Top 5 hacker attacks in the Crypto industry in 2023.

Poopman

2023-06-16 13:51

Read this article in 5 Minutes

AI summary

View the summary

Original author: Poopman

Translated by: Kxp, BlockBeats

Every year, the encryption industry suffers from over 100 hacker attacks, resulting in personal losses exceeding 200 million US dollars. This number has raised our awareness and taught us a valuable lesson. In order to better understand these events, I have compiled a list called "The Top Five Attacks and Hacking Incidents of 2023", and I will introduce these victims one by one below.

1. Euler Finance - $197 million USD

In March of this year, Euler Finance was hacked, becoming the largest attack event of 2023, with losses of up to $197 million. The attack was caused by flaws in the donation and liquidation logic. The attacker borrowed a large amount of eDAI/dDAI from Euler using flash loans and used the borrowed eDAI to donate to Euler for liquidation, greatly affecting the exchange rate and resulting in the hack. PeckShield Inc. has made a detailed analysis of the attack process, so be sure to read this tweet.

2. Atomic Wallet - $35 million USD

Just 11 days ago, Atomic Wallet suffered a $35 million hack. The stolen funds were converted to Bitcoin and sent to a mixer called "http://Sinbad.io", which is often used by the notorious North Korean hacking group, "Lazarus Group". While the exact method of attack is still unclear, I recommend checking out the investigation done by Tay.

3. Yearn Finance - $11.54 million

Two months ago, Yearn Finance also suffered a $11.54 million hack due to a misconfiguration vulnerability in their flash loan. The attacker manipulated the balance of the flash loan and monopolized the Curve pool, exchanging stablecoins at significantly imbalanced prices. If you want to learn more details, you can check out OtterSec's tweet for a more detailed investigation report.

4. MyAlgo - $9.2 million

Due to a compromised Cloudflare key, MyAlgo users lost over $9.2 million in encrypted assets. The root cause is still unclear, but ZachXBT provided a good summary of the situation in his tweet.

5. Safemoon - $8.9 million

Due to an obvious error in the smart contract, a cryptocurrency worth over $8.9 million was attacked by hackers. The attackers took advantage of the destruction function in the Safemoon contract, destroyed SFM tokens, and increased their price as the supply decreased. Then, the attackers sold all SFM at a high price to the WBNB-SFM LP pool, depleting the entire WBNB pool. DeFi Mark provided a good explanation of this situation.

Summing up, many attacks exceeding $10 million in 2023 were caused by oracle and smart contract vulnerabilities. Interestingly, zkSync suffered the most exit scams in 2023.