$39 Million Drained in DeFi by Malicious Actors in January 2024: Quantstamp

Blockcard
$140M Worth Stolen Assets Recovered
Bybit



According to a recent report by Quantstamp, a DeFi security startup, a staggering $38.9 million has been lost to security incidents in the nascent ecosystem.

Malicious actors continued to launch a barrage of attacks utilizing sophisticated methods such as smart contract hacks, key compromises, and scams.

Quantstamp highlighted that one of the earliest blows came with the attack on Radiant Capital, a multi-chain lending protocol, which saw a loss of 1,900 ETH, translating to around $4.5 million.
Exploiting a timing window and a known rounding issue in the Compound / Aave codebase, the hacker made off with a substantial sum, leaving the platform and its users reeling, as reported earlier.

Not long after, the liquidity management protocol Gamma fell victim to a devastating attack, resulting in a loss of approximately $6.18 million.
Despite having multiple deposit protections, a misconfiguration in the price movement threshold opened the door for attackers to manipulate prices and mint a significant number of LP tokens.
Wise Lending, another prominent player, was targeted in a flash loan attack, leading to a loss of at least $460,000.
The onslaught continued with Socket, an interoperability protocol, which succumbed to exploitation of a vulnerability in a newly added module, allowing attackers to pilfer approximately $3.3 million from users.
Next up was Goledo Finance, a lending protocol within the Conflux ecosystem, which was exploited, resulting in a loss of 7.9 million CFX, equivalent to roughly $1.7 million.
The preliminary investigation pointed to yet another flash loan attack, highlighting the persistent threat faced by DeFi platforms.

SPECIAL OFFER (Sponsored)
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).



Source link

Coinmama
fiverr

Be the first to comment

Leave a Reply

Your email address will not be published.


*