Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
271 KiloEx Access Control Attacks $7.5M base, bsc… Price Oracle Manipulation / Access Control
272 Mantra Other $5.5B Other
273 Tenderize V2 Proxy Upgrade Skim $11K ethereum Proxy Upgrade Skim
274 AIRWA Other $34K Other
275 UPCX Access Control Attacks $70.0M ethereum Upgraded ProxyAdmin + withdrawByAdmin Hack / Access Control
276 SIR Transient storage collision / Other $355K ethereum Transient storage collision / Other
277 Venus Core Pool Donation Attack $902K zksync era Donation Attack
278 Vicuna Oracle Manipulation & Price Manipulation $700K Oracle Issue
279 Abracadabra Spell Other $13.0M arbitrum Other
280 Zoth Access Control Attacks $8.3M Access Control
281 Zoth ZeUSD Access Control Attacks $8.8M ethereum Private Key Compromised (Unknown Method)
282 BBX Token Other $12K Other
283 Arcade Access Control Attacks $5K Access Control
284 WebKeyDao Other $737K Other
285 Berally Access Control Attacks $90K berachain Private Key Compromised (Unknown Method) / Access Control
286 MAID Access Control Attacks $166K Access Control
287 Phishing Phishing Attacks $1.8M Phishing
288 ModelpiToken Other $107K Other
289 1inch Arithmetic Overflows Underflows $5.0M ethereum Calldata underflow and resolver hijack
290 1Inch Reentrancy $2.6M Reentrancy
291 Zoth Oracle Manipulation & Price Manipulation $285K Oracle Issue
292 Hegic(old contract) Unlimited repeated withdrawal exploit $94K ethereum Unlimited repeated withdrawal exploit
293 Suji Yan Phishing Attacks $4.0M Phishing
294 Infini Access Control Attacks $50.0M ethereum Dev Privilege Oversight Exploit / Access Control
295 StepHeroNFTs Reentrancy $90K Reentrancy
296 Bybit Access Control Attacks $1.4B ethereum Safe Multisig wallet Phishing Exploit / Access Control
297 Cardex Access Control Attacks $400K abstract Private Key Compromised (Session signer)
298 LIBRA Other $286M Other
299 OpenOcean Other $22K Other
300 zkLend Empty Market Exploit / Other $9.6M starknet Empty Market Exploit / Other

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.