DeFi Traders Lost $228 Million to Hackers in 3 Months

Hackers intensified their efforts to hack cryptocurrency projects in the past year and mostly had DeFi in their crosshairs, according to a new report from Immunefi.

The report, compiled by the bug bounty platform Immunefi, found that overall hacks across blockchains went up by 63% in the second quarter of 2023 compared to the same period last year. Though total losses were down 60% from last year, ImmuneFi warned that the overall number of hacks has increased by 65% and losses from fraud rocketed up by 225%.

Immunefi found that the majority of the attacks were conducted against DeFi platforms, which lost $228 million in Q2 across 79 separate incidents. In contrast, centralized platforms lost $37 million in the quarter across two incidents. 

According to Immunefi, most of the crypto losses originated from two specific incidents—the June 3 hack of Atomic Wallet and the May 23 exit scam by the now-defunct Fintoch platform.

Atomic Wallet, a self-custodial decentralized wallet, lost $100 million in crypto allegedly to hackers from the North Korea-linked Lazarus Group. The Atomic Wallet team said that the hack affected “less than 0.1%” of users, but did not confirm if they believed Lazarus to be responsible. 

In May, FinToch disappeared with almost $32 million in user funds after promising users a 1% daily interest on their investment. The scam, known as a rugpull, was identified by Twitter blockchain detective ZachXBT. 

Immunefi also found that some chains were targeted more than others. It found that attacks on BNB Chain and Ethereum made up 77% of all losses in the last quarter, followed by Arbitrum at 12%. They said that attacks on Arbitrum were notable, given that it experienced no incidents at all in the same period last year.

Arbitrum has not returned Decrypt’s request for a comment. A spokesperson for Binance also did not respond to a request for comment.