$37.5 million stolen from C.R.E.A.M. lending platform
A hacker was able to code a smart contract that tricked C.R.E.A.M. into believing it was from a trusted source. They were then able to make off with $37.5 million worth of Ethereum and stablecoins in what was only the first of several major exploits of the platform in 2021.
Yearn Finance loses $11 million to a hack
An exploit in Yearn Finance's yDAI vault resulted in an $11 million loss to the platform, though "only" $2.8 million of this went to the hacker.
- "Yearn.Finance puts expanded treasury to use by repaying victims of $11M hack", Cointelegraph
- "Yearn Finance suffers exploit, says $2.8 million stolen by attacker out of $11 million loss", The Block
- "DeFi platform Yearn moves to restore exploited 'vault' less than a week after $11 million loss", The Block
Tether pays $18.5 million in penalties; NY Attorney General alleges they don't have the cash reserves they claim
The stablecoin Tether swears up and down that it's fully backed by actual currency, but the New York Attorney General doesn't agree. Tether paid $18.5 million in penalties, was banned from trading in New York, and agreed to submit transparency reports for two years in exchange for ending the long-running legal dispute.
- "Tether, Bitfinex to pay $18.5M to NYAG, cease trading in New York", Amy Castor
- "The curious case of Tether: a complete timeline of events", Amy Castor
- "Cryptocurrency firms Tether and Bitfinex agree to pay $18.5 million fine to end New York probe ", CNBC
- Press release from the New York Attorney General
PopcornSwap rug pulls
PopcornSwap launched on BNB Chain and then immediately drained its liquidity pool, making off with tokens priced at around $2 million.
Binance stated that they had been able to freeze users' assets on the BNB Chain partway through the incident. However, as of June 2023, Binance had not taken any steps to return the frozen funds to their original owners.
Saddle Finance exploited within hours of launch
The Saddle Finance defi project, a fork of the Curve Finance project, launched on January 20. It promised it would "eliminate slippage".
The project was exploited only hours later, by attackers who stole more than 7.9 BTC (~$275,000) by taking advantage of high slippage on the platform.
- "Saddle Finance", Rekt