Structural failure
Absence Of Withdrawal Monitoring
No automated alert when bridge or treasury balances move at uncharacteristic size or speed. Six days of silence is typical.
Records exhibiting this pattern
Aptos Move VM flaw patched after critical disclosure
Hexens reported a critical Aptos Move virtual machine vulnerability on February 25, 2026; Aptos stated that it triaged and patched the issue within hours, while researchers estimated up to $70 billion in systemic exposure.
$70.00B affectedKnaken Bankruptcy Proceedings After Customer Funds Freeze
Dutch prosecutors sought bankruptcy orders against Knaken entities after the platform went offline in early June, with an estimated 30,000 customers reportedly unable to access holdings amid a separate criminal probe.
Polymarket Wallet Theft After Frontend Script Injection
About $3.1 million in PUSD was taken from 11 user wallets after Polymarket said a compromised third-party vendor injected malicious code into parts of its frontend; full refunds were promised.
$3.1M affectedMemeCore M Token Collapse Without Confirmed Trigger
MemeCore’s M token fell from near $2.92 to as low as $0.51 within 24 hours, erasing close to $3 billion in market value on roughly $21 million in volume, with no confirmed exploit, hack, or public catalyst identified.
$3.00B affectedSecondFi Cardano Wallet Exploit and Address-Level Flaw
SecondFi attributed a Cardano wallet exploit to an address-level defect in wallet generation and signing, reporting 374 affected addresses, about 16 million ADA impacted, and emergency custody of roughly 129 million ADA.
$2.4M affectedjaredfromsubway.eth Drain via Fake Route Approvals
A reported exploit of the Ethereum MEV bot jaredfromsubway.eth used fabricated trading routes, fake token infrastructure, and standing approvals to remove more than $7.5 million.
$7.5M affectedAztec Connect Deprecated Contract Exploit on Ethereum
A deprecated Aztec Connect contract was drained on 2026-06-15 after a verification-settlement mismatch was reportedly exploited, with Aztec Labs stating the current Aztec network was unaffected.
$2.1M affectedNancy Fake-Police Crypto Assault Followed Waltio Breach
A Nancy indictment linked an alleged fake-police assault on a crypto-holding couple to personal data reportedly obtained after Waltio’s January breach exposed balances and contact information.
$20000 affectedRaydium Retired AMM Exploit Drained Five Inactive Pools
Raydium said a retired Solana AMM program was exploited on 2026-06-10, draining roughly $1.34 million from five inactive liquidity pools, with the treasury designated to compensate affected users.
$1.3M affectedGnosis Pay Delay Module Exploit — June 2026
Gnosis Pay disclosed an active exploit affecting its delay module and card wallet infrastructure on June 1, 2026, then said the issue was being contained and all affected users would be reimbursed in full.
$— affectedDxSale BNB Chain Liquidity Exploit on May 29, 2026
DxSale lost about $7.3 million in a BNB Chain locker exploit that reportedly affected roughly 1,400 liquidity providers, after a prior ownership transfer and a withdrawal-loop abuse were identified by analysts.
$7.3M affectedStakeDAO vsdCRV Key Compromise on Arbitrum
A suspected StakeDAO deployer-key compromise let an attacker redirect vsdCRV bridge settings, mint more than 5.4 trillion tokens on Arbitrum, and extract roughly $91,000 before liquidity constraints halted further selling.
$91000 affectedSafe Wallet Third-Party Module Exploit in May 2026
A suspected external module tied to Safe wallet integrations drained about $3.2 million from 86 accounts across Ethereum and Base, while Safe Labs and Squid said their core systems were not the source of the breach.
$3.2M affectedMango Markets Oracle Manipulation — October 2022
A trader pumped the MNGO oracle on a thin Solana spot market, used the inflated collateral to borrow $114M from the protocol, then later argued in court that the manoeuvre constituted legitimate trading.
$114.0M affectedRonin Bridge Hack — March 2022
A North Korean state actor compromised 5 of 9 validator nodes on the Ronin sidechain, draining $625 million in ETH and USDC.
$625.0M affectedWormhole Bridge Hack — February 2022
A signature-verification flaw in the Solana-Ethereum Wormhole bridge allowed an attacker to mint 120,000 wETH on Solana without depositing the matching ETH — a $325 million theft that Jump Trading replenished from its own balance sheet.
$325.0M affectedCoincheck NEM Hack — January 2018
The Tokyo exchange lost $530M in NEM tokens from a hot wallet — the largest crypto theft on record at the time. Customers were reimbursed in JPY at recovery prices.
$530.0M affectedMt. Gox Collapse — February 2014
The exchange handling 70 percent of global Bitcoin trading suspended withdrawals, filed for bankruptcy, and disclosed the loss of 850,000 BTC — a recovery that is still being distributed to creditors a decade later.
$450.0M affected