain funds with surgical precision.
Despite five audits since mid-2023, including one just last March, the critical flaw lay “out of scope” of those reviews, revealing a troubling gap between audit coverage and real-world security needs.
This exploit highlights that no amount of multi-chain deployment or fancy tech can substitute for rigorous, end-to-end security checks, especially on core components like oracles that feed trading logic.
KiloEx’s response has been swift and transparent they suspended trading immediately, engaged top security firms like SlowMist for a comprehensive 45-day audit, and are collaborating with law enforcement in Hong Kong to trace and recover funds.
Their plan to compensate users based on pre-attack price snapshots aims to restore trust, but the incident raises broader questions about how DeFi protocols balance innovation with security.
For the crypto community, this serves as a critical lesson: security audits must be holistic, covering every contract and interaction vector, not just the obvious ones. Protocols must prioritize access control and oracle integrity above all else because in DeFi’s high-stakes arena, a single weak link can cascade into multi-million dollar losses.
As KiloEx works through its audit and prepares to relaunch, the industry should watch closely. This episode is a vivid reminder that the promise of decentralized finance depends on relentless vigilance, continuous improvement, and the hard-earned wisdom that security is never finished—it’s a journey.
#KiloEx #DeFiHack #OracleExploit
$XRP
$RIF
$SOL
KiloEx, a newly launched multi-chain DeFi platform, has been hacked, resulting in a loss of approximately $7 million. The attack began on April 14 and affected BNB Smart Chain, Base, and Taiko. The hacker used Tornado Cash to launder funds and exploited an access control vulnerability in the price oracle system. The KILO token dropped 30%, with market cap falling from $11 million to $7.5 million. KiloEx has suspended operations, is working with investigators, and launched a bounty program to help trace stolen funds and resolve the breach.
#KiloEx #DeFiHack #CrossChainExploit #Web3 #BinanceChain
#KiloEx #DeFiHack #CrossChainExploit #Web3 #BinanceChain
🚨 Infini Hack: $49.5M Stolen, Founder Promises Full Compensation! 🔥
Infini’s founder, Christian, broke the silence on February 24th, addressing the massive $49.5 million hack. 😱💰 The team is actively investigating, tracking the stolen funds, and has resumed user withdrawals. In the worst-case scenario, they promise full compensation to affected users.
🔎 What This Means for the Market:
⚠️ Security Concerns – Will this push DeFi platforms to strengthen security? 🔐
📉 Market Impact – Could this shake investor confidence in similar platforms?
✅ Compensation Plan – Will Infini’s response restore trust?
With hacks on the rise, should crypto projects prioritize security over growth? What’s your take? 💬 Share your thoughts below! 👇
#InfiniHacked #CryptoSecurityAlert #DeFiHack #CryptoNewss #BinanceSquareFamily
Infini’s founder, Christian, broke the silence on February 24th, addressing the massive $49.5 million hack. 😱💰 The team is actively investigating, tracking the stolen funds, and has resumed user withdrawals. In the worst-case scenario, they promise full compensation to affected users.
🔎 What This Means for the Market:
⚠️ Security Concerns – Will this push DeFi platforms to strengthen security? 🔐
📉 Market Impact – Could this shake investor confidence in similar platforms?
✅ Compensation Plan – Will Infini’s response restore trust?
With hacks on the rise, should crypto projects prioritize security over growth? What’s your take? 💬 Share your thoughts below! 👇
#InfiniHacked #CryptoSecurityAlert #DeFiHack #CryptoNewss #BinanceSquareFamily
BREAKING: KiloEx Hit by $7.4M Security Breach! 🚨💸
Another DeFi Hack Rocks the Space
According to Odaily, smart contract platform KiloEx has suffered a massive $7.4 million exploit, affecting assets on BNB Chain and Base.
What Happened?
Hackers breached KiloEx’s contracts, draining funds across multiple chains. The attack highlights yet another case of vulnerabilities in DeFi infrastructure.
Chains Affected:
BNB Chain 🔶
Base 🧊
Key Takeaways:
⚠️ $7.4M stolen
🌐 Multi-chain impact
🔐 Ongoing security concerns in DeFi
No official statement from KiloEx yet, but the crypto community is watching closely.
BNB Price Update:
BNB is currently trading around $587.63 with moderate movement. No major shock (yet), but sentiment could shift if more details surface.
Stay Safe, Fam:
If you're holding funds on smart contract platforms, double-check your exposure and stay updated.
---
DeFi is powerful — but security is everything.
Let’s hope KiloEx can recover and reinforce its systems.
#KiloEx #DeFiHack #CryptoSecurity #BNBChain #BaseChain
Another DeFi Hack Rocks the Space
According to Odaily, smart contract platform KiloEx has suffered a massive $7.4 million exploit, affecting assets on BNB Chain and Base.
What Happened?
Hackers breached KiloEx’s contracts, draining funds across multiple chains. The attack highlights yet another case of vulnerabilities in DeFi infrastructure.
Chains Affected:
BNB Chain 🔶
Base 🧊
Key Takeaways:
⚠️ $7.4M stolen
🌐 Multi-chain impact
🔐 Ongoing security concerns in DeFi
No official statement from KiloEx yet, but the crypto community is watching closely.
BNB Price Update:
BNB is currently trading around $587.63 with moderate movement. No major shock (yet), but sentiment could shift if more details surface.
Stay Safe, Fam:
If you're holding funds on smart contract platforms, double-check your exposure and stay updated.
---
DeFi is powerful — but security is everything.
Let’s hope KiloEx can recover and reinforce its systems.
#KiloEx #DeFiHack #CryptoSecurity #BNBChain #BaseChain
Logga in för att utforska mer innehåll