Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
91 Venus Other $2.2M Other
92 Venus Core Pool Donation Attack $3.7M bsc Donation Attack
93 Goose Finance Share Accounting Flaw $8K bsc Share Accounting Flaw
94 Stake DAO Oracle Manipulation & Price Manipulation $176K arbitrum, base Oracle Message Spoofing
95 Aave V3 Oracle Manipulation & Price Manipulation $27.8M ethereum CAPO Oracle Misconfiguration
96 DBXen Access Control Attacks $150K Access Control
97 Gondi Access Control Attacks $230K ethereum Access Control / PurchaseBundler Exploit
98 Molt EVM onlySpawnerToken Modifier Hack $127K base onlySpawnerToken Modifier Hack
99 SolvBTC Mint Reserves Logic Exploit $2.7M ethereum Mint Reserves Logic Exploit
100 Solv Protocol Other $2.7M Other
101 V4 Swap Router by z0r0z Access Control Attacks $42K Access Control
102 Curve Lend Oracle Manipulation & Price Manipulation $240K Oracle Issue
103 FOOM Cash Phishing Attacks $2.3M base, ethereum Fake Proof Spam
104 Curve LlamaLend Donation Attack $240K ethereum Donation Attack
105 Wise Lending V2 Flash Loans Attacks $66K arbitrum, ethereum Flashloan Exploit
106 Ploutos Money Oracle Manipulation & Price Manipulation $390K ethereum Rugpull / Oracle Misconfiguration Exploit / Misconfigured Oracle Exploit
107 Holdstation Access Control Attacks $462K Access Control
108 DGLD Infinite Mint and Dump base Infinite Mint and Dump
109 LAXO Token Flash Loans Attacks $191K Flash Loan Attack
110 Blend Protocol Oracle Manipulation & Price Manipulation $10.9M Oracle Issue
111 Blend Pools V2 Oracle Manipulation & Price Manipulation $11.0M stellar Price Oracle Manipulation
112 Veil Cash misconfigured Groth16 verifier $5K base misconfigured Groth16 verifier
113 IoTeX Access Control Attacks $8.0M ethereum Private Key Compromised / Access Control
114 Moonwell Lending Oracle Manipulation & Price Manipulation $1.8M base cbETH Collateral Exploit / Oracle Issue
115 SOF Token Flash Loans Attacks $249K Flash Loan Attack
116 CrossCurve Spoofed Cross-Chain Messages / Other $3.0M Spoofed Cross-Chain Messages / Other
117 Step Finance Access Control Attacks $40.0M solana Private Key Compromised / Access Control
118 Gyroscope Other $807K Other
119 Revert Lend Staked Collateral Exploit / Other $50K base Staked Collateral Exploit / Other
120 Holdstation Access Control Attacks $192K Access Control

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.