3
Exploits in the crypto industry reached $79 million in March 2024 alone, as per CertiK. Bybit/flickr.com

KEY POINTS

  • The total crypto-related hacks and scams in March reached $79 million
  • Flash loan attacks accounted for $21.9 million in losses in March
  • CertiK said last week that a total of $239 million were lost to hacks in the web3 ecosystem

Confirmed exploits, hacks and scams in the cryptocurrency industry touched more than $79 million in March, blockchain monitoring and security firm CertiK said in its latest report of hacking incidents in the vulnerable sector.

In March, exploits of various crypto systems made up for the largest losses in the sector as a total of $52.1 million was lost in confirmed vulnerability incidents, CertiK said Sunday.

There are various types of crypto exploits, but probably the most popular among them in recent years is digital wallet hacking. This type of attack targets wallets where crypto owners store their cryptocurrencies. The wallets are susceptible to cybercriminals since they are always connected to the internet, making it easier for threat actors to exploit network vulnerabilities and steal stored funds, Kaspersky noted.

The latest such attack was carried out late last week, when hackers exploited decentralized liquid staking token protocol Prisma Finance for $11.6 million in Ether (ETH). The protocol confirmed that a hack affected "several users of individual vaults."

Flash loan attacks in March accounted for $21.9 million in losses, as per CertiK. These cyber attacks are a type of decentralized finance (DeFi) attack wherein bad actors take out a flash loan from a crypto lending protocol with the goal of manipulating the market in their favor. A flash loan attack can be pulled off within just seconds and even involve multiple protocols.

Finally, crypto exit scams, or scams wherein developers of a crypto project suddenly disappear after taking funds from investors, made up for $5.7 million in losses last month, CertiK said.

Early last month, Bitcoin project OrdiZK, which was painted as a bridge for the BTC, Ethereum (ETH) and Solana (SOL) blockchains, went dark in an apparent exit scam. Investors who supported the project lost some $1.4 million in the scam. The developers deleted the project's website and social media accounts after taking the funds raised from interested investors.

Meanwhile, $69.2 million of the said amount has been returned so far, the blockchain security firm noted.

Just last week, CertiK revealed that private key leakages resulted in some $239 million in losses on the web3 ecosystem so far in 2024 compared to approximately $18.8 million in private key compromise losses during the first quarter of 2023, highlighting the industry's increasing susceptibility to hacks and scams. The said report came before Prisma Finance was exploited.