DeFi Security Incidents

Digging deep into many major security incidents in DeFi, revealing the underlying concerns such as vulnerability exploits, flash loan attacks, and contract defects. When traveling on the chain, safety comes first.

34 articles

Is the old DeFi path no longer viable? Behind the billions of dollars in withdrawal: People crave security.

Frequent hacker attacks have led to billions of dollars being withdrawn from native DeFi and instead flowing into safer tokenized government bonds, compliant stablecoins, and institutional-grade settlement products.

04/21/2026, 01:48 PM

A retrospective of 20 hacking incidents: Why is the cryptocurrency world so prone to being hacked?

This article analyzes 20 cases of encrypted data theft, dissecting the two paths attackers take and explaining why a problem with one protocol can harm the entire ecosystem.

04/21/2026, 09:27 AM

Why is DeFi so frequently hacked? You may be ignoring these warning signs.

Often, hackers don't "break" the rules; they simply "exploit" them.

04/21/2026, 06:15 AM

An open-source AI tool that nobody paid attention to alerted about a $292 million vulnerability in Kelp DAO 12 days ago.

Kelp DAO suffered a $292 million theft due to a vulnerability in the LayerZero cross-chain bridge's 1-of-1 validator configuration, becoming the largest DeFi incident so far in 2026. This article provides an in-depth analysis of the entire attack and reflects on three key lessons learned from why an open-source AI auditing tool, despite providing a 12-day advance warning, failed to prevent the tragedy.

04/20/2026, 09:04 AM

$285 million evaporates! Drift's April Fool's Day nightmare, defeated by the most basic private key security.

Drift Protocol, the largest perpetual contract exchange on the Solana blockchain, suffered a key breach attack that could result in losses exceeding $280 million, making it the largest DeFi security incident so far in 2026. This incident once again exposed the core pain point of systemic risk in DeFi: private key security.

04/02/2026, 01:56 AM

In-depth research report on the Resolv protocol hacking incident: Who will ultimately pay the price?

The Resolv protocol was attacked, with attackers exploiting a USR minting vulnerability to create 80 million stablecoins out of thin air and cash out, revealing the fundamental contradiction between capital efficiency and security in Delta-neutral stablecoins. DeFi protocols such as Curve and Morpho were also impacted.

菠菜菠菜！

03/23/2026, 03:45 AM

CertiK发布加密货币ATM欺诈报告：损失达3.3亿美元，AI诈骗与跨境洗钱成主要威胁

3月12日，全球最大的Web3安全公司CertiK发布了《Skynet加密货币ATM欺诈报告》。报告显示，2025年此类诈骗造成的损失已达到3.3亿美元，同比增长约33%，已成为美国增长最快的金融犯罪类别之一。

03/13/2026, 02:23 AM

After seizure of crypto assets by British and American law enforcement agencies, the rate of returning the assets to their rightful owners is approximately 0%.

From the Qian Zhimin case to the Silk Road, most of the victims have become forgotten.

Odaily星球日报

03/13/2026, 12:00 AM

一次精心设计的“自爆”：PGNLZ攻击事件分析

2026 年 1 月 27 日，BNB Smart Chain 上 PGNLZ 项目遭攻击，攻击者借闪电贷、抵押借款后，利用 PancakeSwap 交易操控 Token 价格，因项目通缩模型未验证扣费及 Burn 逻辑，致约 10 万 USD 损失。建议项目方设计时多验证，合约上线前选多家审计公司交叉审计。

01/28/2026, 12:00 PM

Truebit Protocol security incident analysis and traceability of stolen funds, resulting in losses exceeding $26 million.

Five years ago, Truebit Protocol suffered a loss of $26.4 million in ETH due to an attack on its closed-source contract. The attackers exploited an arithmetic logic vulnerability to mint tokens and withdraw funds; the stolen ETH has been traced to a high-risk address.

01/09/2026, 10:40 AM

10,000-word investigation: How North Korea infiltrates the cryptocurrency industry

A CoinDesk investigation has found that more than a dozen blockchain companies have unwittingly hired undercover IT workers from North Korea, creating cybersecurity and legal risks.

10/03/2024, 02:10 AM

DeFi可组合性的潘多拉魔盒：Euler Finance被攻击，这11个DeFi项目遭受损失

Euler作为底层的借贷协议，安全性更值得关注，本次攻击也给其它DeFi项目造成数千万美元的损失。

03/14/2023, 10:51 AM

复盘GALA风波：一场40万美元诱发的价值2.5亿美元的火币信任危机

一向营销见长的孙宇晨万万没想到却在“公关”上翻车了，时隔两天才找到了真矛头，可惜风向已经变了。

11/07/2022, 01:39 AM

2022年Q3全球区块链安全报告：总损失约4.05亿美元，DeFi成事故高发区

2022年第三季度区块链领域主要攻击事件超37起，总损失约4亿美元。

11/01/2022, 09:36 AM

盘点跨链桥史上10大攻击：涉及超19亿美元，15.5亿美元被赔付或追回

跨链桥资金量大且频繁遭到攻击，流动性前三的桥均出现过安全事故，说明跨链桥属于高危领域。

08/03/2022, 11:32 AM

价值5.4亿美元的Offer：Ronin遭攻击源自工程师打开了一家虚假公司的录取信

黑客欺骗了 Axie Infinity 的一名高级工程师，让他向一家虚构的公司申请工作，这该导致了Axie Infinity的Ronin链今年早些时候被黑客盗取了5.4亿美元的加密货币。

07/07/2022, 04:40 AM

BXH盗币案反思：黑客用最原始的方式“摧毁了”国产机枪池原因与教训是什么

吴说作者 | 吴卓铖本期编辑 | Colin Wu10月30日，去中心化收益类协议 BXH 发生私钥被盗事件，损失了价值约1.39亿美元的加密资产。此次安全事故发生在 BSC 链上，据官方声明显示，以太坊、OEC 和 Heco 的链上资产未受影响，但出于安全考量，所有链上的充提功能都被关

吴说区块链

11/03/2021, 02:46 AM

慢雾：分析Poly Network遭受攻击细节，并非keeper私钥泄露导致

慢雾安全团队认为，攻击者通过此函数传入精心构造的数据修改了 EthCrossChainData 合约的 keeper 为攻击者指定的地址，并非网传的是由于 keeper 私钥泄漏导致这一事件的发生。

08/11/2021, 01:43 AM

链上黑客猖獗，资产频繁被盗，币安智能链走下神坛？

币安智能链持续火爆之后，也逐渐成为了黑客的温床，尤其在最近，币安智能链不断发生资金被盗或被套利的安全事件，BSC 在 5 月份一共发生了12起安全事件，总共损失了超过 2.7 亿美元。

06/04/2021, 09:12 AM

多个DeFi项目遭遇DNS劫持，请务必保护好你的私钥和助记词！

巴比特资讯

03/16/2021, 11:31 AM