Smart contracts are self-executing programs on Ethereum (Solidity). They hold millions of dollars. Hackers don't rob banks anymore. They rob contracts.
The Reentrancy Attack
The most famous vulnerability (The DAO Hack, $60 Million stolen).
Imagine an ATM. You ask to withdraw $100.
The ATM gives you $100.
BEFORE it subtracts $100 from your balance, you ask for ANOTHER $100.
The ATM gives it to you. It keeps giving until it is empty.
1. Integer Overflow
In older Solidity versions, `uint8` max value is 255.
If you report `255 + 1`, it wraps around to `0`.
Hackers used this to mint infinite tokens.
2. Flash Loans
You can borrow $1 Billion for 10 seconds (one block).
You use this massive capital to manipulate the market price of a token on Uniswap.
Then you pay back the loan and keep the profit.
This is not a "hack", it is "Market Manipulation via Code".