Difference between revisions of "Exploits"
Jump to navigation
Jump to search
m (added a link) |
m (added couple of exploit types and resources) |
||
| Line 1: | Line 1: | ||
Exploit or a crypto exploit describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in [[Crypto Scams|crypto scams]]). | Exploit or a crypto exploit/hack describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in [[Crypto Scams|crypto scams]]). | ||
Most exploits can be described as malicious, but not all exploits are malicious (see: [[Code is law|"Code is law"]]). | Most exploits can be described as malicious, but not all exploits are malicious (see: [[Code is law|"Code is law"]]). | ||
{| class="wikitable" | {| class="wikitable" | ||
|+ | |+Most common types of exploits | ||
!Name | !Name | ||
!Description | !Description | ||
|- | |- | ||
|Wallet drain | |Wallet drain | ||
| | |Victim is socially engineered into approving his wallet funds to be spent by a contract, which then drains the approved tokens from the victims wallet | ||
|- | |- | ||
|Contract drain | |Contract drain | ||
| | |Usually caused by vulnerability in the contracts code, which allows the attacker to drain funds from the contracts address (often leveraging [[Flash loan|flash loans]]) | ||
|- | |- | ||
| | |etc | ||
| | | | ||
|} | |} | ||
=== Resources === | |||
To explore history and details on hacks and exploits: | |||
https://rekt.news/leaderboard/ (a leaderboard of biggest hacks/exploits in crypto space) | |||
https://twitter.com/zachxbt | |||
[[Category:Exploit]] | [[Category:Exploit]] | ||
Revision as of 10:09, 29 April 2022
Exploit or a crypto exploit/hack describes a way for a 3rd party to extract value from a protocol or person using more technical means (in contrast to social engineering in crypto scams).
Most exploits can be described as malicious, but not all exploits are malicious (see: "Code is law").
| Name | Description |
|---|---|
| Wallet drain | Victim is socially engineered into approving his wallet funds to be spent by a contract, which then drains the approved tokens from the victims wallet |
| Contract drain | Usually caused by vulnerability in the contracts code, which allows the attacker to drain funds from the contracts address (often leveraging flash loans) |
| etc |
Resources
To explore history and details on hacks and exploits:
https://rekt.news/leaderboard/ (a leaderboard of biggest hacks/exploits in crypto space)