Quantstamp reported that $38.9M was lost in DeFi attacks in January
Decentralized finance (DeFi) security startup Quantstamp has identified the top five modern contract protocols most vulnerable to exploits and hackers in January.
In a post on social media X, Quantstamp said actions taken by bad actors such as smart contract hacks, key deals and fraud led to a total loss of $38.9 million in January.
By January 2024, $38.9 million has been lost to web3 security risks so far
Let's take a look at the 5 biggest smart contract hacks ever seen
— Quantstamp (@Quantstamp) January 30, 2024
Radiant Capital suffered a $4.5 million loss in a flash loan attack in early January. Blockchain security firm PeckShield attributed the issue to a “known rounding issue” in the current Compound/Aave codebase.
The DeFi lender has stopped its USD Coin (USDC) pool on Arbitrum to solve the problem. Radiant claims that user funds are safe, and operations have resumed after an investigation.
We kindly ask our users to fill out the Google Form linked below to start the asset recovery compensation process.
️ The form will last for one week and we will prioritize compensation for those who submitted their request.
⤵️ Form below. https://t.co/8Hm79uTdwZ
— Goledo Finance (@GoledoFinance) January 30, 2024
Gamma Strategies suffered a flash credit attack hours after the January 4th radiation attack, resulting in a code bug that allowed attackers to withdraw $6.1 million from Gamma's public-facing vaults. To address the problem, Gamma temporarily stopped deposits, remedied the exposure.
Wise Lender suffered at least $460,000 in losses from the Jan. 12 credit flash attack. The exploit involved the use of a price tag used by Wiz Lending and marked the second attack on the protocol in six months. The Web3 loan application has flown 170 Ether (ETH).
Related: Unwanted emails from Patreon? Crypto users say this could be a phishing scam
On January 16, Socket, a multi-chain protocol, suffered a security breach due to a vulnerability in user authentication input. This allowed the hackers to steal nearly 2,000 ETH worth over $4 million. However, the socket recovered 1,032 ETH (approximately $2.3 million) and refunded all affected users as part of its plan to restore user funds.
Goledo Finance suffered a security breach similar to the Gamma exploit, in which $1.7 million was stolen in a loan attack. On January 28, negotiations with the criminal continued, and Goledo announced a reward for the return of the money.
The lending protocol announced that the hacker's account had been banned on the central exchange. Goledoo is assessing the extent of the damage to formalize a recovery strategy, and local law enforcement has been briefed on the situation.
Goldo Group has released the compensation process to recover the user's property. The group has provided a Google form for users to submit their claims.
Magazine: Diffie's Billion Dollar Secret: Insiders Responsible for Hacking
