DeFi protocols suffered substantial losses of $21.4 million from hacks in February, according to data from multi-chain TVL aggregator DefiLlama. This represents a staggering increase of 2,793% from the estimated total loss of $740,000 in January.

Apart from the pervasive market instability last year, the DeFi landscape was plagued by a surge of illicit activities, such as hacks and fraudulent schemes. According to a January report from Immunefi, losses incurred from hacks in 2022 amounted to $3.7 billion, representing a significant uptick of 58% from the previous year’s figure.

Notably, such hacks were rampant last October, with a staggering $711 million stolen. However, there was a consistent decrease from that month until the end of 2022. The new year started on a positive note. January registered only $740,000 in losses from exploits, the lowest monthly amount in the past two years.

However, February brought a resurgence of hacks, scams and rug pulls. The most significant fund loss came from the exploit on Avalanche’s Platypus DeFi protocol which suffered a flash loan attack on Feb. 16. The hackers carted away $8.5 million in stolen funds. Shortly after the exploit, French authorities arrested two suspects concerning the hack. 

Other hacks from February include the dForce Network exploit ($3.6 million), the Hope Finance smart contract hack ($1.86 million), and the Orion protocol exploit ($3 million).

March has seen $840,000 stolen so far

Additionally, March began with a rug pull orchestrated by the newly-launched ArbiSwap platform, with $100,000 in stolen funds reported on March 2. 

Moreover, PeckShield, a blockchain security resource, recently discovered a persistent exploit that has been ongoing since March 1. The hackers leveraged a vulnerability in the SwapXProxy token approval functionality by deploying a fraudulent phishing contract address.

PeckShield reported that the ongoing exploit has resulted in the theft of up to $700,000 within the past five days. The security platform has advised investors to revoke their allowance to four addresses that are believed to be associated with the exploit.

Follow Us on Google News


Leave a comment

Your email address will not be published. Required fields are marked *