Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
61 BigONE Access Control Attacks $28.0M Access Control
62 Pundi AI Access Control Attacks $6.0M Access Control
63 MEV Bots Access Control Attacks $2.0M Access Control
64 Hacken Token Access Control Attacks $250K Private Key Compromised / Access Control
65 Nobitex Access Control Attacks $82.0M arbitrum, avalanche… Hot wallet hack / Access Control
66 ForceBridge Access Control Attacks $3.9M nervos Access Control Exploit
67 Nervos Network Access Control Attacks $3.7M Access Control
68 Cork V1 Access Control Attacks $12.0M ethereum Access control bypass via hook / Other
69 Zunami Access Control Attacks $500K Access Control
70 BitoPro BitoGroup Access Control Attacks $11.5M Access Control
71 The R0AR Access Control Attacks $790K Access Control
72 ZKsync Access Control Attacks $5.0M zksync era Private Key Compromised (Unknown Method) / Access Control
73 KiloEx Access Control Attacks $7.5M base, bsc… Price Oracle Manipulation / Access Control
74 UPCX Access Control Attacks $70.0M ethereum Upgraded ProxyAdmin + withdrawByAdmin Hack / Access Control
75 Zoth ZeUSD Access Control Attacks $8.8M ethereum Private Key Compromised (Unknown Method)
76 Zoth Access Control Attacks $8.3M Access Control
77 Arcade Access Control Attacks $5K Access Control
78 Berally Access Control Attacks $90K berachain Private Key Compromised (Unknown Method) / Access Control
79 MAID Access Control Attacks $166K Access Control
80 Infini Access Control Attacks $50.0M ethereum Dev Privilege Oversight Exploit / Access Control
81 Bybit Access Control Attacks $1.4B ethereum Safe Multisig wallet Phishing Exploit / Access Control
82 Cardex Access Control Attacks $400K abstract Private Key Compromised (Session signer)
83 DogWifTools Access Control Attacks $10.0M solana Private Key Compromised (Malware)
84 Phemex Access Control Attacks $85.0M arbitrum, avalanche… Private Key Compromised (Unknown Method) / Other
85 Orange Finance Access Control Attacks $840K arbitrum Private Key Compromised (Unknown Method) / Access Control
86 Moby Access Control Attacks $1.5M arbitrum Private Key Compromised (Unknown Method)
87 Moby Trade Access Control Attacks $2.5M Access Control
88 Fegex Access Control Attacks $900K base, bsc… Missing Access Control
89 BTC24H Access Control Attacks $86K polygon Access Control Exploit / Access Control
90 XT Exchange Access Control Attacks $1.7M ethereum Access Control

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.