Nearly $50 Million Stolen from Web3 Platforms in January
In the first month of the year, web3 platforms experienced a significant loss of nearly $50 million due to attacks and scams. Quantstamp, a defi security startup, identified five smart contract protocols that suffered the highest losses in January. These attacks involved various methods such as smart contract hacks, key compromises, and scams, resulting in a total loss of $38.9 million.
Gamma Strategies: Flash Loan Attack
Gamma Strategies fell victim to a flash loan attack early in the year, where exploiters managed to drain $6.1 million from the platform’s vaults. To resolve the issue, Gamma temporarily disabled deposits and closed the loophole that allowed the attack. Although the amount stolen was relatively small compared to others, approximately $500,000 denominated in Ether (ETH) was at risk during the incident.
Radiant Capital and Socket: Market Exploit and User Verification Vulnerability
Radiant Capital lost $4.5 million to an empty market exploit on January 3. The root cause was a brief period when new markets were activated on lending protocols. Radiant paused its USDC pool and addressed the issue without exposing user funds.
On January 16, Socket suffered a breach through a user verification input vulnerability. Hackers were able to steal almost 2,000 ETH worth over $4 million. However, Socket managed to recover 1,032 ETH and reimbursed all affected users.
Goledo Finance: Flash Loan Attack and Recovery Efforts
Goledo Finance experienced a security breach similar to Gamma’s exploit. Hackers used a flash loan attack to steal $1.7 million. Negotiations with the culprit were ongoing, and Goledo offered a reward for the return of the funds. The hacker’s accounts on centralized exchanges were frozen, and Goledo was working on a recovery plan while involving local law enforcement.
Wise Lending: Flash Loan Attack and Price Oracle Manipulation
Wise Lending suffered a flash loan attack, resulting in a loss of at least $460,000. The attack involved manipulating the price oracle used by the platform. This was the second attack experienced by Wise Lending within six months.
Hot Take: Persistent Threats in the Web3 Space
The incidents of stolen funds from web3 platforms highlight the ongoing cyber war between crypto entities and hackers/scammers. Despite security measures, attackers continue to exploit vulnerabilities, causing significant financial losses. It is crucial for web3 platforms to prioritize security and implement robust measures to protect user funds. The recovery efforts and involvement of law enforcement demonstrate the determination to hold attackers accountable and compensate affected users.
By
By
By
By
By