An attacker apparently discovered a reentrancy bug allowing them to drain user funds from those who had approved the old contract. Altogether, around $1.8 million was taken before the team disabled the contract. The attacker quickly tumbled the stolen funds through Tornado Cash.
Dolomite exchange exploited for $1.8 million
SEC launches investigation into Ethereum Foundation
Although the SEC has agreed that bitcoin is a commodity and not a security, it has been hesitant to make similar explicit statements about ETH. Designation as a security could be devastating to the Ethereum project and to ETH, which is the second most popular cryptocurrency to bitcoin.
Bitcoin flash crashes on BitMEX
The incident underscores the thinness of the bitcoin markets on some cryptocurrency exchanges, and the ease with which a few whales can manipulate token prices.
BitMEX used to be among the largest cryptocurrency trading platforms, though its popularity diminished after its founders were hit with criminal charges in 2020 for violations of the Bank Secrecy Act.
Slerf memecoin meltdown only adds to mania
Thanks to the aforementioned frenzy, the project managed to raise $10 million in the presale. However, things went sideways when the developer accidentally burned the $10 million by sending them to an address where they would be permanently inaccessible. "oh fuck", the developer wrote ominously on Twitter, before explaining their mistake.
Some speculated that the screwup may have been a marketing ploy, in which case it was very successful, because the token went on to post more than $2.7 billion in trading volume over a 24-hour period — more than the entire ETH trading volume in that period. The monumental error by the developers seemed to have no damper on the overall frenzy around memecoins, or even produced the opposite effect.
Surely this trend won't end badly.
Wilder World game suffers $1.8 million theft, blames contractor
The project blamed the theft on a previous contractor who had the private key. They also explained that the attacker seemed to be a developer based on the fact that they had "specialized knowledge of ZERO's internal security systems".
Phisher impersonating influential crypto trader in Twitter replies scams over $2.6 million
In one of the real Ansem's tweets, Ansem wrote "i dont launch coins bros" — nevertheless, followers eager to get in early on a new memecoin clicked a link offering a presale and had their wallets drained.
Altogether, people lost $2.6 million to the scam. One individual lost $1.2 million.
Remilia Collective reports multi-million dollar hack
The attacker stole around 490 ETH (~$1.8 million) and $58,000 USDC, along with more than 130 Milady NFTs, 320 Remilio NFTs, and hundreds of derivative tokens issued on the NFTX platform. Based on floor prices, the assets are valued at north of $6 million.
The mechanism of the attack is still uncertain, though Fang has said he suspects malware that could have intercepted credentials to his Bitwarden password manager. Some have expressed skepticism around the "hack", suggesting it could have been inside job. The Remilia group had suffered a separate $1 million loss in September 2023 — blamed on a rogue developer — and failed to implement many security safeguards after that incident.
NFPrompt discloses hack
The platform announced on March 15 that it had suffered a "critical security incident" that it attributed to "a group of hackers" who were able to gain access to funds belonging both to the project's users and the project itself. They did not disclose how much was taken.
The project announced that it was working with the FBI, and had contacted centralized exchanges to ask them to freeze stolen funds.
Someone accidentally burns $1.36 million Tether
Most experienced crypto users have adopted the habit of sending small test transactions before transferring large amounts of tokens, to first check that they're using the correct address. Oddly, this person did so in this case, but then went right ahead and transferred the remaining tokens to the erroneous address.
The person may have lucked out that they were using a centralized stablecoin like Tether, whose operators hold a substantial amount of control over freezing, destroying, and creating new Tethers — and could feasibly replace the burned tokens.
Mozaic exploited for $2 million, recovers 90%
According to MozaicFi, the theft had been perpetrated by a rogue developer who was able to gain access to a private key held by a core team member. They also claimed that a simultaneous large sale of the Mozaic token resulted in cascading liquidations.
In good news for the project, the attacker moved around 90% of the stolen funds to MEXC, a centralized cryptocurrency exchange that was able to freeze the thief's access to the funds.