Most Expensive Crypto Hacks Leaderboard

The biggest Web3 and DeFi exploits ranked by amount lost. Track high-impact incidents, study attack patterns, and learn how security failures scale into multi-million dollar losses.

  • $101B+

    Total Value Lost

  • 3299

    Incidents Tracked

  • 74

    Chains Affected

  • 80

    $100M+ Incidents

Top 10 Biggest Hacks

Jump to full leaderboard
  1. 🥈

    Mantra

    $5.50B

  2. #4

    LuBian

    $3.50B

    bitcoin

  3. #8

    Thodex

    $2.00B

  4. #10

    Finiko

    $1.50B

Where the Largest Losses Concentrate

Top Chains by Losses

  • ethereum $8,051M
  • bitcoin $4,415M
  • bsc $2,657M
  • solana $1,605M
  • polygon $1,512M

Top Techniques by Losses

  • Other $61,553M
  • Rugpull $15,684M
  • Access Control $4,030M
  • Private Key Compromised (Brute Force) $3,500M
  • Safe Multisig wallet Phishing Exploit / Access Control $1,635M

Full Leaderboard

Showing 351–400 of 3299 ranked incidents

Largest Web3 incidents by USD amount lost
Rank Project Amount Lost Date Chain Technique Attack Guide Source
351 Multichain $7.9M bsc, ethereum, fantom Private Key Compromised (Bad ECDSA Implementation) Access Control Attacks View →
352 Warp Finance $7.8M ethereum Flash Loan Attack Flash Loans Attacks View →
353 Warp Protocol $7.8M ethereum Flashloan Price Oracle Attack Flash Loans Attacks View →
354 Meter $7.7M ethereum Deposit Function Exploit View →
355 CoinDash $7.7M ethereum Frontend Attack View →
356 DFX Finance $7.6M - Other View →
357 Rho Markets $7.6M scroll Price Oracle Manipulation / Oracle Issue Oracle Manipulation & Price Manipulation View →
358 JaredFromSubway.eth MEV Bot $7.5M - Other View →
359 KiloEx $7.5M base, bsc, taiko Price Oracle Manipulation / Access Control Access Control Attacks View →
360 Jimbos Protocol $7.5M arbitrum Flashloan Slippage Attack / Other Flash Loans Attacks View →
361 BitBNS $7.5M - Other View →
362 BNS $7.5M - Private Key Compromised (Unknown Method) Access Control Attacks View →
363 Fantom Foundation $7.4M - Access Control Access Control Attacks View →
364 DxSale $7.3M - - Access Control Attacks View →
365 Exactly $7.2M optimism DebtManager Exploit View →
366 BurgerSwap $7.2M binance, bsc Flashloan Reentrancy Attack / Flash Loan Attack Flash Loans Attacks View →
367 Exactly Protocol $7.2M - Reentrancy Reentrancy View →
368 Saga $7.0M saga Infinite Mint and Dump / Other View →
369 Trust Wallet $7.0M bitcoin, ethereum, solana Private Key Compromised (Supply Chain Attack) / Access Control Access Control Attacks View →
370 Odin.Fun $7.0M icp Liquidity Manipulation Exploit / Oracle Issue Oracle Manipulation & Price Manipulation View →
371 Hundred Finance $7.0M optimism Flashloan Donate Function Logic Exploit / Oracle Issue Flash Loans Attacks View →
372 DAO Maker Vesting $7.0M ethereum Private Key Compromised (Unknown Method) / Other Access Control Attacks View →
373 FinNexus $7.0M - Access Control Access Control Attacks View →
374 ValueDefi $7.0M ethereum Flashloan Price Oracle Attack / Flash Loan Attack Flash Loans Attacks View →
375 Lodestar V0 $6.9M arbitrum Flashloan Price Oracle Attack Flash Loans Attacks View →
376 Bondly $6.8M ethereum Private Key Compromised (Unknown Method) / Access Control Access Control Attacks View →
377 Velocore V2 $6.8M linea, zksync era Fee Overflow Exploit / Other Arithmetic Overflows Underflows View →
378 Luna Yield $6.7M solana Rugpull View →
379 TrustedVolumes $6.7M - Other View →
380 Terra $6.5M - Other View →
381 Seneca $6.5M arbitrum, ethereum Token approval exploit / Access Control Access Control Attacks View →
382 Abracadabra Spell $6.5M ethereum Borrow Logic Exploit View →
383 DEUS Finance $6.5M arbitrum, bsc, ethereum Burn Function Mistake / Other View →
384 Alchemix $6.5M ethereum Borrow Logic Exploit / Other View →
385 PicoStocks $6.4M - Access Control Access Control Attacks View →
386 Abracadabra Money $6.4M - Other View →
387 Gamma Strategies $6.4M - Flash Loan Attack Flash Loans Attacks View →
388 Magnate Finance $6.4M base Drained Contracts / Rugpull View →
389 AniMoon $6.3M - Rugpull View →
390 Belt Finance $6.3M binance, bsc Flashloan Price Oracle Attack / Flash Loan Attack Flash Loans Attacks View →
391 Hundred Finance $6.2M gnosis chain Flashloan Reentrancy Attack / Other Flash Loans Attacks View →
392 Safuu Protocol $6.1M - Rugpull View →
393 Summer Finance $6.0M - - View →
394 DragonEx $6.0M - Rugpull View →
395 Summer.fi $6.0M - Flash Loan Attack Flash Loans Attacks View →
396 Pundi AI $6.0M - Access Control Access Control Attacks View →
397 DeltaPrime $6.0M arbitrum Private Key Compromised (Unknown Method) / Access Control Access Control Attacks View →
398 LendHub $6.0M heco Collateral Offboarding Mistake View →
399 LendHub $6.0M - Other View →
400 Defrost $6.0M avalanche Oracle Manipulation Oracle Manipulation & Price Manipulation View →

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Understanding the Pattern Behind Billion-Dollar Losses

The most expensive crypto hacks are not random. They cluster around repeating vulnerability patterns: access-control failures, flash-loan manipulation, oracle abuse, and unsafe external calls. Studying large-loss incidents helps security researchers prioritize high-impact threat models first.

For deeper context, explore the full Web3 Hacks Dashboard and our Smart Contract Attack Library for hands-on exploit and mitigation breakdowns.

Frequently Asked Questions

How is this leaderboard ranked?

Incidents are ranked by parsed USD amount lost in descending order. Records without parseable loss values are excluded from this ranking.

Does this include every attack type?

It includes all incidents with known loss values in the database. Use the full dashboard for broader filtering and lower-severity incidents.

How can I learn to prevent these exploits?

Study attack-class pages first, then practice in guided exercises inside the Smart Contract Hacking course.

Learn to Prevent High-Impact Smart Contract Hacks

$101B+ lost to preventable vulnerabilities. Master real exploit patterns and defense techniques with hands-on Web3 security training.