The series of security lapses that occurred in the first few months of 2024 highlight how vital it is to have more security and more knowledge in the ever changing and dynamic cryptocurrency market.
In 2023, there were a number of horrifying security breaches in the cryptocurrency space, each with severe financial consequences. The $200 million breach at Mixim in September, the $197 million loss at Euler Finance in March, and the $126 million loss at Multichain in July are just a few of the significant breaches that have happened in the previous year. The combined impact of these breaches brought to light the continuous challenges with cybersecurity in the bitcoin industry.
The series of security lapses that occurred in 2024 highlight how vital it is to have more security and more knowledge in the ever changing and dynamic cryptocurrency market.
WazirX: $234,950,000
According to reports on July 21, WazirX, the biggest cryptocurrency exchange in India, had a hack that allowed $234.9 million to be taken from its multi-sig wallet. The unusual transactions were noticed by the security company Cyvers, which also reported that the hackers had transferred the money to a different account and started converting other cryptocurrencies, such as PEPE, GALA, and USDT, into Ethereum.
WazirX responded to the compromise by stopping withdrawals of both INR and cryptocurrency, assuring customers that their funds would be secure, and starting an inquiry into what happened in conjunction with law enforcement.
📢 Trading has been temporarily paused
The cyber attack theft has impacted our ability to maintain 1:1 collaterals with assets, and we’ve temporarily paused trading.
We’re conducting thorough forensic data examination and security audit procedures and working to enable…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 21, 2024
LIFI ($10 million)
A cross-chain DeFi platform called LIFI experienced an attack on July 16 that cost consumers $10 million in lost money. Significant quantities of ether and stablecoins were taken by hackers, leading LIFI to advise users to cancel permissions and stop using the service.
A limited number of users were impacted by the platform’s linkage between the vulnerability and wallets with limitless approvals. LIFI promised consumers that it will pay any losses and that it is assisting law enforcement in locating the pilfered money. This situation is reminiscent to an attack that LIFI encountered in March 2022.
Bittensor Blockchain: 8 million tokens of TAO
A security breach on the Bittensor network occurred on July 3rd, which led to the loss of $8 million worth of TAO tokens from user wallets. The TAO token price dropped 15% as a result of the breach, which is thought to have been caused via compromised private keys. As a result, Bittensor’s decentralized AI startup TAO has suspended blockchain activities.
About 32,000 TAO coins were stolen, according to on-chain researcher ZachXBT, which caused the token’s value to fall from $281 to $234. It was around three hours before the network was shut down that the last block on Bittensor’s Explorer was logged.
$3 million Kraken
When a self-described security researcher used a zero-day vulnerability to steal $3 million worth of bitcoin and refused to give it back, Kraken’s security was jeopardized. On June 9, Chief Security Officer Nick Percoco made public the event and revealed the identification of a crucial issue that permitted account balances to be inflated without authorization.
A recent change to the user interface introduced a vulnerability that allowed transactions to be completed before all assets were cleared. The exploit happened in spite of Kraken’s quick investigation and mitigation attempts, leading the exchange to accuse those engaged of extortion instead than lawful security research.
Uwu Lend
Blockchain security companies like Arkham have verified that a $19.3 million vulnerability affected the lending and liquidity protocol UwU Lend. Based on on-chain data, it was discovered that a single wallet was able to siphon out many tokens, such as wrapped bitcoin (WBTC), wrapped ether (WETH), and stablecoins. The bulk of these tokens were then traded on Uniswap.
Price manipulation, namely the use of flash loans to influence token values, was the cause of the first hack on June 10. This allowed the attacker to borrow and steal tokens, eventually turning them into ETH.
UwU Lend then experienced another exploit on June 13, which increased its losses. Although the second attack’s details were withheld, they further highlighted the security flaws in the protocol. The scale of the losses was verified by blockchain security companies like Arkham, underscoring the continuous difficulties decentralized banking platforms have in upholding strong security protocols.
NORMIE ($881,686)
A smart contract vulnerability caused the Base memecoin Normie (NORMIE) to lose $41.7 million in market capitalization in less than three hours. If Normie introduced a new token to repay holders using both the recovered and their $2.3 million dev wallet assets, the hacker promised to return 90% of the stolen cash.
The trade was accepted, but Normie’s token value fell by 96%. Before repaying the money, the hacker demanded a relaunch. More updates were delayed as a result of the bans of the Normie team’s primary contact methods. The hack impacted 72,000 holders and caused notable changes in the market.
Fun ($1.9 million) Pump
An vulnerability on Pump.fun, a memecoin launchpad located in Solana, resulted in the theft of almost $1.9 million worth of SOL. A former employee with illegal access to Pump.fun’s admin capabilities was the one who carried out the breach. A Solana lending protocol’s flash loans were utilized by the attacker to purchase memecoins, impacting $1.9 million of the $45 million in bonding curve contracts’ liquidity.
In order to stop more harm, the site quickly stopped trading and updated its contracts. Pump.fun stated intentions to restore the liquidity pools with an equivalent or higher quantity of SOL and to waive trading fees for the next seven days in order to make up for the inconvenience suffered by the affected users. The exploiter, known on X as “Stacc,” acknowledged the act and chastised the administrators of Pump.fun.
Discord Hack by Gnus.AI ($1.27 million)
On May 5, a token-minting hack caused the Gnus.AI AI network to suffer a major loss of around $1.27 million. The team intends to remedy this by issuing a new Genius (GNUS) token and recommending people not to buy the previous one.
According to CertiK, the attacker was able to access the team’s private key, which began with 0×18. They then used Ethereum’s salt data to generate fictitious GNUS tokens on the Fantom network, which they subsequently sold. By investing $1 million, SuperGenius hopes to partially offset losses, or 80% of the expected $1.25 million loss.
