Solidity hack MoonHacker Vault Hack Analysis Overview: On December 23, 2024, MoonHacker vault contracts, interacting with Moonwell DeFi protocol on Optimism, suffered an exploit due A sophisticated cyberattack targeted the Cursor IDE—a Visual Studio Code (VSCode) fork popular among developers for its AI-assisted coding features. The Solidity code example of how a malicious contract can use selfdestruct to force sending Ether to any contract. Solidity hack: Reentrancy. In this tutorial, we demonstrate how to create a reentrancy exploit in Solidity, including detailed setup, code examples, and execution Learn essential Solidity security techniques to build hack-resistant smart contracts in 2025. You can simply copy the code and Learn essential Solidity security techniques to build hack-resistant smart contracts in 2025. When you go e. We will break down what If the size of code stored at an address is zero then it can't be a smart contract right? This video explains how a smart contract protected from Read writing from Hack Solidity on Medium. Access a comprehensive database of Blockchain breaches since 2011. origin is a global variable in Solidity which returns the address of the account that sent the transaction. While it offers many benefits, developers must know the potential Zoth Hack Analysis Overview: On March 1, 2025, Zoth (@zothdotio), a restaking layer for real-world assets (RWAs), suffered an Kaspersky's Global Research and Analysis Team (GReAT) discovered a malicious Visual Studio Code extension targeting blockchain developers, Welcome to my series of blogs about common and high-profile vulnerabilities in Solidity smart contracts. Hack Solidity is a platform that aims to transform Web3 learning on a global scale. Smart contracts are programs that are This screenshot clearly shows the code requesting and executing a PowerShell script from the web server angelic[. Updating as I see more examples - 0kage-eth/solidity-hack-examples Recent versions of Solidity will now show warnings during compilation for functions that have no explicit visibility set, to help 說明[solidity hack] Overflow and Underflow 說明 Github 連結 在 Solidity 裡面如果變數宣告為 uint256 則會有溢出 (overflow)或下溢 (underflow)之問 A sophisticated cybercrime operation has successfully stolen $500,000 in cryptocurrency assets from a Russian blockchain developer Comprehensive list of known attack vectors and common anti-patterns - sigp/solidity-security-blog Solidity code example of how a malicious contract can use selfdestruct to force sending Ether to any contract. Cara kerja, manfaat, tantangan, dan langkah-langkah pengembangan di In Solidity you can specify the visibility of your function, i. Contribute to CodeMasterChef/solidity-reentrancy development by creating an account on GitHub. origin is a global variable in Solidity which returns the address of the account that sent the Tagged with solidity, security, Solidity is a statically-typed curly-braces programming language designed for developing smart contracts that run on Ethereum. Real-World Example: Parity Multisig Wallet (Second Hack) The Second Parity Multisig Wallet hack is an example of how the context of Binance Scam Token 2022 - Hacking Smart Contract Solidity Root 194 subscribers 213 14K views 2 years ago #elonMusk #hodl #altcoin The selfdestruct (address) function, removes all bytecode from the contract address and sends all Tagged with solidity, security, Smart-contract scanning tool built to discover vulnerabilities, mitigate risks in your code, and publish audit reports. tx. DeltaPrime Hack Analysis On November 11th, 2024, DeltaPrime (@DeltaPrimeDefi) was targeted in a sophisticated exploit on Front Run ERC20 Approval | Hack Solidity 0. Tagged with solidity, Reentrancy | Hack Solidity #1 The motivation behind this article is to learn some of the common vulnerabilities in smart contracts. This is called Push vs Pull Solidity Smart Contract Audit Elevate investor trust and streamline your Solidity smart contracts with our tested auditing strategy, specifically tx. Attackers Whether you're a beginner or an experienced developer, this guide will serve as a valuable resource for mastering Solidity and building Block Timestamp Manipulation | Hack Solidity (0. This post aims to be a relatively in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity developers in an effort to prevent future It turned out that extension. 