In January 2024, $39 million was invested in DeFi by malicious actors: Quantstamp

According to a recent report by DeFi security startup Kuntstamp, a staggering $38.9 million was lost due to security issues in the startup ecosystem.

Malicious actors continue to launch attacks using sophisticated techniques such as smart contract hijacking, key agreements, and fraud.

Quantstamp highlighted that Radiant Capital, which suffered a loss of 1,900 ETH, came with the attack on the multi-chain lending protocol, which translates to 4.5 million dollars. Using a timing window and a known rounding bug in the Compound/Aave codebase, the hacker reportedly racked up huge sums, leaving the platform and users reeling.

🚨$38.9M Lost in Web 3 Security Threats in January 2024 🚨

Let's take a look at the 5 biggest smart contract hacks ever seen

— Quantstamp (@Quantstamp) January 30, 2024

Not long ago, Liquidity Management Protocol Gamma fell victim to a brutal attack, resulting in a loss of approximately $6.18 million. Despite many deposit protections, a misconfiguration in the price movement limit has opened the door for attackers to control the price and extract a large number of LP tokens. Another popular player, Wise Loans, was targeted in a sudden credit attack that caused at least $460,000 in losses. The attack continued with an exploit for a vulnerability in the socket, an interactive protocol, a newly added module that allowed attackers to extort nearly $3.3 million from users. Next, Goledo Financial, a lending protocol in the Conflux ecosystem, was used, resulting in a loss of 7.9 million CFX, which is approximately $1.7 million. The preliminary investigation points to another flash loan attack, highlighting the persistent threat to DeFi platforms.