Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
181 Typus Finance Oracle Manipulation & Price Manipulation $3.4M Oracle Issue
182 Typus Perp TLP Contract Exploit $3.4M sui TLP Contract Exploit
183 Hyperliquid User Private Key Compromise Access Control Attacks $21.0M Access Control
184 OracleBNB Rugpull $80K Rugpull
185 Astera.fi Flash Loans Attacks $822K linea Oracle Price Feed Manipulation / Flash Loan Attack
186 Squid Other $90K Other
187 VeloraDEX Other $20K Other
188 Abracadabra Spell Sequential State Manipulation Exploit / Other $1.7M ethereum Sequential State Manipulation Exploit / Other
189 EIP-7702 Delegation Contract Exploit Other $336K Other
190 Hyperdrive HL Router Exploit / Other $782K hyperliquid l1 Router Exploit / Other
191 HyperVault Drain Vaults / Rugpull $3.6M hyperliquid l1 Drain Vaults / Rugpull
192 GriffinAI Access Control Attacks $3.0M bsc False Peer Exploit / Access Control
193 SBI Crypto Access Control Attacks $24.0M bitcoin, bitcoincash… Access Control
194 Seedify Access Control Attacks $1.2M avalanche, bsc Infinite Mint and Dump / Access Control
195 Corepound Drained Contracts $430K core Drained Contracts
196 UXLINK Access Control Attacks $48.0M arbitrum, ethereum Delegatecall Exploit / Access Control
197 New Gold Protocol Flash Loans Attacks $2.0M Flash Loan Attack
198 Shibarium Access Control Attacks $2.4M Access Control
199 Shibarium Flash Loans Attacks $3.0M shibarium Validator Stake Manipulation by Flashloan
200 Kame Aggregator swap() Function Flaw $1.3M sei swap() Function Flaw
201 EOA Token Theft Other $3.0M Other
202 Evoq Finance Access Control Attacks $420K bsc Advanced Persistent Threat (APT) attack / Access Control
203 Aqua Rugpull $4.7M Rugpull
204 SwissBorg Third-party API compromise / Other $41.5M solana Third-party API compromise / Other
205 Nemo Oracle Manipulation & Price Manipulation $2.4M Oracle Issue
206 Nemo Yield Trading Oracle Manipulation & Price Manipulation $2.4M sui Price Oracle Manipulation
207 Venus Phishing Attacks $13.0M Phishing
208 Bunni V2 Liquidity Distribution Function Exploit / Other $8.4M ethereum, unichain Liquidity Distribution Function Exploit / Other
209 OlaXBT Access Control Attacks $2.0M bsc Multisig wallet Social Engineering Exploit / Access Control
210 Cozy Finance Access Control Attacks $427K Access Control

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.