Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
1 BonkDAO Access Control Attacks $21.0M Access Control
2 Humanity Protocol Access Control Attacks $31.0M Access Control
3 Token of Power Access Control Attacks $472K Access Control
4 DxSale Access Control Attacks $7.3M
5 Tessera DAO Access Control Attacks $2.4M Access Control
6 Gravity Bridge Access Control Attacks $5.4M Access Control
7 Stake DAO Access Control Attacks $91K Access Control
8 Third-party SquidRouterModule Access Control Attacks $3.2M Access Control
9 StablR Access Control Attacks $12.8M Access Control
10 Echo Protocol Access Control Attacks $816K Access Control
11 Aurellion Access Control Attacks $456K Access Control
12 Ink Finance Access Control Attacks $140K Access Control
13 Renegade Access Control Attacks $209K Access Control
14 Ekubo Protocol Access Control Attacks $1.4M Access Control
15 Wasabi Access Control Attacks $5.5M Access Control
16 Syndicate Access Control Attacks $400K Access Control
17 ZetaChain Access Control Attacks $334K Access Control
18 Purrlend Access Control Attacks $1.5M Access Control
19 Giddy Access Control Attacks $1.3M Access Control
20 Kelp DAO Access Control Attacks $292M Access Control
21 SubQuery Network Access Control Attacks $60K base Access Control Exploit
22 Aethir Access Control Attacks $423K bsc Access Control Exploit / Other
23 SquidMulticall Approval Exploitation Access Control Attacks $517K Access Control
24 Drift Protocol Access Control Attacks $280M Access Control
25 Resolv Access Control Attacks $25.0M ethereum Private Key Compromised / Access Control
26 DBXen Access Control Attacks $150K Access Control
27 Gondi Access Control Attacks $230K ethereum Access Control / PurchaseBundler Exploit
28 V4 Swap Router by z0r0z Access Control Attacks $42K Access Control
29 Holdstation Access Control Attacks $462K Access Control
30 IoTeX Access Control Attacks $8.0M ethereum Private Key Compromised / Access Control

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.