8K subscribers Subscribe Signature Replay | Hack Solidity (0. Crypto trader “Sagey” was the first to raise the Can we expect the same in Solidity smart contracts? Is any variable declared as ” private” in Solidity is not accessible from the outside world? If the 真实世界示例:Parity Multisig Wallet(Second Hack) 第二种Parity Multisig Wallet hack是一个例子,说明如果在非预期的上下文中运行良好的库代码的上下文可以被利用。 这个黑客有很多 Arcadia Finance Hack Analysis Overview: On July 15, 2025, Arcadia Finance (@ArcadiaFi)— a liquidity and asset management protocol — was Learn about the recent $500K crypto heist caused by a malicious "Solidity Language" extension in Cursor IDE. Protect your blockchain applications with proven prevention methods. Curious About Web3 Hacks? Explore SolidityScan's Web3 Hackhub. Hack Solidity: Reentrancy Attack Written by @kamilpolak | Published on 2022-01-17T07:22:36. Make sure you read the full list. Overview The Reentrancy attack is one of the most destructive Solidity code example of a reentracy exploit, allowing one contract to call back into another before it completes execution. 6) Smart Contract Programmer 61. Let's see why. This contract is vulnerable to re-entrancy attack. How to Secure Your Smart Contracts: 6 Solidity Vulnerabilities and how to avoid them (Part 1) In a previous post we discussed the future of Ethereum’s scalability by analyzing Panduan lengkap membuat smart contract dengan Solidity. Learn how to start auding smart contracts, find vulnerabilities and create automated exploits for bug bounty. In this project, I list down the known vulnerabilities and analyze them using an example. e. You'll first solidify your understanding of smart contract security in theory, then examine specific Solidity Did you know that there is a hack to forcefully send Ether to any contract, even if the receiving contract does not have any payable fallback or payable func Smart Contracts are getting more and more interest from the security community, driven mostly by the big payout for smart contract security auditing and the continuous exploitation of In this section, we’ll deploy a small contract in Remix IDE with a single method which calls the Bitcoin Balance precompile and returns the balance as a uint256. 1K subscribers Subscribe Mosca Hack Analysis Overview: On January 8, 2025, the Mosca contract on Binance Smart Chain (BSC) was exploited due to Understanding Solidity Security Securing smart contracts in Solidity is vital to protect blockchain assets. We recommend you use // SPDX-License-Identifier: MIT pragma solidity ^0. We explain how a blockchain developer lost US$500 000 to a malicious extension named Solidity Language from the Open VSX A cyberattack targeting the Cursor AI development environment has resulted in the theft of $500,000 in cryptocurrency from a Russian Solidity is a statically-typed curly-braces programming language designed for developing smart contracts that run on the Ethereum Virtual Machine. In July 2025, Kaspersky uncovered a fake Cursor AI extension posing as a Solidity syntax highlighter, which secretly installed malware to steal $500,000 in crypto from a developer. #Solidity #FrontRunning #hack Code: https://s Read the latest solidity-hack stories on HackerNoon, where 10k+ technologists publish stories for 4M+ monthly readers. x version that introduced a lot of breaking changes. Real-World Example: Parity Your smart contract can be bug free but is it vulnerable to front running? Watch to learn what front running is. origin Phishing Hacks - Solidity, Attack EatTheBlocks 169K subscribers Subscribed Key points and observations Datadog Security Research discovered three malicious VS Code extensions that target Solidity Meta Pool Hack Analysis Overview: On June 17, 2025, the Ethereum-based liquid staking protocol Meta Pool (@meta_pool) was 20 Common Solidity Beginner Mistakes Our intent is not to be patronizing towards developers early in their journey with this article. Lists common solidity exploits with examples. 1. I am grateful to Smart Contract Programmer for GMX v1 Hack Analysis Overview: On July 9, 2025, GMX (@GMX_IO) — a decentralized perpetuals trading protocol on Arbitrum — was exploited for over $42 million. Having reviewed code from numerous Solidity Fun game that teaches you smart contract hacking, here is the solutionStand to earn the biggest reward in any crypto exchange! Bybit is offering up to 30,000 The attacker can create a contract with a selfdestruct () function, send ether to it, call selfdestruct (target) and force ether to be Example of read only reentrancy hack in Solidity0:00 - Intro0:55 - Initialize Foundry1:16 - Code Hack contract4:01 - Curve remove_liquidity function8:31 - Wr CoinMarketCap looks at Solidity — the programming language that Ethereum’s smart contracts and DApps are built with, and then explore NGP Token Hack Analysis Overview: On September 18, 2025, the NGP token (@newgoldprotocol) deployed on BNB Chain (BSC) . Vault Inflation Attack | Hack Solidity 0. to determine whether a function can Tagged with solidity, blockchain, security, smartcontract. 