ar
Feedback
Defimon Alerts

Defimon Alerts

الذهاب إلى القناة على Telegram

⚠️ DeFi security alerts by @DecurityHQ 💎 Instant alerts @defimon_subscription_bot defimon.xyz

إظهار المزيد
لم يتم تحديد البلدالعملات المشفرة16 278
4 412
المشتركون
+624 ساعات
+217 أيام
+7930 أيام

جاري تحميل البيانات...

القنوات المماثلة
لا توجد بيانات
هل تواجه مشاكل؟ يرجى تحديث الصفحة أو الاتصال بمدير الدعم الخاص بنا.
الإشارات الواردة والصادرة
---
---
---
---
---
---
جذب المشتركين
يوليو '26
يوليو '26
+74
في 0 قنوات
يونيو '26
+139
في 3 قنوات
Get PRO
مايو '26
+234
في 1 قنوات
Get PRO
أبريل '26
+261
في 0 قنوات
Get PRO
مارس '26
+250
في 0 قنوات
Get PRO
فبراير '26
+176
في 1 قنوات
Get PRO
يناير '26
+434
في 1 قنوات
Get PRO
ديسمبر '25
+357
في 4 قنوات
Get PRO
نوفمبر '25
+368
في 0 قنوات
Get PRO
أكتوبر '25
+541
في 3 قنوات
Get PRO
سبتمبر '25
+419
في 6 قنوات
Get PRO
أغسطس '25
+126
في 1 قنوات
Get PRO
يوليو '25
+172
في 3 قنوات
Get PRO
يونيو '25
+203
في 0 قنوات
Get PRO
مايو '25
+176
في 3 قنوات
Get PRO
أبريل '25
+221
في 3 قنوات
Get PRO
مارس '25
+248
في 1 قنوات
Get PRO
فبراير '25
+724
في 0 قنوات
Get PRO
يناير '250
في 0 قنوات
Get PRO
ديسمبر '24
+19
في 1 قنوات
التاريخ
نمو المشتركين
الإشارات
القنوات
18 يوليو+9
17 يوليو+13
16 يوليو+5
15 يوليو+5
14 يوليو+4
13 يوليو+2
12 يوليو+2
11 يوليو+4
10 يوليو+2
09 يوليو+3
08 يوليو+4
07 يوليو+1
06 يوليو+1
05 يوليو+1
04 يوليو+6
03 يوليو+1
02 يوليو+5
01 يوليو+6
منشورات القناة
💌 Onchain message:
Hello Phisher.You directly stole my bounty secret note.Please return the funds.Thank you
📤 From: 0x61e6301614178a2ca21bfa0fbb30aba06acc2d1c 📥 To: 0x6659659b8518f53f7a8d9b73ca4f4bd4e4ae824f 🌎 Network: mainnet Etherscan

2
🚨 perp.com - Loss $3,062 (2026-07-16) Token: $vETH (Perpetual Protocol) Network: Optimism Type: Access Control / Missing Permission Check Perpetual Protocol's OrderBook exposes updateFundingGrowthAndLiquidityCoefficientInFundingPayment() as an unprotected external function (OrderBook.sol:232) — it lacks the _requireOnlyClearingHouse() guard used by its sibling functions. The attacker opened a tiny liquidity order, then called it directly with a fabricated funding growth (twPremiumX96 = 1e70), corrupting their order's cached funding-growth state. On settleAllFunding the corrupted cache produced a bogus funding payment (~1.46e36), inflating the account's realized PnL, which was then withdrawn as USDC — draining the vaults of ~$3,062. TX: https://optimistic.etherscan.io/tx/0xb0a8a3cc76fb17bf965ab1dee3b76b62f79ca72def31e12f8ad8b1711625df08 Attacker: https://optimistic.etherscan.io/address/0x957c6cF5E0F69597dB7A8065c94af1A48aBCA47d Victim: https://optimistic.etherscan.io/address/0x772f48f073c1f328c264619fc3bba28e3efdefb0 X: https://x.com/perpprotocol @defimon_subscription_bot
460
3
💌 Onchain message: Please, I beg you. If you cannot return everything, please just return the 445 LINK to my new address. You can keep the rest as a bounty. This was my life savings. I am begging for your mercy. Thank you. 📤 From: 0x8d9c6dc7d3d619b04ebd14e5767812b1edcb3eca 📥 To: 0xba5f4cde46fa8d2e6dc83acca6463d4980eb1e4b 🌎 Network: mainnet Etherscan
551
4
💌 Onchain message: Hello. This is my life savings. Please keep 10% bounty and return 90% to this address. Tahnk you. 📤 From: 0x8d9c6dc7d3d619b04ebd14e5767812b1edcb3eca 📥 To: 0xba5f4cde46fa8d2e6dc83acca6463d4980eb1e4b 🌎 Network: mainnet Etherscan
