Web3 Hacks & DeFi Exploit Intelligence

$101B+
Total Value Lost
3299
Incidents Tracked
74
Chains Affected
15
Attack Classes

Search the Incident Console

Start with a project name, narrow by chain or exploit class, then open the incident write-up and sources.

# Project Date Amount Lost Chain Technique Links
241 Nobitex Access Control Attacks $82.0M arbitrum, avalanche… Hot wallet hack / Access Control
242 MetaPool Other $400K Other
243 Anome Other $120K Other
244 AlexLab Other $16.1M Other
245 ALEX malicious transfer() method $8.4M stacks malicious transfer() method
246 ForceBridge Access Control Attacks $3.9M nervos Access Control Exploit
247 Tailverse Other $88K Other
248 Nervos Network Access Control Attacks $3.7M Access Control
249 Malda (prev. Mendi Finance) Other $273K Other
250 Cork V1 Access Control Attacks $12.0M ethereum Access control bypass via hook / Other
251 Usual Arbitration Exploit / Other $43K ethereum Arbitration Exploit / Other
252 Dexodus Oracle Manipulation & Price Manipulation $300K Oracle Issue
253 Dexodus Finance Oracle Manipulation & Price Manipulation $300K base Price Manipulation Attack
254 Cetus CLMM Spoof Token Exploit / Other $260M sui Spoof Token Exploit / Other
255 Nitron Demex Oracle Manipulation & Price Manipulation $950K Oracle Issue
256 Zunami Access Control Attacks $500K Access Control
257 Zunami Protocol withdrawStuckToken() exploit $500K ethereum withdrawStuckToken() exploit
258 Mobius Token Arithmetic Overflows Underflows $2.2M bsc Decimal Miscalculation Exploit / Other
259 LND $1.3M hyperliquid l1, sonic
260 BitoPro BitoGroup Access Control Attacks $11.5M Access Control
261 Phishing Phishing Attacks $330M Phishing
262 Impermax V3 Flash Loans Attacks $300K base Flashloan Exploit / Other
263 Loopscale Oracle Manipulation & Price Manipulation $5.8M solana Price Oracle Manipulation / Other
264 ACB Other $60K Other
265 BTCM App Other $1.0M Other
266 Bitcoin Mission overPaper Function Exploit $1.3M arbitrum overPaper Function Exploit
267 Bitget Market-Making Bot Exploit $100M Market-Making Bot Exploit
268 NumaMoney Flash Loans Attacks $506K Flash Loan Attack
269 The R0AR Access Control Attacks $790K Access Control
270 ZKsync Access Control Attacks $5.0M zksync era Private Key Compromised (Unknown Method) / Access Control

Data sourced from DefiLlama & SunWeb3Sec/DeFiHackLabs . Thank you for keeping Web3 security data open.

Live Feed Last 7 days

Hack Radar

Fresh DeFi incidents the moment they land in our database. Verified by trusted sources; auto-ingested entries are flagged for review.

Understanding Smart Contract Vulnerabilities

Smart contract vulnerabilities remain the leading cause of DeFi protocol losses, with over $10 billion stolen since 2016. Understanding attack vectors like reentrancy, flash loans, and oracle manipulation is essential for every blockchain developer and security researcher.

Each incident in our database is categorized by attack class and linked to our in-depth vulnerability guides, making this the most educational Web3 hacks tracker available. Want a quick ranking? See the most expensive crypto hacks leaderboard.

Learn how these hacks actually worked

Study the exploit patterns behind the incidents in this database, then practice finding them before attackers do.