According to a report published on August 31 by the blockchain security company Immunfi, the total amount of Bitcoin losses in August as a result of hacks and exploits was $15.8 million. These losses made up a portion of the $23.4 million in losses due to fraud and hacking, which is a huge drop from the $320.5 million in losses in July. Notably, none of these occurrences affected centralized financial companies; instead, they all targeted decentralized finance (DeFi) protocols.
Among the 21 reported security incidents, Ethereum blockchain experienced five, while BNB Chain had four. Coinbase’s newly launched layer-2 solution, Base, faced four security breaches shortly after its August 9 launch. Immunefi recently reported that BNB Chain was the top target for crypto hackers and scammers, with over 73% of all rug pulls in the entire crypto ecosystem happening on the network.
One major incident happened just before August had begun, On July 30, a major security breach occurred in several stable pools on Curve Finance, resulting in significant losses. The vulnerability was linked to specific versions of Vyper, a programming language used in Ethereum projects. The affected Vyper versions were 0.2.15, 0.2.16, and 0.3.0, all of which had a flaw in their reentrancy locks. This flaw allowed attackers to exploit the contracts, potentially draining all the funds within them. Security firm Ancilia found that 136 contracts were using Vyper 0.2.15 with reentrant protection, 98 contracts were using Vyper 0.2.16, and 226 contracts were using Vyper 0.3.0. They later announced a 10% bounty to the hackers if they return the other 90% of the stolen funds.
Another significant event occurred on August 19 when Thai authorities pulled off a vast sting operation that exposed an intricate cryptocurrency scam, leading to the arrest of a prominent Chinese businesswoman, Fengpei Cai. A Thai news publishing house reported that this high-profile operation involved raids on 29 different locations, revealing a web of investment fraud that spans across borders.
Immunefi reported that users have lost a total of $1.25 billion in cryptocurrency due to hacks and fraudulent activities this year. In March, Euler Finance, a DeFi protocol, experienced a $195 million loss in a malicious flash loan attack. Interestingly, less than a month later, the hacker returned over 90% of the assets after the threat of legal action from the developers.