Blockchain security firm, CertiK reported bad actors looted more than $103 million of funds from crypto projects and investors in April 2023, in the form of exploits, exit scams, and flash loan attacks.
The financial threat landscape has seen significant changes since the mainstream adoption of crypto. While attacks using traditional financial threats such as banking PC and mobile malware have become less common, cybercriminals shifted their attention to new areas such as the digital assets sector. Cryptocurrency-related exploits have increased multifold over the past few years.
Investors trading on cryptocurrency platforms have been losing billion worth of dollars in various fraudulent activities such as exit scams, phishing attacks, rug pulls, and flash loan attacks. Fraudsters have become more and more sophisticated along with the maturity of the digital assets industry, targeting unsuspecting investors and stealing their money.
Flash Loan Attacks Drain Colossal Investor Funds
On April 30, CertiK posted an April roundup of the different crypto exploits that have plagued the industry, revealing over $103.7 million was drained in the month of April, bringing the year-to-date (YTD) total loss to a gargantuan $429.7 million.
Combining all the incidents in April we’ve confirmed ~$103.6M lost to exploits, hacks, and scams.
Exit scams were ~$9.3M.
Flash loans were ~$19.8M.
See the details below 👇 pic.twitter.com/jflvMPiJGQ
— CertiK Alert (@CertiKAlert) April 30, 2023
Over the course of just one month, investors, tradersm and businesses have lost a huge chunk of their investments such as $25.4 million lost due to an exploit of several MEV trading bots, $22 million stolen in a hot wallet exploit at the Bitrue exchange and the hack of South Korean GDAC exchange leading to a loss of $13 million.
Certik revealed $9.3 million were drained in exit scams, while a whopping $19.8 million were lost to flash loan attacks. Users have been increasingly falling prey to fraudsters who promise high returns and goad them into opening wallets and accounts on fake websites and transferring crypto coins to these dubious accounts.
Crypto Exploits Continue To Rise
The blockchain security firm noted the top flash loan attack was led mainly by Yearn Finance after a hacker exploited an old smart contract, siphoning more than $10 million. On the other hand, Merlin DEX led the top exit scam losing almost $2.7 million.
This come hot on the heels after data analytics platform DefiLlama disclosed that decentralized finance (DeFi) platforms lost approximately $21 million to cyber criminals in February. Several different kinds of exploits including reentrancy, price oracle attacks, and other attacks across seven protocols caused the DeFi space to suffer massive losses.