699
5
More than 2 months after $5.8M Trusted Volumes exploit one of the attackers returned 1,122 ETH ($2M): https://etherscan.io/tx/0x2406411a50b537d5eb3a1a488b4ac2e4f8cf6f331147fa81fedf34851b793f0a
719
6
💌 Onchain message: We have finalized the negotiations with the original exploiter: https://etherscan.io/tx/0x06a4ad1eaa15d7796c0aaead610ea1a90c2db9553fbd39aaf12120fda6e108b9. They returned the funds and received their bug bounty. Contact us at tvbugbounty@proton.me to negotiate. 📤 From: 0x1ef9bfb1e7480c01d3d00e9bca5f29625c6c4806 📥 To: 0xfa4f52df02e5f3563bc4569a6b43bb6aca617e07 🌎 Network: mainnet Etherscan
663
7
🚨 bunker.finance - Loss ~$5.6K (2026-07-16) Token: $bETH (Bunker Ether, price unavailable) Network: Ethereum Type: Oracle Manipulation / Collateral Valuation Flaw (NFT lending) Bunker is a CryptoPunk-collateralized Compound fork. The attacker flash-loaned 1 PUNK from the NFTX vault, redeemed CryptoPunk #1893, and deposited it as collateral (CNft.mint) into Bunker's NFT lending markets. The CNftPriceOracle values the NFT via the NFTX vault's Uniswap floor price, massively over-pricing the single punk. Against this inflated collateral the attacker drained the markets' liquidity — borrowing 1.59 ETH (bETH) + 1,297 USDC in comptroller 0x01a9…0a83, then 1.1 ETH + 50 USDC in comptroller 0x6bc8…4db5 — then withdrew the same punk (CNft.redeem passed the liquidity check) and returned it to NFTX to repay the flash loan, leaving the borrows unbacked. Net ~$5.6K extracted (2.69 ETH + ~1.35K USDC). TX: https://etherscan.io/tx/0x5b9dc05c2636da600a22d13d5a6a01de7ededfec0227df56a5ed1a61e007457a Attacker: https://etherscan.io/address/0xeaaf475db34fb66f098e51cbf0eeeff76f496974 Victim: https://etherscan.io/address/0x2e35bd135942dd0b303444bebdce097d81b9e0f3 X: https://x.com/bunker_finance @defimon_subscription_bot
639
8
🚨 CrowdRingCircle (众环CRC) - Loss ~$201K (2026-07-16) Token: $CRC @ $0.005816 Network: BNB Chain Type: Logic Error (Reserve Manipulation via burn-from-pair + sync) The CRC token's `_update` override contains a "sell destroy" mechanism: on every transfer to a DEX pair (`isDexPair[to] && sellDestroyEnabled`), it burns `amount` directly from the pair's own balance via `_safeDeductBalance(to, amount)` and then calls `IUniswapV2Pair(to).sync()` (CrowdRingCircle.sol:185-191). By repeatedly pushing CRC into the PancakeSwap CRC/USDT LP, the attacker forced the pair to burn its own CRC reserves and re-sync, skewing the reserve ratio and inflating CRC's price. Flash-funded via PancakeSwap Infinity Vault + Venus + Aave-style borrow, the attacker then swapped a small amount of CRC for the USDT side of the pool at the manipulated rate, draining it. The LP pair lost ~209K USDT and ~35.86M CRC; the attacker EOA netted ~$201K USDT. TX: https://bscscan.com/tx/0xeaef22325e02ac65a8e1f2e1a3a43f7b7ac8d2323ce6f698a90813e77017c834 Attacker: https://bscscan.com/address/0x34579ea92a07a88f5505dfaa4d99ab94b2784087 Victim: https://bscscan.com/address/0xd8799a644850c065388c22df4ee0c28472922526 (CRC/USDT Cake-LP) Token: https://bscscan.com/address/0x8581433150f2c48ff2efe5a22b17c7d405054509 @defimon_subscription_bot
