Web3 Hacks & DeFi Exploit Intelligence
Search the Incident Console
Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.
| # | Project | Date | Amount Lost | Chain | Technique | Links |
|---|---|---|---|---|---|---|
| 151 | Yearn Finance Flash Loans Attacks | $300K | ethereum | misconfigured Fulcrum sUSD strategy / Flash Loan Attack | ||
| 152 | FutureSwap Flash Loans Attacks | $270K | ethereum | Flashloan Governance Attack | ||
| 153 | Mars Perps Thin-Market Skew Exploit | $960K | neutron | Thin-Market Skew Exploit | ||
| 154 | Zerobase Phishing Attacks | $240K | — | Phishing | ||
| 155 | Ribbon Access Control Attacks | $2.7M | ethereum | Private Key Compromised | ||
| 156 | 0G Labs emergencyWithdraw Function Exploit | $516K | 0g | emergencyWithdraw Function Exploit | ||
| 157 | MUBARA Phishing Attacks | $55K | — | Phishing | ||
| 158 | Eden Network Access Control Attacks | $54K | — | Access Control | ||
| 159 | DMi Other | $124K | — | Other | ||
| 160 | WaveX Other | $430K | — | Other | ||
| 161 | USPD Access Control Attacks | $200K | — | Access Control | ||
| 162 | US Permissionless Dollar "CPIMP" proxy front-run | $1.0M | ethereum | "CPIMP" proxy front-run | ||
| 163 | Goldfinch Finance Other | $330K | — | Other | ||
| 164 | Yearn Finance Other | $9.0M | — | Other | ||
| 165 | Yearn Ether yETH stablepool Exploit | $9.0M | ethereum | yETH stablepool Exploit | ||
| 166 | Upbit Access Control Attacks | $36.0M | solana | Private Key Compromised / Other | ||
| 167 | Port3 Network Infinite Mint and Dump | $166K | bsc | Infinite Mint and Dump | ||
| 168 | Raga Finance HyperEVM Delta Neutral Exploit | $18K | hyperliquid l1 | HyperEVM Delta Neutral Exploit | ||
| 169 | GANA Payment Access Control Attacks | $3.1M | bsc | Private Key Compromised / Other | ||
| 170 | Impermax V3 Zero-Rate Hack / Other | $380K | base | Zero-Rate Hack / Other | ||
| 171 | DIMO Access Control Attacks | $40K | ethereum | Private Key Compromised / Access Control | ||
| 172 | Stream Finance Other | $93.0M | — | Other | ||
| 173 | Moonwell Oracle Manipulation & Price Manipulation | $3.7M | — | Oracle Issue | ||
| 174 | Moonwell Lending Oracle Manipulation & Price Manipulation | $1.0M | base, optimism | Oracle Price Feed Manipulation | ||
| 175 | Beets Access Control Attacks | $3.0M | — | Access Control | ||
| 176 | Balancer V2 Access Control Attacks | $128M | arbitrum, base… | Composable Stable Pools Exploit / Access Control | ||
| 177 | Garden Finance Other | $11.0M | — | Other | ||
| 178 | Garden Access Control Attacks | $10.8M | arbitrum, base… | Private Key Compromised | ||
| 179 | 402bridge Access Control Attacks | $17K | base | Private Key Compromised (Stored Publicly) / Access Control | ||
| 180 | Sharwa.Finance Oracle Manipulation & Price Manipulation | $147K | arbitrum | Price Manipulation Attack / Other |
Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.
Hack Radar
Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.
Explore by Attack Type
Access Control Attacks
Arithmetic Overflows Underflows
Delegatecall & Call Injection Attacks
Flash Loans Attacks
Oracle Manipulation & Price Manipulation
Reentrancy
Dao Governance Attacks
Frontrunning & Sandwich Attacks
Phishing Attacks
Dos Attacks
Replay Attacks
Self Destruct Attacks
Sensitive On Chain Data
Weak Randomness Attacks
Unchecked Return Value Attacks
Understanding Smart Contract Vulnerabilities
Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.
Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.
Learn how these hacks actually worked
Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.