Web3 Hacks & DeFi Exploit Intelligence
Search the Incident Console
Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.
| # | Project | Date | Amount Lost | Chain | Technique | Links |
|---|---|---|---|---|---|---|
| 1 | BonkDAO Access Control Attacks | $21.0M | — | Access Control | ||
| 2 | Humanity Protocol Access Control Attacks | $31.0M | — | Access Control | ||
| 3 | Token of Power Access Control Attacks | $472K | — | Access Control | ||
| 4 | DxSale Access Control Attacks | $7.3M | — | — | ||
| 5 | Tessera DAO Access Control Attacks | $2.4M | — | Access Control | ||
| 6 | Gravity Bridge Access Control Attacks | $5.4M | — | Access Control | ||
| 7 | Stake DAO Access Control Attacks | $91K | — | Access Control | ||
| 8 | Third-party SquidRouterModule Access Control Attacks | $3.2M | — | Access Control | ||
| 9 | StablR Access Control Attacks | $12.8M | — | Access Control | ||
| 10 | Echo Protocol Access Control Attacks | $816K | — | Access Control | ||
| 11 | Aurellion Access Control Attacks | $456K | — | Access Control | ||
| 12 | Ink Finance Access Control Attacks | $140K | — | Access Control | ||
| 13 | Renegade Access Control Attacks | $209K | — | Access Control | ||
| 14 | Ekubo Protocol Access Control Attacks | $1.4M | — | Access Control | ||
| 15 | Wasabi Access Control Attacks | $5.5M | — | Access Control | ||
| 16 | Syndicate Access Control Attacks | $400K | — | Access Control | ||
| 17 | ZetaChain Access Control Attacks | $334K | — | Access Control | ||
| 18 | Purrlend Access Control Attacks | $1.5M | — | Access Control | ||
| 19 | Giddy Access Control Attacks | $1.3M | — | Access Control | ||
| 20 | Kelp DAO Access Control Attacks | $292M | — | Access Control | ||
| 21 | SubQuery Network Access Control Attacks | $60K | base | Access Control Exploit | ||
| 22 | Aethir Access Control Attacks | $423K | bsc | Access Control Exploit / Other | ||
| 23 | SquidMulticall Approval Exploitation Access Control Attacks | $517K | — | Access Control | ||
| 24 | Drift Protocol Access Control Attacks | $280M | — | Access Control | ||
| 25 | Resolv Access Control Attacks | $25.0M | ethereum | Private Key Compromised / Access Control | ||
| 26 | DBXen Access Control Attacks | $150K | — | Access Control | ||
| 27 | Gondi Access Control Attacks | $230K | ethereum | Access Control / PurchaseBundler Exploit | ||
| 28 | V4 Swap Router by z0r0z Access Control Attacks | $42K | — | Access Control | ||
| 29 | Holdstation Access Control Attacks | $462K | — | Access Control | ||
| 30 | IoTeX Access Control Attacks | $8.0M | ethereum | Private Key Compromised / Access Control |
Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.
Hack Radar
Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.
Explore by Attack Type
Access Control Attacks
Arithmetic Overflows Underflows
Delegatecall & Call Injection Attacks
Flash Loans Attacks
Oracle Manipulation & Price Manipulation
Reentrancy
Dao Governance Attacks
Frontrunning & Sandwich Attacks
Phishing Attacks
Dos Attacks
Replay Attacks
Self Destruct Attacks
Sensitive On Chain Data
Weak Randomness Attacks
Unchecked Return Value Attacks
Understanding Smart Contract Vulnerabilities
Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.
Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.
Learn how these hacks actually worked
Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.