601
9
We are proud to partner with Hexens on Glider Monitor! This is a unique integration that not only detects but also assesses your exposure to the DeFi incidents: https://hexens.io/solutions/glider-monitor
662
10
💌 Onchain message: For settlement finalising and continue bug bounty discussion we require you to return 1,122 ETH to our address - 0xb6f28ed0f919a12822fe78f6d610e5e09a6fe450 📤 From: 0x1ef9bfb1e7480c01d3d00e9bca5f29625c6c4806 📥 To: 0xc3ebddea4f69df717a8f5c89e7cf20c1c0389100 🌎 Network: mainnet Etherscan
677
11
💎 To subscribers: We post all verified alerts to this channel. Some may be big hacks like yesterday's Ostium $20M loss and some are small sub-10k drains. Since it's not our job to decide which alerts are useful to a particular user, we post all of them. If you need to respond to certain alerts and deprioritize others, the best way is to do this is to subscribe to our Websocket API and receive full raw feed of all our alerts (including non-verified) in real time. The cost is only $200/month, ~20 times cheaper than Hypernative or other providers! What's included: — Defimon Signals Telegram subscription, — API access to the signals (confirmed attacks) — API access to all raw alerts (instant events before LLM verification) — 1 key to all 8 supported chains. Subscribe on the website https://defimon.xyz/subscribe or using the bot @defimon_subscription_bot
661
12
https://arbiscan.io/address/0x321Df194646029e7A6193Ea05573d4B9c398bfD9
https://arbiscan.io/address/0x321Df194646029e7A6193Ea05573d4B9c398bfD9
707
13
🚨 Ostium.com - Loss ~$11.86M (2026-07-15) Token: $oLP (drained asset: USDC, ~11,862,445 USDC @ $1) Network: Arbitrum Type: Private Key Compromise (oracle signer) → Price Manipulation Ostium's perp/RWA vault was drained via a compromised privileged key. The attacker's smart account was a registered forwarder (isForwarder, onlyTimelock) and submitted price reports signed by an authorized oracle signer — OstiumVerifier.verify() recovers the signer and requires isAuthorizedSigner[signer] (onlyGov), and it passed. Neither role is self-grantable, so an Ostium price-oracle/forwarder key was compromised. Via delegatedAction → openTrade + performUpkeep(closeTradeMarket) loops (20x), the attacker fed self-signed favorable prices to open and immediately close trades at a profit, draining ~11.86M USDC from the OstiumVault (oLP) to 0x321df194. Loss ≈ 32% of the $34.3M vault TVL. TX: https://arbiscan.io/tx/0x359f8c05b86a4409d60cfba02084334313fd94b19f74a294fb7fc4ea7d4870e0 Attacker: https://arbiscan.io/address/0xD1794196f0fc99c7f27970e661597d77d9a85869 Victim: https://arbiscan.io/address/0x20d419a8e12c45f88fda7c5760bb6923cee27f98 X: https://x.com/Ostium @defimon_subscription_bot
667
14
Today we notified drips.network about an exploit involving an old DaiDripsHub contract. An attacker exploited a signed-intege
