Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million
Rari Capital and Fei Protocol lose $77 million, Hacker nets $10 million from Saddle Finance, Deus Finance exploited for $13.4 million, Bored Apes phishing scheme scams $6.1 million
April was one of the cruelest months for cryptocurrency projects, with many hacks and cyber incidents, causing a total loss of around $359 million. Approximately 30% of this total came in a five-day spree beginning April 28th. Our special report highlights these four incidents.
Fei Protocol said they suffered a $77 million hack five months after their merger.
Fei offered the hacker a $10 million bounty if they returned the remaining user funds, “no questions asked.” Meanwhile, the hacker has already started moving crypto to Tornado Cash, allowing users to mask transactions. The hacker drained funds from several Fuse pools by exploiting a reentrancy vulnerability. (Emily Nicolle and Sidhartha Shukla / Bloomberg)
A decentralized exchange for trading stablecoins, Saddle Finance, was hacked in a DeFi exploit, with the hacker netting over $10 million in ether cryptocurrency.
Smart contract audit firm BlockSec rescued $3.8 million from the exploiters who initially stole $13.8 million with an "internal system" that can detect and front-run hacking incidents using off-chain arbitrage bots called flashbots. (Vishal Chawla / The Block)
Security researchers at PeckShield said that decentralized finance (DeFi) application Deus Finance was exploited for the second time in two months, with the attacker gaining more than $13.4 million of cryptocurrency.
The attacker used a flash loan to trick the way Deus's smart contracts read data on the platform’s liquidity pools. This technique allowed the attacker to artificially inflate the value of some assets, borrow funds and make a profit after repaying the loan. (Shaurya Malwa / CoinDesk)
Some of the historically phishing-prone fans of the pricey Bored Apes project fell for scams that pretended to be the Bored Apes' new land project, called "Otherside.”
One address netted around $1 million and two other scammer wallets contained $5.1 million of other stolen NFTs. (Molly White / Web3isGoingJustGreat)
Related: The Gamer