- CertiK reports that cryptocurrency-related scams, exploits, and hacks in April resulted in a loss of $103 million.
- According to the report, the year-to-date (YTD) total loss is $429.7 million.
- Major losses were incurred by MEV ($25M), Bitrue ($22.0M), GDAC ($13.0M and Yearn Finance (10.2M).
A new report by cybersecurity firm CertiK has highlighted the ongoing challenges faced by the cryptocurrency industry when it comes to security. The report focuses on crypto scams, exploits, and hacks that occurred in April 2023, revealing a total of $103 million.
The most significant incident involved MEV bots, which resulted in a loss of $25 million. Bitrue, a cryptocurrency exchange, suffered a loss of $22.0 million due to a hack. GDAC, a South Korean cryptocurrency exchange, lost $13.0 million in a similar attack, where hackers exploited a vulnerability in the exchange’s smart contract. Yearn Finance, a decentralized finance (DeFi) protocol, lost $10.2 million due to a hack. The attackers exploit a vulnerability in the protocol’s code to drain funds from Yearn Finance’s liquidity pools.
Flash Loan Attacks in DeFi Space
According to the report, April 2023 saw an increase in Flash Loan Attacks in the decentralized Finance (DeFi) space, resulting in millions of dollars in losses. A Flash Loan Attack is an exploit where an attacker borrows a large amount of cryptocurrency using a flash loan and then uses it to manipulate the price of assets or drain liquidity pools.
Yearn Finance was the most significant victim of such an attack, losing $10,167,592. The attackers reportedly exploited a vulnerability in Yearn Finance’s code to drain funds from its liquidity pools.
Hundred Finance, another DeFi protocol, was the second-largest victim, with a loss of $7,497,545 due to a similar attack. OVIX, a DeFi lending protocol, lost $2,043,497 in a Flash Loan Attack.
Printer Finance, a DeFi protocol that offers leveraged trading and yields farming strategies, lost $35,357 due to an attack that targeted the protocol’s flash loan mechanism. Sashimi Swap, a decentralized exchange, suffered a loss of $24,318 due to a similar exploit.
Flash Loan Attacks resulted in a total loss of $242,851,006 from January to April 2023. In January 2023, Flash Loan Attacks resulted in a loss of $0.76M, while February witnessed a loss of $15.9M. March was the worst month, with a loss of $206.3M, and April saw a loss of $19.9M.
Increase in Exit Scams in the Cryptocurrency Industry
Certik’s report also highlights that April 2023 saw an increase in exit scams in the cryptocurrency industry, resulting in significant losses for investors. An exit scam is a fraudulent practice where a project’s founders or team members disappear with investors’ funds, leaving no trace of the money.
Merlin DEX, a decentralized exchange, was the most significant victim of such a scam, losing $2,700,000. The team behind the project reportedly disappeared, taking investors’ funds with them.
Ordinals Finance, a yield farming protocol, was the second-largest victim, with a loss of $1,000,000 due to an Exit Scam. The team behind the protocol disappeared, leaving investors with no means to recover their funds.
6827 Token, a decentralized finance (DeFi) protocol, lost $729,331 due to an Exit Scam, while fcdep, a DeFi platform, lost $674,853. ZKLOTTO, a lottery-based cryptocurrency project, suffered a loss of $609,959 due to a similar scam.
According to the report, exit scams resulted in a total loss of $40,394,467 from January to April 2023. January saw the most significant loss, with $10.2M, while February and March witnessed losses of $11.5M and $8.9M, respectively. April’s casualties were relatively lower, at $9.4M.
Exploits Plaguing the Cryptocurrency Industry
The Certik reports highlight that April 2023 witnessed several exploits in the cryptocurrency industry, resulting in significant losses for investors and exchanges. An exploit is a vulnerability or weakness in a project’s code or infrastructure that attackers can exploit to gain unauthorized access or manipulate the system.
MEV Bots, a decentralized finance (DeFi) protocol, was the most significant victim of such an exploit, losing $25,389,731. Bitrue, a centralized cryptocurrency exchange, was the second-largest victim, with a loss of $22,030,816 due to an exploit that targeted the exchange’s hot wallets. GDAC, another cryptocurrency exchange, lost $13,000,000 due to a similar attack.
Terraport, a DeFi protocol that offers leveraged trading and yields farming strategies, lost $4,000,000 due to an exploit that targeted its liquidity pools. SushiSwap, a decentralized exchange, suffered a loss of $3,300,000 due to a similar exploit.
The total loss due to exploits in the cryptocurrency industry from January to April 2023 was $145,074,519. January saw a loss of $16.1M, followed by February and March, with losses of $24.0M and $19.9M, respectively. April witnessed the highest loss, with $74.5M.
The Certik report concluded by revealing that the total loss in the cryptocurrency industry from January to April 2023 is $429,690,314.
Precautions and Call for Stricter Regulations and Improved Security Measures
The increase in cryptocurrency’s popularity has led to a rise in crypto exploits, scams, and hacks. The key factors behind these incidents are:
- The need for regulation in the cryptocurrency market.
- The vulnerability of centralized exchanges to hacks.
- The exposure of smart contracts to exploits.
Many of these exploits and scams use social engineering tactics to trick users, and inexperienced investors are particularly vulnerable. To protect their investments, investors need to be more vigilant and take necessary security precautions, such as using secure wallets, avoiding suspicious emails and websites, and staying up-to-date on the latest security threats.
The crypto industry needs stricter regulations and improved security measures in the cryptocurrency industry to protect investor funds. Cryptocurrency platforms and exchanges must implement robust security protocols to prevent such incidents and ensure their users’ safety.
