Difference between revisions of "Exploits"
Jump to navigation
Jump to search
(added a page) |
m |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Exploit or a crypto exploit describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in [[Crypto Scams|crypto scams]]). | Exploit or a crypto exploit/hack describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in [[Crypto Scams|crypto scams]]). | ||
Most exploits can be described as malicious, but not all exploits are malicious (see "Code is law"). | Most exploits can be described as malicious, but not all exploits are malicious (see: [[Code is law|"Code is law"]]). | ||
{| class="wikitable" | {| class="wikitable" | ||
|+ | |+Most common types of exploits | ||
!Name | !Name | ||
!Description | !Description | ||
|- | |- | ||
|Wallet drain | |Wallet drain | ||
| | |Victim is socially engineered into approving his wallet funds to be spent by a contract, which then drains the approved tokens from the victims wallet | ||
|- | |- | ||
|Contract drain | |Contract drain | ||
| | |Usually caused by vulnerability in the contracts code, which allows the attacker to drain funds from the contracts address (often leveraging [[Flash loan|flash loans]]) | ||
|- | |- | ||
| | |etc | ||
| | | | ||
|} | |} | ||
=== Resources === | |||
To explore history and details on hacks and exploits: | |||
https://rekt.news/leaderboard/ (a leaderboard of biggest hacks/exploits in crypto space) | |||
https://twitter.com/zachxbt (on-chain detective, exposing some of the hackers and scammers) | |||
[[Category:Exploit]] | [[Category:Exploit]] |
Latest revision as of 10:13, 29 April 2022
Exploit or a crypto exploit/hack describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in crypto scams).
Most exploits can be described as malicious, but not all exploits are malicious (see: "Code is law").
Name | Description |
---|---|
Wallet drain | Victim is socially engineered into approving his wallet funds to be spent by a contract, which then drains the approved tokens from the victims wallet |
Contract drain | Usually caused by vulnerability in the contracts code, which allows the attacker to drain funds from the contracts address (often leveraging flash loans) |
etc |
Resources
To explore history and details on hacks and exploits:
https://rekt.news/leaderboard/ (a leaderboard of biggest hacks/exploits in crypto space)
https://twitter.com/zachxbt (on-chain detective, exposing some of the hackers and scammers)