Just last April, in fact, the fast-booming cryptocurrency sector took its biggest spill. It further lost an estimated $357 million to hacks, scams, and exploits. Of the total losses, phishing attacks were responsible for the majority of the losses, $318 million. This enormous uptick represents a troubling maturation of these schemes across the digital asset landscape. Ethereum came out as the most targeted network, with the network representing 60% of the total losses suffered throughout the month.

The largest, single-hack theft is from the Tokyo-based exchange Coincheck, which had 3,520 bitcoins stolen directly from its wallet. Criminals took advanced social engineering techniques to hijack this audacious theft. This case highlights the dangers that still lie in wait, even when working on developed cryptocurrencies such as Bitcoin, when human error can be taken advantage of. The rest of the losses were spread across a number of decentralized finance (DeFi) platforms and protocols. This hotdog wrap shows a diverse buffet of security vulnerabilities across the ecosystem.

Ethereum Under Siege

Ethereum was the hardest hit network, taking 60% of all the attacks losses in April. Such dominance is a testament to the platform’s popularity. This level of adoption in DeFi and non-fungible token (NFT) projects makes it naturally attractive to malicious actors. The massive concentration of value and activity on Ethereum makes it a target rich environment for hackers. They all just try to find vulnerabilities in smart contracts and other applications to hack.

Even amongst these recent incidents, Ethereum’s loss figures were starkly high. As recently as April 8, a MEV Bot lost ~116.7ETH. The bot, known by the address 0x49e27d11379f5208cbb2a4963b903fd65c95de09, was hacked due to a poor access control. This case illustrates the need for strong security practices, even when so-called “self-executing” automated systems that run on the blockchain are in play.

In addition, the Ethereum layer 2 rollup protocol ZKsync airdrop contract was drained of almost $5.3 million, compounding the network’s bad luck. On April 15, the ZKsync security team found an administrator account that had been compromised. This account held about $5 million worth of ZK tokens, which compounded things even further. Together, these incidents demonstrate the emerging challenge of securing decentralized protocols and the ongoing need for vigilance, robust security audits, and building in security by design.

DeFi Platforms Targeted

As a reminder, in April, decentralized finance (DeFi) platforms experienced billions in losses. These high-profile attacks were possible because of vulnerabilities in their smart contracts and protocols. Only three days later, on April 30, Loopscale, a modular DeFi lending market developed on Solana, suffered a $1 million exploit. The attackers drained almost 5.7 million USDC and 1,200 SOL from the platform. The attack destroyed approximately 12% of the platform’s total funds. This example illustrates just how severely an attack like this can undermine the integrity and confidence of DeFi protocols.

Just three days later, on April 18, the decentralized exchange KiloEX was hacked. This event resulted in an estimated $7.4 million loss due to a weakness in its price oracle. This incident highlights the importance of reliable and secure price feeds for DeFi platforms, as vulnerabilities in these systems can be exploited to manipulate prices and steal funds. KiloEx would subsequently go on to lose another $7.5 million from a “price oracle vulnerability”.

Victim losses phishing attacks overtook Business Email Compromise attacks in April 2023, becoming the most frequently reported and costliest threat vector. Hackers are usually successful by deceiving users into sharing their private keys or signing transactions that are malicious. This trick allows them to make use of the users’ money. These cyberattacks are growing in scale, and the attacks themselves are becoming increasingly sophisticated, with attackers using more convincing and targeted techniques to deceive their victims.

"We currently believe that this is not an external attack." - R0AR

Phishing Attacks on the Rise

On April 17, the address beginning with 0xc1e lost $666,414 after signing a series of “allow” phishing signatures. On April 22, one victim lost $1.43M across stolen tokens. This occurred after the address beginning with 0xa574 had signed numerous phishing signatures. Combined, these incidents emphasize the critical role that user education and awareness plays in preventing successful phishing attacks.

This has led to 17 hacker attacks in the month of April resulting in a $92.5 million loss. This all highlights the importance of having greater alertness and preventative security action at the entire crypto industry level. Cryptocurrency value and adoption continues to grow. As this growth continues, it brings with it greater incentives for bad actors to exploit the ecosystem.

A total of 17 hacker attacks occurred in April, causing a loss of about $92.5 million. This underscores the need for increased vigilance and proactive security measures across the cryptocurrency sector. As the value and adoption of cryptocurrencies continue to grow, so too will the incentives for malicious actors to target the ecosystem.