{"id":12121,"date":"2024-03-29T16:54:23","date_gmt":"2024-03-29T14:54:23","guid":{"rendered":"https:\/\/forklog.com\/en\/crypto-industry-faces-336-million-loss-from-hacks-and-scams\/"},"modified":"2024-03-29T16:54:23","modified_gmt":"2024-03-29T14:54:23","slug":"crypto-industry-faces-336-million-loss-from-hacks-and-scams","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/crypto-industry-faces-336-million-loss-from-hacks-and-scams\/","title":{"rendered":"Crypto Industry Faces $336 Million Loss from Hacks and Scams"},"content":{"rendered":"<p>The cryptocurrency industry suffered losses of approximately $336.3 million due to hacking and fraud in the first three months of 2024, according to an <a href=\"https:\/\/assets.ctfassets.net\/t3wqy70tc3bv\/7fdamBHkvZy0Y3zX2Lf5oT\/875845ab1bfc912988a571984ff6ff7c\/Immunefi_Crypto_Losses_In_Feb_2024.pdf\">Immunefi report<\/a> covering 61 incidents.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-eu.googleusercontent.com\/D0uWBM7uuPk5iRBsDohKo89xlIuRO40HWO-1IKxz4Mggs49ZoHBAtLAas5P-8CAcb9iVb73bcjA3ZfWFrsq45eK4JcIJVoL6Gl-IhpqnmiPAQuPLfCGfdkQICjlvJHnHrwu8uBBth1Yh2Fz9wZQhDB4\" alt=\"Fake ENA, Prisma Fund Movements, and Industry Losses of $336 Million\"\/><figcaption class=\"wp-element-caption\">Damage from scams and hacks in Q1. Data: Immunefi.\u00a0<\/figcaption><\/figure>\n<p>The number of attacks decreased by 17.6% compared to the same period in 2023, with losses also down by 23%.<\/p>\n<p>Researchers identified the largest breach as the $81.7 million exploit of the cross-chain bridge Orbit Bridge. The second largest was the $62.8 million theft from the Web3 platform Munchables, although the hacker returned all stolen funds.<\/p>\n<p>In total, $73.9 million\u201422% of the total damage\u2014was recovered through seven incidents involving white-hat hackers.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWhile the reduction in overall losses is a positive development, it is important to note that DeFi faced significant challenges, accounting for 100% of all losses in the first quarter of 2024,\u201d said Immunefi founder and CEO Mitchell Amador.<\/p>\n<\/blockquote>\n<p>Hacker attacks were predominant in the first quarter, with 46 incidents leading to losses of $321.6 million (95.6%). Approximately $14.7 million was stolen in 15 recorded fraud incidents.<\/p>\n<p>Ethereum was the most targeted blockchain, accounting for 51% of hacks and scams, followed by the BNB Chain at 22%.<\/p>\n<p>For the year 2023, Immunefi estimated the industry&#8217;s losses from hackers and fraudsters at $1.8 billion. PeckShield reported a different figure\u2014<a href=\"https:\/\/forklog.com\/en\/news\/peckshield-reports-2-61-billion-loss-in-crypto-industry-due-to-hacks-and-scams\">$2.61 billion<\/a>.<\/p>\n<h2 class=\"wp-block-heading\">Recent Breaches<\/h2>\n<h3 class=\"wp-block-heading\">An Imposter Among Us<\/h3>\n<p>PeckShield analysts discovered a fake token mimicking the native coin of the DeFi protocol Ethena Labs (ENA).<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> <a href=\"https:\/\/twitter.com\/search?q=%24ENA&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ENA<\/a> (Ethena Labs) on <a href=\"https:\/\/twitter.com\/hashtag\/BNBChain?src=hash&#038;ref_src=twsrc%5Etfw\">#BNBChain<\/a> has been exploited, resulting in a loss of 480 <a href=\"https:\/\/twitter.com\/search?q=%24BNB&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$BNB<\/a> (worth ~$290K)<\/p>\n<p>*Note*: The token shares the same name as the legitimate ones<\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1773630655848743329?ref_src=twsrc%5Etfw\">March 29, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to researchers, the perpetrator managed to steal about 480 BNB, valued at $290,000. The criminal exploited the hype surrounding the token&#8217;s airdrop and its launch on Binance Launchpool.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Introducing <a href=\"https:\/\/twitter.com\/ethena_labs?ref_src=twsrc%5Etfw\">@ethena_labs<\/a> <a href=\"https:\/\/twitter.com\/search?q=%24ENA&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ENA<\/a> on <a href=\"https:\/\/twitter.com\/hashtag\/Binance?src=hash&#038;ref_src=twsrc%5Etfw\">#Binance<\/a> Launchpool! <\/p>\n<p>Farm <a href=\"https:\/\/twitter.com\/search?q=%24ENA&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ENA<\/a> by staking <a href=\"https:\/\/twitter.com\/hashtag\/BNB?src=hash&#038;ref_src=twsrc%5Etfw\">#BNB<\/a> and <a href=\"https:\/\/twitter.com\/search?q=%24FDUSD&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$FDUSD<\/a>.