Today we notified drips.network about an exploit involving an old DaiDripsHub contract. An attacker exploited a signed-integer cast vulnerability which resulted in $24,882 loss. Specifically the _give function calls _transfer(user, -int128(amt)), intending a deposit of amt DAI from the caller into the DaiReserve contract. The attacker passed amt = 2^128 − reserveBalance (340282366920938438580379185484100353741). Because amt ≥ 2^127, int128(amt) wraps negative, so -int128(amt) becomes positive (+24,882 DAI), flipping the intended deposit into the reserve withdraw branch of _transfer - draining the entire DaiReserve to the attacker instead of pulling funds from them. There was no upper bound on amt before the signed cast. The team confirmed that the new version of the protocol is not vulnerable and the affected addresses are now being traced for the next appropriate steps. TX: https://etherscan.io/tx/0xc38a6e2259a85ced94238a0b0a49697992f2a6b8140c28f3fd2343d3d8434130 Attacker: https://etherscan.io/address/0x84da7a5e2315eb798f04b75554aeb15047269cce Victim: https://etherscan.io/address/0xf9bbb2df44cfe46e501cf91c99b2f8fef9d9d44a ⏱️ Get real-time DeFi security alerts (Telegram/WebSocket): @defimon_subscription_bot
779
15
🚨 chiprotocol.io - Loss ~$8.5K (2026-07-13) Token: $USC (USC) Network: Ethereum Type: Oracle Manipulation / Redeem-at-Par Logic Error Chi Protocol's ArbitrageV5.burn() redeems reserve collateral valuing USC at the hardcoded USC_TARGET_PRICE ($1) — reserveAmountToRedeem = amount * $1 / reservePrice — with NO check that USC is actually at peg (unlike mint(), which enforces _almostEqualAbs(uscSpotPrice, USC_TARGET_PRICE)). The attacker flash-loaned 5 WETH from Balancer, bought heavily-depegged USC cheaply from a thin USC/WETH Uniswap V2 pool, then burned it 1:1 against the ReserveHolder to redeem full-value weETH/stETH/WETH collateral, netting ~4.66 WETH. Note: reserves are nearly drained (protocol TVL ~$883), so remaining opportunity is limited. TX: https://etherscan.io/tx/0x4a665f8eeada74552bd2dc466e5549731951f2f6180bbe865fa1d7b4be8ae96f Attacker: https://etherscan.io/address/0xf7105f68085294b6a45dd7231a6987b070e1abaf Victim: https://etherscan.io/address/0xc36303ef9c780292755b5a9593bfa8c1a7817e2a X: https://x.com/ProtocolChi @defimon_subscription_bot
723
16
🚨 UNIX Gaming - Loss ~$2.95K (2026-07-12) Token: $UNIX @ $3.62 Network: Optimism Type: Weak Randomness / Logic Error (predictable on-chain RNG) UNIX Gaming's play-to-win prize pool (0xc6ad...acab) picks ETH prize winners with weak on-chain randomness — its award function (selector 0x2c8dd10a) computes `keccak256(seed) % 10000` and compares it to per-tier probability weights. Because the seed is derived from predictable block/participant data, the attacker deployed short-lived throwaway contracts that simulate the draw and only commit a "play" (deposit 0.003 ETH → swap → add UNIX/WBTC LP → participate) when the outcome is a winning ticket, atomically claiming the top ETH prizes (0.275/0.055 ETH tiers) over and over. Repeated across many rounds in one tx, this drained ~1.62 ETH from the prize pool while the attacker only ever paid gas + tiny stakes. TX: https://optimistic.etherscan.io/tx/0x1eb58e4f84bcb8212da5e7801041fa0419ec50558276071ce31c869731b81ae2 Attacker: https://optimistic.etherscan.io/address/0x1774569e3f6ddd266a98d7043792080733ea11a0 Victim: https://optimistic.etherscan.io/address/0xc6adcc0dcd13902c3a423cdc6a86e3f2fc36acab (unverified) X: https://x.com/UnixGamingTV @defimon_subscription_bot
691
17