#CertiKInsight 🚨@GnusAi announced that they had been exploited yesterday morning.
An attacker was able to mint a fake GNUS token on Fantom and sell it on Ethereum for ~$1.27m.
— CertiK Alert (@CertiKAlert) May 6, 2024
($2.5 million) Mozaic Finance
Mozaic Finance, a DeFi platform, experienced a security breach on March 15, 2024, which cost them $2.4 million. Using a compromised private key, the breach targeted Mozaic’s Arbitrum chain, an Ethereum layer 2 scaling solution. CertiK discovered the breach, which involves illegal transactions taking advantage of the “bridgeViaLifi” contract.
Analysis linked the activity to an account that started large-scale token transfers, which resulted in losses over $2 million. After quickly discovering the hack, Mozaic Finance sent the pilfered money to MEXC in hopes of recovering it. Their aggressive reaction sets a standard for the industry and emphasizes the significance of prompt action and transparency in DeFi security issues.
The $57 million BitForex
On February 23, 2024, BitForex, an online cryptocurrency exchange, disappeared after taking about $57 million out of its hot wallets. After then, users’ ability to access their accounts was disabled, underscoring Hong Kong’s continuous conflict with dubious cryptocurrency firms.
BitForex was not included in the Securities & Futures Commission’s list of the 14 platforms that it had warned, despite regulatory attempts. The firm was founded in 2018 and is registered in the Seychelles, but it also has teams operating in Germany, Estonia, Singapore, Malaysia, and the Philippines. The company claims to have its headquarters in Hong Kong.
$290 million, PlayDapp
Exploits were discovered on February 9 and February 12, which led to the minting of 1.79 billion PLA tokens, worth approximately $290 million, on the cryptocurrency gaming and NFT platform PlayDapp. Blockchain analytics company Elliptic claims that after using the exploits, the hacker started laundering the money.
PlayDapp responded by attempting to communicate with the hacker via an on-chain transaction and by promising a $1 million white hat reward for the prompt recovery of the monies that had been taken by February 13. Negotiations, however, proved fruitless as the hacker refused to participate. As a result, on February 13, PlayDapp said that the PLA smart contract will be suspended.
The PLA smart contract has been paused.
We kindly request the halt of transactions to conduct a snapshot for migration.
Please understand that we are doing everything to protect holders’ assets, and we will continue to keep the community updated.— PlayDapp (@playdapp_io) February 13, 2024
Funding Abracadabra ($6.5 million)
On January 30, 2024, a hack occurred on Abracadabra Finance, the platform that runs the stablecoin Magic Internet Money (MIM). The theft caused a loss of almost $6.5 million. As a result, MIM was not used to its full extent.
The stablecoin’s market capitalization, which was previously valued at $100 million, momentarily dropped to $0.76, according to CoinMarketCap statistics. Nevertheless, the project team’s quick measures assisted in bringing the token’s price back, causing a surge.
According to research done by security company Blocksec, as of January 30, 2024, the affected contract still contained approximately $29 million in assets. The attackers took advantage of a rounding error in the smart contract, which resulted in a “precision loss.”
($1.8 million) Concentric.fi
A targeted social engineering assault resulted in a “serious” security vulnerability at Concentric.fi. By breaking into a deployer wallet, the attacker was able to take advantage of the protocol. The protocol was susceptible even if the vaults were audited. This was because the vaults may be upgraded. A comprehensive investigation has started in order to publish a post-mortem report, in cooperation with security researchers.
According to a study from blockchain security platform CertiK, the hack has caused damages that are more than $1.8 million. According to CertiK, the wallet used in the assault is linked to the wallet that was in charge of the December 13 hack on the decentralized exchange OKX. This raises the likelihood that there is a link between the two occurrences and that the same person or group may have been responsible for both assaults. The team apologized for any trouble caused and said on X that it wants to fix the problem, minimize damages, and protect the interests of the community.
Socket.Tech is worth $3.3 million.
On January 16, Socket.Tech was attacked, affecting several Web3 apps. With a $3.3 million damage, the assault targeted Bungee Exchange, a Socket Protocol component that connects Ethereum and twelve EVM networks. The hacker took advantage of a SocketGateway vulnerability to enable money transfers from users who gave it unrestricted access without authorization. The theft was reported by PeckShield, and Socket Tech quickly verified it.
There were about 700 victims in all, and the biggest loss was $656,000 USDC. The attacker took advantage of a flaw in the system when processing user data by using the privacy-focused exchange FixedFloat.
Gamma Strategies: $3,400,000
One DeFi protocol, Gamma Strategies, lost $3.4 million because of a flaw in their accounting system. The vulnerability that was exploited entailed the attacker taking advantage of a high price change threshold in stablecoin vaults and LST to extract over 1500 ETH. Since then, PeckShield, a security company, has confirmed the occurrence.
All public DeFi vault deposits have been blocked by the protocol, however user withdrawals are still functioning. The primary cause was found to be the discrepancy in the accounting procedures for deposits and withdrawals. Ethereum powers Gamma Strategies’ operations.
($4.5 million) Radiant Capital
The freshly launched USDC market of cross-chain lending platform Radiant Capital experienced a flash loan assault, prompting the suspension of lending and borrowing on the Arbitrum network. The attack, which took place just seconds after the market launched, took advantage of the flaws and cost $4.5 million.
PeckShield and Beosin, two blockchain security companies, determined that the vulnerability and “index parameter manipulation” were the root causes. Radiant has delayed taking any further action until a thorough investigation is finished and the Arbitrum markets are reopened. Radiant admitted the breach and guaranteed that no monies that were already in place were at danger.