Digital assets worth over 2.7 million were lost to hacks and fraud in the second quarter of 2024. This latest figure brings the value of digital assets lost to hacks, fraud, and scams in 2024 to 0.9 million. Decentralized finance (defi) platforms lost approximately 2.1 million across 63 incidents. This figure is 25% lower than […]
Bitcoin News
Prioritizing First-Mover Advantage Over Security Leaves Defi Protocols Vulnerable to Hacks – Nikita Ovchinnik
According to Nikita Ovchinnik, founder of Barter Defi, decentralized finance (defi) protocols are increasingly becoming the primary target of most hacking attacks because defi “lays bare its inner workings for all to see.” He said the open-source nature of defi means hackers and malicious actors have ample time to study and identify weaknesses or vulnerabilities […]
Bitcoin News
A Fifth of Gen Z, Millennials Own Crypto; Over 60% Have Tried at Least One of Six Financial Hacks
Approximately a fifth of America’s Gen Z and Millennials own cryptocurrency but only 20% own real estate, the latest Policygenius 2024 Financial Planning Survey has found. The survey report asserts that Baby Boomers have “benefited greatly from housing wealth,” which now accounts for nearly half of their wealth. Boomers Least Interested in NFTs According to […]
Bitcoin News
Study: Financial Losses on BNB Chain Due to Hacks and Scams Fell by 85% in 2023
In 2023, financial losses on the BNB Smart Chain due to exploits or breaches fell by 85% to 1.1 million, according to the findings of a new Avenger DAO study report. The study data also shows that Q2 of 2023 was the costliest quarter, with approximately .5 million lost across 127 incidents.
Scams Were the Costiliest Attack Vector in 2023
According to a survey study conducted by Avenger DAO and its partners, the value of assets lost to hacks and other security breaches on the BNB Smart Chain in 2023 fell by 85% to 1.1 million. In comparison, a little over .1 billion was lost in far fewer incidents in 2022.
The study data also shows Q2 of 2023 to be the costliest that year with approximately .5 million having been lost across 127 incidents. On the other hand, the last quarter of 2023 had the least damages with .6 million from 86 incidents.
However, unlike in 2021 and 2022 when hacks accounted for a disproportionate share of the financial losses, scams (.9 million) were the attack vector with the highest loss. In contrast, losses associated with hacks fell from 0.8 million in 2022 to .2 million in 2023.
Hacking Incidents on the Rise
While losses to hacking incidents were lower in 2023, the study data suggests that criminals are increasingly favouring this type of attack.
“By comparing the increased percentages, it is evident that Hacks are growing at a concerning rate as well. This is likely supported by the fact that tracing the hacker’s real identity can be challenging with complicated use of money mixers and non-KYC exchanges,” the Avenger DAO study report said.
Meanwhile, when comparing losses across chains in Q4 of 2023, the data ranked Ethereum first with 66% of all fiat losses in that period. Tron came second with a share of 13.62% of the losses, while Arbtrum came third with 5.33%. BNB Smart Chain accounted for only 3.81% of the financial losses in the same quarter.
Despite incurring financial losses exceeding 0 million, Avenger DAO said its cooperation with other players played a part in the recovery or freezing of funds totalling .3 million on the BNB Smart Chain alone. Overall, approximately million was recovered
What are your thoughts on Avenger DAO’s report? Let us know what you think in the comments section below.
Reports State at Least $1.7B Was Lost in Hacks and Exploits During 2023
Several reports that have recently surfaced have revealed the extent of losses that crypto platforms and users faced during 2023 as a product of exploits and hacks. TRM Labs’ latest report states that the number ascended to .7 billion, while De.fi, another Web3 security firm, states that this number reaches higher, to billion.
Reports Share the Extent of Damage Caused by Hacks and Exploits in 2023
At the end of 2023, several reports have surfaced estimating the funds lost due to hacks and exploits during the year. In its latest report, TRM Labs, a blockchain security analytics firm, states this number reached .7 billion by mid-December, with the top ten hacks netting 70% of the funds stolen.
Incidents classified as “infrastructure attacks,” which include stealing private keys that give hackers access to a crypto project’s servers or using software to steal funds, contributed almost 60% of the numbers reported.
While .7 billion might seem astronomical, it is less than half of the billion that criminals stole last year, aided by a 0 million mega hack against the Axie Infinity linked Ronin bridge. Comparatively, the most significant incidents during this year, which involved Euler Finance, Multichain, and Poloniex, only contributed approximately 0 million each to this number.
