According to CertiK, hackers and cryptocurrency exploiters appear to have slowed down over the holidays of 2022, as $62.2 million worth of cryptocurrency was stolen in December, the “lowest monthly figure” for the year.
The blockchain security company posted on Twitter on December 31 a list of the most significant attacks of the month.. It highlighted $15.5 million exit scams as the method that stole the most value throughout the month, followed by $7.6 million worth of flash loan exploits.
Combining all the incidents in December we’ve confirmed ~$62.2M lost to exploits, hacks and scams.
The lowest monthly figure this year.
Exit scams were ~$15.5M
Flashloans were ~$7.6M
See the details below pic.twitter.com/1ub3mYVv6K
— CertiK Alert (@CertiKAlert) December 31, 2022
#CertiKStats Alert
Combining all of the incidents from December, we have confirmed approximately $62.2 million lost to exploits, hacks, and scams. The lowest monthly figure this year. Exit scams amounted to ~15.5 million dollars. Flash loans amounted to ~7.6 million dollars
And Tweet after January 1 confirmed that the 23 largest exploits were responsible for around 98.5% of the $62.2 million figure, with the Helio protocol incident on December 2, which cost $15 million, being the largest for the month.
The protocol, which manages the stablecoin HAY (HAY), suffered a loss when a trader took advantage of a price discrepancy in Ankr Reward Bearing Staked BNB (aBNBc) to borrow millions of HAY.
At the time, the decentralized finance (DeFi) protocol Ankr suffered a separate exploit in which an attacker minted 20 trillion aBNBc, causing its price to plummet.. The Helio trader quickly deposited aBNBc tokens to borrow 16 million HAY, causing the loan to be significantly under-collateralised, leading to the loss of the protocol and the depreciation of his stablecoin.
The second largest incident of the month was the $12.9 million attack on Defrost Finance’s v1 and v2 protocols on December 23in which an attacker carried out a flash lending attack by adding a fake collateral token and a malicious price oracle to kill the protocol.
Days after the attack, the hacker returned the stolen v1 protocol funds to an address controlled by Defrostalthough the funds from the attack on the v2 protocol have not yet been returned.
CertiK called the exploit an “exit scam” because an administrator password was required to carry out the attack.. Defrost denied the allegations to Cointelegraph, stating that the key was compromised.
December’s figure is much lower than the previous month: there was an 89.5% decrease from the $595 million in exploits through 36 major incidents that CertiK recorded in Novembera figure largely skewed by the $477 million hack of crypto exchange FTX.
36 major attacks were recorded in November totalling a loss of ~$595 Million.
As always, make sure a project has an audit & KYC before investing!
Remember to always #DIOR and read the audit reports! pic.twitter.com/UhiDU2itAm
— CertiK Alert (@CertiKAlert) December 1, 2022
#CertiKStats alert. In November, 36 major attacks were recorded with a total loss of approximately USD 595 million. As always, make sure a project is audited & KYCed before investing! Always remember to do your own research and read audit reports. pic.twitter.com/UhiDU2itAm
Usually, in 2022, the top 10 exploits of the year alone funneled around $2.1 billion to malicious actors, much of it across cross-blockchain bridges and DeFi protocols.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.