April was a rough month for the crypto world, as CertiK’s report on crypto exploits, scams, and hacks revealed losses of over $103 million from various investors and projects. The total losses for the year have already surpassed $429.7 million, making it clear that the security of digital assets remains a significant concern.
The month of April saw several significant attacks, including the loss of $25.4 million due to an exploit of several MEV trading bots on April 3, a hot wallet exploit at the Bitrue exchange resulting in $23 million stolen, and the hack of South Korean GDAC exchange leading to a loss of $13 million. According to CertiK, $74.5 million was lost to crypto and DeFi exploits in April, comprising half of the total $145 million exploited in the year’s first four months. Additionally, flash loan attacks resulted in the loss of approximately $20 million, with Yearn Finance bearing the brunt after a hacker manipulated an outdated smart contract on April 13.
The report also revealed exit scams cost investors $9.4 million, with Merlin DEX stealing the show as the top exit scam, losing $2.7 million. CertiK had assessed the protocol and cautioned about centralization issues prior to the attack, launching a compensation plan afterward to retrieve the stolen funds.
Sadly, the DeFi market is still struggling to protect investors as the attacks continue to prove. In 2023, several major attacks resulted in tens of millions of dollars in monthly losses. While rug pulls still happen, many attacks in 2023 are due to exploits of protocol logic. Euler Finance and Sentiment Finance were prominent among the attacks, with hackers stealing $197 million from Euler Finance in March. However, the team recovered the funds after negotiating with the attackers.
Meanwhile, Sentiment Finance suffered a loss of nearly $1 million due to a reentrancy attack, but the hacker returned 90% of the funds after negotiations with the team. While 2023 has seen less theft than 2022, which saw hackers steal $359 million in February alone, this is mainly due to large attacks on a single platform.
DeFi hacks in 2022 were daring, even by the crypto market’s standards, leading the FBI to offer safety tips. As the market grows, teams must do more to prevent attacks and protect investors.
In conclusion, the crypto community must come to terms with the fact that the security of digital assets continues to be a significant concern. Although there is a noticeable decrease in theft compared to 2022, it does not mean that investors can let their guard down. On the contrary, it emphasizes the need for DeFi projects to strengthen their security measures, remain transparent, and prioritize investor protection to maintain the growing trust of the community.