LastIncident

Incident Classification & Reporting Standards

Some incidents listed on this platform may be unverified or alleged until additional evidence is available. Last Incident does not assert wrongdoing and does not publish personally identifying information. All content is for educational, analytical, and safety-improvement purposes only.

📘 What Is an Incident?

A crypto/Web3 incident occurs when funds are stolen, lost, frozen, misused, or placed at risk due to an exploit, attack, vulnerability, deception, coercion, or operational breakdown.

Incidents may be classified as Confirmed, Likely, or Unverified/Alleged.

🧩 Incident Categories

🧮 Smart Contract Exploits

  • Reentrancy attacks
  • Oracle manipulation
  • Flash-loan-enabled exploits
  • Logic bugs, authentication failures

⚙️ Protocol-Level Attacks

  • Bridge vulnerabilities
  • MEV exploitation
  • Consensus / validator failures
  • Liquidity manipulation

🔐 Private Key Compromise

  • Seed phrase theft
  • Keylogger or malware compromise
  • Hardware wallet exploitation
  • Insider access or compromised backups

🎭 Phishing & Social Engineering

  • Fake support impersonation
  • Scam websites or wallet drains
  • SIM swap attacks
  • Deepfake or identity impersonation

🏚️ Rugs & Insider Abuse

  • Insider token dumps
  • Rug pulls / liquidity withdrawal
  • Fake teams or fraudulent project claims

🏦 Exchange / CeFi Failures

  • Withdrawal halts
  • Insolvency or mismanagement
  • Security breaches affecting user accounts

🔌 Infrastructure & Supply-Chain Attacks

  • DNS hijacking
  • Dependency / library compromise
  • Cloud service takeover

🧍 Real-World / Physical Attacks

  • Coercion or forced wallet transfers
  • Kidnapping or violent extortion
  • Example: 2025 Robbery or attempts involving physical torture & forced crypto transfers

📈 Market Manipulation & Scam Tokens

  • Wash trading
  • Fake liquidity or volume
  • Coordinated pump-and-dump schemes

📱 Wallet & UI/UX Exploits

  • Malicious wallet interfaces
  • Approval-draining scams
  • UI deception or signature spoofing

🔍 Incident Verification Levels

  • Confirmed: Backed by on-chain evidence, project statements, or multiple independent security researchers.
  • Likely: Strong indicators but awaiting full confirmation.
  • Unverified / Alleged: Early reports without confirmed evidence.We avoid speculation and do not assert guilt.

🛡️ Safety & Reporting Principles

  • No publishing of doxxing information or personal identifiers.
  • No accusations of criminality unless publicly confirmed by authorities or courts.
  • We prioritize user protection and factual accuracy above engagement.
  • We follow responsible disclosure practices for active vulnerabilities.