TRM Global Head of Policy and Government Affairs Ari Redbord acknowledged the work behind this improvement. He stated:
The global focus on cybercrime is likely to, at least in part, mitigate some of the activity which is critical in order for the overwhelmingly lawful ecosystem to grow.
Nonetheless, De.fi, another Web3 cybersecurity group, puts 2023’s loss even higher, reaching billion. De.fi stated this number stood as a “testament to both the ongoing vulnerabilities and the strides made in addressing them, even as interest in the space was relatively muted by the ongoing bear market in the first half of the year.”
What do you think about the at least .7 billion stolen in hacks and exploits during 2023? Tell us in the comments section below.
Tron’s Justin Sun Announces ‘Epic Airdrop’ in Wake of HTX, Heco, and Poloniex Hacks
In the aftermath of September’s HTX breach, along with the subsequent attacks on Poloniex and Heco Bridge in November, HTX faced yet another security breach on November 23, resulting in a loss of million. HTX announced its commitment to “fully compensate” for the financial damages caused by the hack. Additionally, on Friday, Tron’s founder, Justin Sun, declared on the social media platform X that not only would the losses be recouped, but the team also intends to launch an “epic airdrop.”
Justin Sun’s Response to Several Hacks — An ‘Epic Airdrop’ in the Pipeline
Since late September, three cryptocurrency platforms associated with Tron’s Justin Sun — HTX, Poloniex, and Heco Bridge — have experienced security breaches, cumulatively losing millions. On September 25, 2023, Sun revealed that HTX suffered a breach, resulting in the loss of 5,000 ether, valued at approximately million at the time.
Following this, on November 10, 2023, Poloniex faced a security lapse, leading to a loss of around 4 million. Barely 12 days passed before another attack hit HTX’s Heco Chain, with hackers siphoning off .6 million from the cross-chain bridge platform.
Subsequently, HTX reported a million loss due to a hacking incident the next day, assuring its users of full reimbursement. HTX emphasized that this loss was “extremely small compared to the total funds of the platform.” On Friday, Sun turned to social media, informing his 3.4 million followers on X that both exchanges were set to resume deposits and withdrawals after a temporary suspension.
Additionally, the co-founder of Tron outlined that a new token would emerge from this incident. Sun said:
As HTX and Poloniex approach opening [deposits and withdrawals], we will initiate an epic airdrop for users with assets. Please stay tuned! My deepest apologies to the users affected by the hacker attacks on HTX and Poloniex. We will cover the loss and All assets [are] SAFE.
Poloniex has announced that it anticipates the resumption of withdrawals and deposits on November 30, 2023. The exchange advised its users to utilize new deposit addresses, rather than relying on previously used ones. On Friday at noon Eastern Time (ET), HTX reinstated Tron deposits and withdrawals, following the temporary halt.
What do you think about Justin Sun’s response to the HTX and Poloniex hacks? Share your thoughts and opinions about this subject in the comments section below.
Certik Study: $332 Million Lost to Exploits, Hacks and Scams in September, More Than $1.3 Billion Lost in 2023
In the month of September, digital assets worth approximately 2 million were siphoned from trading platforms via methods that include flash loan attacks, exit scams, and exploits. The value of digital assets stolen through exploits rose from .5 million in August to nearly 0 million in September.
Mixin Kernel Incident Most Significant Exploit in September
According to the cybersecurity firm Certik, digital assets worth approximately 2 million were stolen via code exploits, exit scams and flash attacks in the month of September alone. Exploits alone accounted for more than 98% of the thefts (9.8 million) while the amount stolen through flash loan attacks and rug pulls was less than .4 million.
As shown by the data, the biggest incident during the month was the 0 million exploit suffered by Mixin Network on Sept. 23. As reported by Bitcoin.com News, the Mixin network team has since asked the attackers to take a bug bounty reward and return the rest of users’ funds.
Combining all the incidents in September we’ve confirmed ~2M lost to exploits, hacks and scams.
Exit scams were ~.9M
Flash loans were ~.4M
Exploits were ~9.8M
See more details below
pic.twitter.com/DMFN9LWU8V
— CertiK Alert (@CertiKAlert) September 30, 2023
A few weeks earlier, the cryptocurrency exchange platform Coinex Global suffered an exploit in which digital assets worth million were stolen. According to reports, preliminary investigations hinted at a possible compromise of private keys which enabled the criminals to move funds from the platform’s hot wallets. For context, in August the total value of digital assets stolen through exploits only totaled .5 million.
