Bitcoin
$57,297.03-4.67%
Ethereum
$2,906.23-3.06%
Binance Coin
$547.75-3.96%
Solana
$128.89+2.80%
XRP
$0.50955106+1.28%
Dogecoin
$0.12557576-4.85%
Toncoin
$4.71-6.84%
Cardano
$0.44313860+0.24%
Shiba Inu
$0.00002172-1.80%
Avalanche
$32.53-0.06%
Tron
$0.12183394+1.31%
Polkadot
$6.85+5.11%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
27
DAYS
06
HR
13
MIN
58
SEC
Markets

Crypto Hacks and Exploits Cost Traders $303M in July; Worst Month of 2023

Some $52 million of assets were siphoned from Curve Finance just this weekend.

By Krisztian Sandor
AccessTimeIconJul 31, 2023 at 1:44 p.m. UTC
Updated Aug 2, 2023 at 3:19 p.m. UTC
VolumeMuteUnmute
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now
  • Crypto investors suffered $303 million of losses from exploits and hacks in July, the worst month of the year.
  • Exploits of Curve Finance and Multichain were the latest reminders of vulnerabilities in decentralized finance.

Crypto traders have lost $303 million worth of digital assets in cryptocurrency exploits and hacker attacks this month, security audit firm CertiK tweeted, putting July on track to be the worst month this year so far in terms of stolen value.

The report comes as decentralized finance (DeFi) investors are still reeling from this weekend’s exploit of decentralized exchange Curve Finance, a key infrastructure in the DeFi ecosystem. Since Sunday, Certik confirmed some $52 million in digital assets as having been siphoned from the protocol using a vulnerability in some versions of the popular smart contract coding language Vyper.

Earlier this month, roughly $125 million of assets were drained from blockchain bridging protocol Multichain. The platform then shuttered operations and said that Chinese authorities had detained chief executive Zhaojun in May.

Ari Redbord, head of legal and government affairs of blockchain intelligence firm TRM Labs, said in a CoinDesk TV interview in May that DeFi protocols are the most vulnerable parts of the crypto ecosystem, adding that exploits are still happening at an "unprecedented" speed and scale.

Read more: 6 Kinds of Crypto Scams and How to Avoid Them

Of the $303 million this month, investors lost about $285 million in exploit attempts and hacks including the Multichain and Curve attacks, per CertiK’s data. Roughly $8.7 million of assets were drained abusing flash loans. This is a sophisticated exploit venue that lets traders borrow unsecured funds using smart contracts instead of third parties. These types of loans are legal, but attackers sometimes use them to manipulate the price of smaller, less liquid tokens for gains. The most notable example was DeFi protocol Conic Finance being drained of 1,700 ether (ETH), worth $3.26 million at the time, using flash loans.

Exit scams cost investors about $8.6 million. Otherwise known as “rug pulls,” these cons consist of developers hyping up a new project to raise money then draining liquidity.

Edited by Stephen Alpher.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Krisztian Sandor
Krisztian Sandor

Krisztian Sandor is a reporter on the U.S. markets team focusing on stablecoins and institutional investment. He holds BTC and ETH.

Follow @sndr_krisztian on Twitter

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.