Multiple DeFi projects experienced hacking incidents targeting smart contracts, cross-chain bridges, and decentralized governance on June 7, 9, and 10 (local time). Solana-based DEX Raydium lost approximately $1.3 million, Ethereum lending protocol NovaBox lost 56.7 ETH, Syscoin bridge saw 5 billion SYS tokens illegally minted, MILC platform lost $161,000, and AragonDAO lost 944.2 wETH worth $1.5 million. Attack methods evolved beyond simple code vulnerabilities to include admin privilege theft and governance takeovers. Blockchain security firms noted the incidents highlight structural security risks across the DeFi ecosystem.
Raydium DEX Loses $1.3 Million to Legacy Pool Attack
On June 10 (local time), Solana-based decentralized exchange Raydium suffered an attack targeting its legacy automated market maker (AMM) pools, resulting in approximately $1.3 million in stolen funds. The project stated the damage was limited to certain legacy pools and announced plans to compensate user losses using project treasury funds.
NovaBox Protocol Suffers Flash Loan Exploit
Ethereum-based lending protocol NovaBox was attacked through a flash loan exploit. According to blockchain security firm F12, the attacker stole approximately 56.7 ETH by exploiting vulnerabilities in the deposit and reward distribution structure. The attacker used large amounts of capital secured through flash loans to receive more dividends than actual entitlement, depleting most of the liquidity pool assets. F12 stated in a social media post that the attack involved "no reentrancy, no overflow, pure economic design flaw" and that "99.86% of the pool gone in one tx."
Syscoin Bridge Incident Results in 5 Billion SYS Minting
Layer-1 blockchain project Syscoin experienced a bridge vulnerability exploit that resulted in the illegal minting of 5 billion SYS tokens on June 7. The project stated it detected the abnormal transactions early and moved most of the supply to a recovery address. Syscoin announced it paused bridge operations and is currently implementing security patches. The project posted on social media that "the Syscoin bridge is currently paused while the team investigates, finalizes the fix."
MILC Platform Admin Key Compromise Leads to $161K Loss
Media-focused digital asset project MILC Media Metaverse Platform suffered a bridge incident due to admin privilege theft. According to F12, the attacker exploited an existing bridge administrator wallet to grant admin privileges to their own externally owned account (EOA), then extracted MLT (Media License Token) from the bridge contract and transferred admin control to their wallet. F12 identified the root cause as "an admin private-key compromise, not a contract bug" and estimated losses at approximately $161,000.
AragonDAO Governance Exploit Drains $1.5 Million
A hacking attack exploiting vulnerabilities in AragonDAO governance settings resulted in the theft of 944.2 wETH (wrapped Ethereum) worth $1.5 million (approximately 2.29 billion KRW). According to blockchain security firm BlockSec Phalcon, the attacker held more than 50% of TOP (Token of Power) governance tokens and exploited structural flaws to illegally mint 10 billion TOP tokens, then swapped 1 billion TOP for wETH. BlockSec Phalcon stated the attacker "acquired more than 50% of TOP voting power, due to the token's low market value, and used it to pass and execute a governance proposal" on June 9.
Chainalysis Issues Warning on AI-Enabled Attack Tools
Chainalysis issued a report on June 9 (local time) stating that "the spread of artificial intelligence (AI)-based analysis tools has significantly lowered the difficulty of attacking unverified smart contracts." The firm diagnosed that "if DeFi projects do not strengthen code disclosure, security audits, and decentralized authority systems, security incidents may repeat."
FAQ
What types of vulnerabilities did attackers exploit in the recent DeFi hacking incidents?
Attackers exploited legacy AMM pool vulnerabilities in Raydium, flash loan economic design flaws in NovaBox, bridge contract weaknesses in Syscoin, compromised admin private keys in MILC platform, and governance token concentration in AragonDAO. The incidents occurred on June 7, 9, and 10 (local time) across multiple blockchain platforms.
How much total value was stolen across all reported DeFi attacks?
The reported incidents resulted in approximately $1.3 million stolen from Raydium, 56.7 ETH from NovaBox, $161,000 from MILC platform, and $1.5 million from AragonDAO. Syscoin's 5 billion illegally minted SYS tokens were mostly recovered to a project-controlled address according to the project's statement.
What security measures did Chainalysis recommend in its June 9 report?
Chainalysis stated in its June 9 report that DeFi projects should strengthen code disclosure, security audits, and decentralized authority systems. The firm noted that AI-based analysis tools have lowered the barrier for attacking unverified smart contracts.