Meanwhile, unlike in the month of August when digital assets lost through exit scams topped million (more than half of the nearly million that was stolen), only .9 million was lost via this tactic in September. Likewise, the data indicates that the value of digital assets lost via the so-called flash loan attacks dropped significantly from .4 million in August to .4 million in September.
The cybersecurity firm’s data shows that the total value of funds siphoned from digital asset platforms since the start of the year now exceeds .3 billion. In August, this figure was just under one billion dollars.
What are your thoughts on this story? Let us know what you think in the comments section below.
Crypto Hacks Plunge 70% in Q1 2023, Victims Recover Over Half of Stolen Funds, but Experts Warn of Temporary Relief
On May 22, 2023, a report released by the blockchain analysis firm TRM Labs delved into nearly 40 hacks and assaults on cryptocurrency projects within the first quarter, discovering a 70% decline in incidents over the previous three months. The study says the slowdown is probably temporary, with over half of the purloined funds being reclaimed by hacking victims in Q1 2023.
Crypto Crime Cools: Hacks and Attacks Plummet 70% in Q1 2023
TRM Labs approximates that close to 0 million was pilfered in Q1 2023 from almost 40 separate crypto infiltrations and attacks. This statistic has plunged by around 70% compared to Q1 2022, as per the findings of the blockchain analytics firm. Moreover, this year’s first quarter recorded lower figures than any quarter of 2022 since the typical hack amounted to .5 million.
In contrast, the mean hack value during Q1 2022 reached over million, experiencing a comparable count of nearly 40 incidents. A notable disparity between this year’s and last year’s breaches is the substantial amount of recoveries. “To date, hacking victims have recovered over half of all stolen funds in Q1 2023,” stated TRM Labs in its recent analysis.
TRM Labs investigators clarify that there is no “obvious explanation for the lull,” but cybercriminals might have been discouraged by two particular events. The first entails the U.S. government’s allegations toward Avraham Eisenberg in connection with the Mango Markets occurrence last year. The second possible cause for the hiatus mentioned by researchers was the sanctions imposed on ethereum (ETH) mixer Tornado Cash as a result of last year’s U.S. Treasury actions.
The report from TRM Labs highlights that blockchain monitoring tools have advanced and virtual asset service providers (VASPs) have elevated their anti-money laundering (AML) criteria. These elements could have contributed to Q1’s deceleration, but experts do not foresee its continuation. “Unfortunately, this slowdown is most likely a temporary reprieve rather than a long-term trend,” the blockchain intelligence company’s Q1 2023 examination concludes.
Is the recent decline in crypto hacks a sign of a turning tide in cybersecurity or merely a temporary respite before the storm? Share your opinions and insights in the comments section below.
Data Shows Crypto Hacks And Fraud In 2021 Are On Track For A New Record
Crypto hacks and scams are nothing new in the crypto space, but every time they happen, they still come as a shock to investors. Most especially the victims of these attacks. Bull markets always seem to come with an increased number of attacks. So with a bull market that has raged on for the better part of a year, 2021 has definitely had its fair share of attacks, despite just entering its ninth month of the year.
Related Reading |
These attacks have accelerated with the recent crypto surge. Prices have been up across the board and it seems like this has been a cue for the attackers to ramp up their operations. This could be due in part to the high prices of the cryptocurrencies bringing much higher returns on their attacks. Whatever the case may be, attacks in 2021 have increased and data shows that the number this year will most likely surpass the record for last year.
Accelerated Crypto Attacks In 2021
Crypto hacks and scams had previously reached a record number in 2020. At a total of 32 identified cases in 2020, it was the year with the highest number of hacking and fraud incidents in the crypto market. In just eight months, there have been 32 identified cases of hacking and fraud in 2021. With six months to go and the bull rally raging on, more of these attacks can be expected to happen before the year runs out.
Related Reading | Data Shows Nearly 90% of Bitcoin Has Been Mined, Here’s How Long It Will Take To Mine The Rest
Since 2017, the number of breaches has consistently increased each year, according to an analysis from Crypto Head. 2017 marks the beginning of one of the most memorable bull runs in the crypto space. So it is no surprise that there was a jump in the number of attacks from the previous year. In 2016, there were only 5 identified cases of crypto hacking and fraud. But this number jumped to 21 the following year in 2017.
With four months left to go and DeFi exploits still on the rise, the number of attacks in 2021 may very well beat 38. These hacks and breaches are becoming even more sophisticated. Attackers are now developing tools that make their attacks harder to catch and trace.
