Back to Security

Security Incident Database

A comprehensive database of past DeFi hacks and exploits. Learn from history to avoid repeating these mistakes in your own projects.

$7B+

Total Stolen (All Time)

500+

Documented Incidents

30%

Funds Recovered

2022

Worst Year

Attack Vector Distribution

Flash Loan Attacks45 incidents (25%)
Private Key Compromise38 incidents (21%)
Oracle Manipulation32 incidents (18%)
Access Control28 incidents (15%)
Reentrancy20 incidents (11%)
Other18 incidents (10%)

Yearly Loss Trends

2025

$500M+

45 incidents

2023

$1.7B

150 incidents

2022

$3.8B

200 incidents

2021

$1.3B

120 incidents

2020

$500M

60 incidents

Major Incidents

Ronin Bridge

March 2022Ethereum/RoninCompromised Keys

$625M

Lost

Attackers compromised 5 of 9 validator keys through social engineering and a separate vulnerability to drain the bridge.

Root Cause

Insufficient validator key security and overly centralized multisig

Key Lessons

  • Distribute key custody
  • Implement monitoring for large transfers
  • Regular security audits of key management

Wormhole

February 2022SolanaSignature Verification

$326M

Lost

Attacker bypassed signature verification to mint 120,000 wETH without depositing equivalent ETH.

Root Cause

Improper signature verification allowing forged guardian signatures

Key Lessons

  • Thorough signature validation
  • Multiple security reviews for bridges
  • Bug bounty programs

Euler Finance

March 2023EthereumFlash Loan Attack

$197M

Lost

Attacker exploited a vulnerability in the donation and liquidation logic using flash loans.

Root Cause

Flawed donation mechanism allowed manipulation of collateral values

Key Lessons

  • Flash loan attack vectors
  • Economic attack modeling
  • Formal verification

Nomad Bridge

August 2022EthereumImproper Validation

$190M

Lost

A configuration error allowed anyone to spoof messages and drain the bridge. Mass exploitation followed initial discovery.

Root Cause

Trusted root was set to 0x0, allowing any message to be verified as valid

Key Lessons

  • Initialization parameter validation
  • Monitoring for unusual activity
  • Incident response planning

Mango Markets

October 2022SolanaOracle Manipulation

$114M

Lost

Attacker manipulated the price of MNGO token to borrow against inflated collateral.

Root Cause

Low liquidity oracle that could be easily manipulated

Key Lessons

  • TWAP oracles for low liquidity assets
  • Borrowing limits
  • Cross-collateral risk management

Cream Finance (V3)

October 2021EthereumOracle Manipulation

$130M

Lost

Flash loan attack manipulated yUSD price oracle to drain lending pools.

Root Cause

Vulnerable price oracle for complex yield-bearing tokens

Key Lessons

  • Careful oracle selection for DeFi tokens
  • Borrow cap limits
  • Flash loan guards

BeanStalk

April 2022EthereumGovernance Attack

$182M

Lost

Attacker flash loaned governance tokens to pass malicious proposal that drained the protocol.

Root Cause

No voting delay allowed instant execution of proposals

Key Lessons

  • Governance timelocks
  • Snapshot voting
  • Flash loan resistance in governance

Wintermute

September 2022EthereumCompromised Keys

$160M

Lost

Private key was compromised due to a vulnerability in the Profanity vanity address generator.

Root Cause

Weak random number generation in vanity address tool

Key Lessons

  • Avoid vanity address generators
  • Hardware wallet security
  • Key rotation policies

Prevention Strategies

Security Audits

Get multiple independent audits from reputable firms before deployment. Don't rush to mainnet.

Monitoring

Implement real-time monitoring for unusual activity. Set up alerts for large transfers and anomalies.

Access Control

Use timelocks, multisigs, and principle of least privilege for all administrative functions.

External Resources

Rekt News

Detailed post-mortems and analysis

DeFiLlama Hacks

Comprehensive hack tracker

Don't Be the Next Headline

Use ChainLens to scan your contracts for known vulnerability patterns.

Scan Your ContractLearn About Vulnerabilities