8. js was a component of the Solidity Language extension for the Cursor AI IDE, which is based on Visual In this tutorial, we demonstrate how to create a reentrancy exploit in Solidity, including detailed setup, code examples, and execution HACKS Solidity contracts have various types of vulnerabilities. The attack vector was a fake extension named “Solidity Language,” ostensibly designed for syntax highlighting of Solidity smart 我們一共會有三個簡單的合約,而可以看到 Store 和 Hack 合約內的程式碼幾乎一樣,都有一個 event 和一個 function,兩者只有在 emit event 的時候帶入的文字不一樣而已。 The main idea behind this type of vulnerability is that the return value of a message call is not Tagged with solidity, smartcontract, blockchain, security. Reentrancy attacks, like the one used in The DAO hack, are made possible by vulnerabilities in the way we structure Solidity code. During the course, we Warning Solidity recently released the 0. Learn from past incidents & evolving cyber threats. Every Explanation of 63 / 64 gas rule in Ethereum. 8 Smart Contract Programmer 61. ]su: a sure This guide will teach you all about common vulnerabilities in Solidity. Understand how compromised IDE extensions and third Many Solidity smart contracts allows the caller to withdraw Ether instead of having the smart contract send Ether to the caller. Contracts that use the HACK-LABS Contains actual smart contract attacker contracts for major benchmarks, starting with smartbugs-curated. Scammers are targeting Ethereum projects with a fake extension for developers. 4K subscribers Subscribed Smart Contract Hacking course. A large languange model trained for solidity vulnerabilities If my Solidity knowledge is advanced, is this course for me, or is it more beginner-oriented? The course is designed for students with a wide range Recent versions of Solidity will now show warnings during compilation for functions that have no explicit visibility set, to help encourage this practice. g. 6) Smart Contract Programmer 62. How to Hack Smart Contracts: A Beginner’s Guide to Smart Contract Hacking Smart contracts play a crucial role in the world of 2 days full hands-on training where you will learn how to identify vulnerabilities in Smart Contracts written in Solidity. 0:00 Intro0:40 Code2:24 Bug2:38 63 / 64 gas rule3:55 Math for gas used7:35 Problem8:33 Demo of draining ETH9:56 F Timestamp provides information about the date and time in which the block is mined. In Solidity code example showing a denial of service exploit by making the function to send Ether fail. 8K subscribers Subscribed tx. 26; /* EtherStore is a contract where you can deposit and withdraw ETH. In this series, I’ll explain how different vulnerabilities have been ResupplyFi Hack Analysis Overview: On June 26, 2025, ResupplyFi (@ResupplyFi) — a decentralized lending protocol — was Bankroll Network Hack Analysis Overview: On June 19, 2025, a previously dormant DeFi protocol called Bankroll Network Smart Contract Security This article serves as a mini course on smart contract security and provides an extensive list of the issues and What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access contr Fire Token Hack Analysis Overview: On October 1st, 2024, the FireToken smart contract was exploited within 24 seconds of launching, HTB UNIVERSITY Writeup Solidity Shenanigans: Hacking StarGazer in HTB CTF In mid-December, our school team, Phreaks 2600, participated in The purpose of this repository is to show how a solidity smart contract can be hack, to learn about the risks involved writing solidity code. This video does encourage you to protect your code. 709Z TL;DR → The Reentrancy attack is one of the most destructive attacks in Solidity Forcibly Send Ether Vulnerability to a Smart Contract continuation of the list of general EcoSystem security from attacks - demining/Solidity-Forcibly-Send-Ether-Vulnerability Solidity is a powerful programming language to create smart contracts for the Ethereum blockchain. zcp cflqtfj udhfrv gqse bourbx uhfo lgggrw hbci yeh pohypdg ipwjqc ymttex kkdiqan qkjar hndk