💌 Onchain message: To the hacker: Please, I beg you to have mercy on me. This money is my entire life savings, which I worked day and night for years to earn. Losing this will completely destroy my life and my family. Please return whatever you can, even a part of it. I would be eternally grateful to you. 📤 From: 0xfd4f7f631e8cb96d10b60606d582db39c53569f7 📥 To: 0xe1f38460681097e1369967c4953164522d5b9374 🌎 Network: bsc Etherscan
717
18
💌 Onchain message: To the hacker: We have tracked the stolen funds to this address. Please return the remaining funds to our wallet. You can keep 10% as a whitehat bounty. If the funds are returned within 24 hours, we will cease all legal investigations and reports to exchange compliance teams. You can reply on-chain. 📤 From: 0xfd4f7f631e8cb96d10b60606d582db39c53569f7 📥 To: 0xe1f38460681097e1369967c4953164522d5b9374 🌎 Network: bsc Etherscan
737
19
🚨 behodler.io - Loss $6.4K (2026-07-11) Token: $pWETH10 (PyroWETH10, wrapping WETH10) Network: Ethereum Type: Approval/Allowance Drain (broken access control) Behodler's PyroToken (PyroWETH10) has a flawed transferFrom: it checks _allowances[sender][recipient] instead of _allowances[sender][msg.sender]. Because users granted unlimited allowance to the PyroWethProxy (0xcE3f...7650) for normal deposits/redeems, anyone could call transferFrom(victimHolder, proxy, amount) to move a holder's pWETH10 into the proxy, then trigger redeem() to convert the stolen pyrotokens into WETH10 and withdraw ~3.57 ETH to the attacker. The check enforces the recipient's allowance, not the spender's, so no approval to the attacker was ever needed. TX: https://etherscan.io/tx/0xd41603681dbfcfd7a9c25ef26b1efbed380f6086c3c8c3a9ba3c149faeae2625 Attacker: https://etherscan.io/address/0x45c6304a9c1c196cb559b340763f182143ebcc51 Victim: https://etherscan.io/address/0x5b4e96994356cac1c7907b9c51f7f7c8f0bead12 X: https://x.com/BehodlerAMM @defimon_subscription_bot
674
20
🚨 Sodium Wallet - Loss ~$21.2K (2026-07-12) Token: $ETH @ $1799.65 Network: Arbitrum Type: Access Control / Signature Validation Bypass Sodium is an ERC-4337 (ZK/MPC) smart-wallet. Its `_validateSignature` for the `executeWithSodiumAuthSession` path returns "valid" whenever `sessionKey == signer` and no safe-session is set — it never verifies the session-add auth proof (that only runs later in execution). Attacker supplied userOps signed by its own EIP-1271 contract (isValidSignature always true) with a self-chosen sessionKey, so validateUserOp passed for ~300 established user wallets it doesn't own. Each op set maxFeePerGas ≈ 4062 gwei (~400,000× normal) with fixed verification gas and callGasLimit=0, so EntryPoint charged ~0.5 ETH of each wallet's gas deposit to the attacker (the bundler/beneficiary) while the op deliberately ran out of gas on execution. ~11.76 ETH drained from 300+ wallets in one tx. TX: https://arbiscan.io/tx/0x738995176c3bbd22f8deabd7a1e6b89a044231781b39aa2f350897535e6d7bc1 Attacker: https://arbiscan.io/address/0x7bD736631Afbe1d3795a94F60574f7fA0aE89347 Victim: https://arbiscan.io/address/0x65de72bd1897b017c91f41c86de2b15873320804 (one of 300+ Sodium wallets; impl 0xb5bc46df04dee31d219e7664122e29eed9506b8b) X: https://x.com/sodiums_org @defimon_subscription_bot
806