Sixteen days after launch, Loopscale lost $5.8M to a basic oracle manipulation. Audits flagged the vulnerability, but they claimed all critical issues fixed. Users trusted them. All funds returned. Is this protocol built on solid code or just lucky negotiations?
An attacker exploited a transient storage collision to drain $355K from SIR Trading in a flawless mathematical heist. A single audit couldn't prevent the hack, where a vanity address bypassed security checks and wiped out four years of development in one swift transaction.
$13M vanished from Abracadabra’s cauldrons after hackers exploited a liquidation loophole. The phantom collateral bug let attackers borrow against already-liquidated positions while the team desperately offers a 20% bounty to ghosts that had already disappeared.
Admin keys stolen, $8.4M drained in minutes through a malicious contract upgrade. Zoth suffers two hacks in three weeks - first for logic, now for keys. Auditing code is easy. Auditing the humans behind it? That’s where protocols bleed out.
Shameless Hayden Davis doesn't stop at presidents. While Argentina reels from his LIBRA rug, he launched WOLF - copying The Wolf of Wall Street - Jordan Belfort's brand with none of his finesse. Blockchain traces his cash outs while lawyers circle. Will his final rug be one he never cashes?
The casino's now algorithmic. Memes and machines converge into a system where insiders win and retail gets drained. In a game that turns revolutionaries into bag holders. You didn't miss the exit - you are the exit liquidity.
One hacker transformed 1inch resolver contracts into a $5 million ATM through an integer underflow exploit - all with a negative 512 value. Attacker pocketed $450K as a "bounty" for exposing two years of an undetected vulnerability.
The perfect DeFi hack. No flash loans, no zero-days. Just a rogue dev who built a backdoor, waited 114 days, then drained $49.5M from Infini with admin privileges. Same old story, new-age incompetence. When will protocols learn that admin keys aren't toys?
$1.43B heist on ByBit claims the throne on our Rekt Leaderboard! Lazarus pulled off the perfect digital sleight-of-hand, making multisig signers see legitimate transactions while signing away the keys to the kingdom. Now ByBit's offering $140M to catch the hackers.
A rounding error exploit bled $9.57M from zkLend vaults on Starknet. After Railgun showed them the door, the attacker ignored their Valentine's Day bounty deadline, letting the stolen funds sit idle. Same operator behind EraLend's 2023 hack? On-chain evidence suggests yes.
Fake LBTC, real losses. Social engineering artists convinced Ionic Money on Mode Network to accept counterfeit collateral, walked away with $6.9M, and left sister protocols holding toxic bags. Previously exploited twice as Midas - third time rekt's the charm.
When your hot wallets become dozens of points of failure, $73.54M makes an expensive lesson in access control. From Ethereum to Solana, CEX Phemex just demonstrated how to turn multi-chain support into a masterclass in multi-chain mayhem.