Nearly $50 million was stolen from the Web3 platform in the first month of this year, as cryptocurrencies remain embroiled in a cyber war with hackers and scammers.
Defi security startup Quantstamp reported on the five smart contract protocols that suffered the most losses due to exploits and hackers in January. According to Quantstamp, a total of $38.9 million was lost to a range of attack vectors deployed by bad actors, including contract hacking, major breaches, and fraud.
Four days into the year, Gamma Strategies was rocked by a flash loan attack. A bug in this code allowed the exploiter to drain his $6.1 million from Gamma's public vault. Gamma cut off deposits to resolve the issue, effectively closing the loophole.
Although less than $10 million was stolen, approximately $500,000 denominated in Ether (ETH) was at risk in the incident.
Radiant Capital lost $4.5 million by exploiting an empty market on January 3, hours before the Gamma attack. Peckshield said the root cause is not new, but rather stems from the brief activation of new markets based on lending protocols.
The DeFi lender has suspended its Arbitrum-based USDC pool to address this issue. Radiant also noted that no user funds were leaked and the protocol resumed operations following an investigation.
On January 16th, a multichain protocol socket was compromised via a vulnerability in user authentication input. This breach allowed hackers to siphon off about 2,000 ETH worth over $4 million from him. However, Socket later recovered 1,032 ETH worth approximately $2.3 million. As part of his Socket's plan to make its users whole, all affected users were also issued refunds.
The Goledo Finance security breach was identical to the Gamma exploit and the latest one, as hackers used a flash loan attack to steal $1.7 million. At the time of writing, negotiations were ongoing with the perpetrators, and Goredo offered a reward for the returned funds.
Additionally, the hacker's accounts on the centralized exchange were frozen, and Goledo was assessing losses to finalize a recovery plan while local law enforcement was briefed on the matter.
Finally, Wise Lending lost at least $460,000 in a flash loan attack on January 12th. This particular flash loan exploit was orchestrated by manipulating the price oracle used by Wise Lending. This was his second attack on this protocol that he had experienced within six months.