<\/p>\n<p>\u27a1\ufe0f <a href=\"https:\/\/t.co\/1VIrENbi2v\">https:\/\/t.co\/1VIrENbi2v<\/a> <a href=\"https:\/\/t.co\/ZHiJ5eYCwc\">pic.twitter.com\/ZHiJ5eYCwc<\/a><\/p>\n<p>\u2014 Binance (@binance) <a href=\"https:\/\/twitter.com\/binance\/status\/1773569767921655808?ref_src=twsrc%5Etfw\">March 29, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Initially, PeckShield mistook this fake ENA token for the real one, causing confusion in the community. Crypto media Cointelegraph also repeated this error, which some users pointed out.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Hey <a href=\"https:\/\/twitter.com\/Cointelegraph?ref_src=twsrc%5Etfw\">@Cointelegraph<\/a>, your employees are really noobs in crypto.<\/p>\n<p>They wrote an article titled Ethena Labs Exploited On Binance Launchpool ??<\/p>\n<p>How can someone exploit tokens from Binance Launchpool?<\/p>\n<p>The Ethena project isn&#8217;t even live on the Binance Chain, and the <a href=\"https:\/\/twitter.com\/search?q=%24ENA&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ENA<\/a> token isn&#8217;t\u2026 <a href=\"https:\/\/t.co\/atZ8TdKESy\">pic.twitter.com\/atZ8TdKESy<\/a><\/p>\n<p>\u2014 Vasu Crypto (\u220e, \u2206) (@0x_Lens) <a href=\"https:\/\/twitter.com\/0x_Lens\/status\/1773649115211317673?ref_src=twsrc%5Etfw\">March 29, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cHow can someone exploit tokens on Binance Launchpool? The Ethena project isn&#8217;t even live on the BNB Chain, and the ENA token isn&#8217;t officially listed anywhere yet,\u201d wrote 0x_Lens.<\/p>\n<\/blockquote>\n<p>Later, both sources corrected their publications, clarifying the details.<\/p>\n<h3 class=\"wp-block-heading\">Prisma Fund Movements<\/h3>\n<p>The hacker who attacked the liquid staking platform Prisma Finance for $11.6 million did not join the 22% of white-hat hackers and began moving the stolen assets.<\/p>\n<p>On March 28, the perpetrator withdrew 3257.7 ETH through manipulations with mkUSD tokens and wrapped ether. The platform&#8217;s team announced the suspension of the protocol and the start of an investigation.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We are aware of a possible exploit on Prisma.<\/p>\n<p>Core engineering contributors will pause the protocol and investigate. <\/p>\n<p>We&#8217;ll share an update and a post-mortem.<\/p>\n<p>\u2014 Prisma Finance (@PrismaFi) <a href=\"https:\/\/twitter.com\/PrismaFi\/status\/1773316945430852058?ref_src=twsrc%5Etfw\">March 28, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>On March 29, PeckShield analysts recorded that the hacker sent 200 ETH, worth $707,000, to the crypto mixer Tornado Cash.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> The <a href=\"https:\/\/twitter.com\/PrismaFi?ref_src=twsrc%5Etfw\">@PrismaFi<\/a> exploiter labeled address 0x57f7 has just transferred another ~800 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> to <a href=\"https:\/\/twitter.com\/hashtag\/TornadoCash?src=hash&#038;ref_src=twsrc%5Etfw\">#TornadoCash<\/a> <a href=\"https:\/\/t.co\/J0KxxVTuNC\">pic.twitter.com\/J0KxxVTuNC<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1773603119902998781?ref_src=twsrc%5Etfw\">March 29, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Subsequently, the perpetrator sent another 800 ETH (~$2.83 million) to the cryptocurrency cleansing service.<\/p>\n<p>Back in February, FixedFloat was hacked, resulting in losses of <a href=\"https:\/\/forklog.com\/en\/news\/fixedfloat-cryptocurrency-exchange-hacked-for-26-million\">at least $26 million<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The cryptocurrency industry suffered losses of approximately $336.3 million due to hacking and fraud in the first three months of 2024, according to an Immunefi report covering 61 incidents. Damage from scams and hacks in Q1. Data: Immunefi.\u00a0 The number of attacks decreased by 17.6% compared to the same period in 2023, with losses also [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":12120,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1150],"class_list":["post-12121","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-news-plus"],"aioseo_notices":[],"amp_enabled":true,"views":"59","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/12121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=12121"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/12121\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/12120"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=12121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=12121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=12121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}