On September 24th, 2023, Huobi Global's HTX exchange fell victim to a security breach, resulting in a substantial loss of $7.9 million. This incident stemmed from the compromise of the protocol’s hot wallets.
Mixin Network, a Hong Kong-based digital asset transactional platform, reported a security breach on 25 September, revealing a loss of approximately $200 million due to a hack of its cloud service provider. The stolen funds accounted for so far are comprised of ETH, USDT (swapped to DAI), and BTC. If the $200M figure stated by Mixin is accurate, it would make this incident the biggest hack of 2023 so far.
On the 4th of September 2023, the popular crypto gambling platform Stake suffered a major security breach due to private key leak resulting in the theft of approximately US $38 million. The preliminary investigation confirms that unauthorized withdrawals were detected from Stake's hot wallets on the Ethereum, Polygon, and Binance Smart Chain networks.
On the 13th of August 2023, at around 10:30 pm UTC, Zunami Protocol suffered a price manipulation attack and lost approximately $2.1 million.
On August 7th, 2023, Steadefi, a sophisticated yield aggregator, fell victim to an assault that resulted in a substantial loss of over $1.14 million.
On the 30th of July, Curve Finance, a decentralized, Automated Market Maker (AMM), was hacked leading to a loss of ~ $45 million in CurveDAO, ETH, and wETH. The attackers exploited a malfunctioning reentrancy lock on different versions of the Vyper programming language (0.2.15, 0.2.16, and 0.3.0) across multiple stable-pools.
On the 22nd of July, Alphapo, a cryptocurrency payment gateway suffered a massive security breach leading to at least $110 million being drained from its hot wallets on Ethereum and Tron blockchain.
Conic Finance, a liquidity pool optimization platform designed for the decentralized finance (DeFi) protocol Curve, encountered an exploit on July 21st, 2023 that resulted in a loss exceeding $3.26 million, attributed to a vulnerability within their smart contract.
This is the first piece in an ongoing series that decodes the U.S. Department of Treasury’s assessment of DeFi Services. In this piece, the Merkle Science team will be breaking down cyber-related vulnerabilities highlighted in the assessment.
To learn more about Blockchain Analytics and how it can help you move forward with safety and security in a decentralized world, watch out for our next piece.
Earlier today, the U.S. Department of Treasury published an assessment titled “Illicit Finance Risk Assessment of Decentralized Finance”(the assessment). The assessment explores how illicit actors are abusing DeFi services and the vulnerabilities that are unique to such services.
The assessment finds that illicit actors, including ransomware cybercriminals, thieves, scammers, and Democratic People’s Republic of Korea (DPRK) cyber actors, are using DeFi services in the process of transferring and laundering their illicit proceeds.
Therefore, with the state of crypto crime constantly evolving and illicit actors becoming increasingly sophisticated, it is important, now more than ever, to remain vigilant in order to protect against emerging threats. Across all the hacks in 2022, attackers majorly targeted DeFi platforms and services. Out of the total amount lost in crypto-related attacks, more than 81% were swindled from DeFi platforms leading to a loss of more than $3.9 billion.
As noted in Merkle Science’s Hackhub Report across thousands of services in DeFi, the center for the majority of the attacks were cross-chain bridges. Out of the $3.9 billion stolen by illicit actors, more than 60% were swindled from cross-chain bridges alone.
Breaking Bridges
On 20 September 2022, crypto market maker Wintermute was hacked for circa $160 million. According to the tweet from Wintermute’s Founder and CEO Evgeny Gaevoy, the amount lost was related to its decentralized finance (DeFi) operations, while its centralized exchange and over-the-counter offerings remain unaffected.