2017 Attacks Carted Away The Biggest Loots
On average, just in 2017, attackers made away with 3.5 million on average. The total number of 21 attacks for the year came out to a balance of .7 billion stolen in crypto hacks and fraud. Setting the record for the highest amount stolen in a single year.
Related Reading | New To Bitcoin? Learn To Trade Crypto With The NewsBTC Trading Course
Despite having a higher number of attacks, 2020’s 38 identified cases came out to about .8 billion total. This amount already surpassed in 2021 by at least a billion. So far, the 32 combined attacks of 2021 have come out to a value of .9. The Poly Network attack that took place this year amounted to 0 million. Making it the biggest DeFi heist in history.
These attacks have mostly focused on the top coins in the crypto market, which, incidentally, also provide the most liquidity. About a third of these breaches have been targeted at the leading cryptocurrency, bitcoin. Ethereum comes in as second most targeted with 12.8%. Unknown coins make up about 9.2%, while ERC-20 tokens were targeted 7.4% of the time.
Total crypto market cap now trading at .29 trillion | Source: Crypto Total Market Cap on TradingView.com
Featured image from iStock, chart from TradingView.com
NewsBTC
Litecoin Founder Slams Ethereum’s Fastest Growing Use Case in DeFi Hack’s Wake
Following a recent DeFi smart contract compromise, Charlie Lee has attacked the sector for being centralised. The Litecoin founder called the decentralised finance industry, growing fastest on Ethereum, “decentralization theatre”.
The most recent application to succumb to a smart contract security breach is the non-custodial crypto margin trading service Fulcrum. Following the compromise, developers at Fulcrum have frozen the affected contract.
Is it Really Decentralised if Someone Can Shut it Off?
Litecoin Founder Charlie Lee has criticised the rapidly expanding DeFi sector for being centralised. Lee called the industry “decentralization theatre” in response to a recent smart contract compromise.
Over the weekend, an attacker managed to breach the Ethereum-based margin trading application, Fulcrum. Although not officially disclosed, some believe as much as 0,000 in ETH is missing.
1/ Mini-thread on the Fulcrum situation
TLDR:– @bzxHQ took Fulcrum down for maintainence late last night– Shortly after, team member Kyle Kistner disclosed that an exploit caused the loss of a portion of Fulcrum's ETH– Fulcrum contract is frozen, remaining funds are safe pic.twitter.com/TLUnbxLooh
— DeFi Pulse (@defipulse) February 15, 2020
As detailed in the above tweet, developers from bZx have since disabled most elements of the impacted smart contract. The team is yet to deliver an official report on the situation but says the remaining funds are safe.
It stated that it would publish more details later today:
We know that everyone is waiting patiently for the official report. We can confirm It will be released at 5pm MST on Feb 17th, 2020. Set your clocks! We appreciate your patience.
— bZx (@bzxHQ) February 17, 2020
Largely based on Ethereum, DeFi refers to a growing network of decentralised financial applications. They offer a range of services like those found in traditional markets. Built on public blockchain networks, applications like Synthetix or MakerDAO seek to promote greater financial inclusion.
Litecoin founder Charlie Lee was amongst the voices critical of the handling of the recent security breach. Calling DeFi “the worst of both worlds”, he attacked the blatant lack of decentralisation on display:
This is why I don't believe in DeFi. It's the worst of both worlds. Most DeFi can be shut down by a centralized party, so it's just decentralization theatre. And yet no one can undo a hack or exploit unless we add more centralization.
So how is this better than what we have now? https://t.co/F1HMSeqb6q
— Charlie Lee [LTC] (@SatoshiLite) February 16, 2020
Lee stated that if a developer can terminate some aspect of an application, it’s not really decentralised at all. However, because decentralised financial applications purport to be leaderless systems, those trusted with the all powerful kill switches cannot actually do anything following a hack:
“… yet no one can undo a hack or exploit unless we add more centralization.”
Ethereum and Other Smart Contracts Prone to Compromise
Often incredibly complex pieces of programming, smart contracts have fallen victim to compromise many times before. Being financial by their very nature, they provide an enticing honeypot to hackers.
Right at the beginning of its very existence, Ethereum itself suffered such a compromise. The DAO incident saw around million in funds compromised in summer 2016.
This led to a hard fork to return missing funds to investors and created the cryptocurrency Ethereum Classic (ETC). The latter digital asset representing those wanting to continue building on and using Ethereum but who disagreed with the arguably centralised handling of the situation.
Related Reading: This Simple Factor Shows Bitcoin’s Selloff Not as Bearish as it Seems
Featured Image from Shutterstock.
NewsBTC