The Cryptocurrency Post

$39 Million Drained in DeFi by Malicious Actors in January 2024: Quantstamp

$39 Million Drained in DeFi by Malicious Actors in January 2024: Quantstamp


According to a recent report by Quantstamp, a DeFi security startup, a staggering $38.9 million has been lost to security incidents in the nascent ecosystem.

Malicious actors continued to launch a barrage of attacks utilizing sophisticated methods such as smart contract hacks, key compromises, and scams.

  • Quantstamp highlighted that one of the earliest blows came with the attack on Radiant Capital, a multi-chain lending protocol, which saw a loss of 1,900 ETH, translating to around $4.5 million.
  • Exploiting a timing window and a known rounding issue in the Compound / Aave codebase, the hacker made off with a substantial sum, leaving the platform and its users reeling, as reported earlier.
  • Not long after, the liquidity management protocol Gamma fell victim to a devastating attack, resulting in a loss of approximately $6.18 million.
  • Despite having multiple deposit protections, a misconfiguration in the price movement threshold opened the door for attackers to manipulate prices and mint a significant number of LP tokens.
  • Wise Lending, another prominent player, was targeted in a flash loan attack, leading to a loss of at least $460,000.
  • The onslaught continued with Socket, an interoperability protocol, which succumbed to exploitation of a vulnerability in a newly added module, allowing attackers to pilfer approximately $3.3 million from users.
  • Next up was Goledo Finance, a lending protocol within the Conflux ecosystem, which was exploited, resulting in a loss of 7.9 million CFX, equivalent to roughly $1.7 million.
  • The preliminary investigation pointed to yet another flash loan attack, highlighting the persistent threat faced by DeFi platforms.
SPECIAL OFFER (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).



Source link

Exit mobile version