Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
331 Vestra DAO Staking Logic Exploit / Other $500K ethereum Staking Logic Exploit / Other
332 Spectral Labs Bonding Curve Exploit / Other $200K ethereum Bonding Curve Exploit / Other
333 Clipper API Signature Exploit $450K base, optimism API Signature Exploit
334 Gifto Rugpull $10.0M Rugpull
335 XT Exchange Access Control Attacks $1.7M ethereum Access Control
336 DCT Token Flash Loans Attacks $428K Flash Loan Attack
337 $2M Coin Poker Access Control Attacks $2.0M Access Control
338 BTB Token Flash Loans Attacks $5K Flash Loan Attack
339 Tectonic Oracle Manipulation & Price Manipulation cronos Price Oracle Attack
340 DEXX Access Control Attacks $21.0M solana Private Key Compromised (Stored Publicly) / Other
341 Polter Finance Flash Loans Attacks $12.0M fantom Flashloan Price Oracle Attack / Oracle Issue
342 Thala Labs Other $25.0M Other
343 ThalaSwap Drained Liquidity Pool $25.5M aptos Drained Liquidity Pool
344 vETH Other $450K Other
345 DeltaPrime Debt Swap Exploit / Other $4.8M arbitrum, avalanche Debt Swap Exploit / Other
346 zkFinance Oracle Manipulation & Price Manipulation $200K zksync era Oracle Misconfiguration Exploit
347 Metawin Access Control Attacks $4.0M Access Control
348 Sunray Access Control Attacks $2.9M Access Control
349 M2 Access Control Attacks $13.7M Access Control
350 1inch Access Control Attacks $720K avalanche Private Key Compromised (Supply Chain Attack)
351 M2 Exchange Access Control Attacks $13.7M bitcoin, ethereum… Access Control Exploit
352 SUNRAY·FINANCE Access Control Attacks $2.9M arbitrum Private Key Compromised
353 Essence Finance Other $20.0M Other
354 Ramses Other $93K Other
355 US Government Crypto Wallet $20.0M ethereum
356 Vista Finance Flash Loans Attacks $29K Flash Loan Attack
357 Tapioca DAO Access Control Attacks $4.7M arbitrum Private Key Compromised (Social Engineering) / Access Control
358 Ambient Domain Hijack ethereum Domain Hijack
359 Radiant Capital Access Control Attacks $58.0M Access Control
360 Radiant V2 Access Control Attacks $53.0M arbitrum, bsc Access Control Exploit

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.