The hackers increased their activity in May, stealing a total of $257 million in several well-known attacks. Approximately $162 million in stolen funds could have been intercepted and the holder could be refunded.
Slowmist counted 15 major hacking incidents in May, totaling $257 million. This month’s major hack is Cetus Protocol Dex Exploit, which lost $230 million due to a defective smart contract.
The hack also led to a quick vote to freeze over $160 million on the SUI blockchain, pulling back funds from hacker wallets. The Slowmist report counted the upper limits of all exploits compared to the Peckshield estimate. $244 million For the past month.
Cork Protocol is Lost $12 million Faulty verification of user-supplied data allows hackers to take advantage of flawed pricing.
The third biggest hack was added at the last moment. Taiwan’s Vitopro exchange has confirmed leak $11.5 million With multi-chain hacks with continuous transactions. However, Bitopro did not immediately announce the hack, and only admitted the loss if Zachxbt focused on a suspicious transaction.
DPRK hackers take part in attacks on rEtiles and small wallets
Two small hacks involved Demex, with Oracle’s operation losing $950,000 and the Zunami protocol losing $500,000 from still unclear exploits. According to Slow mistSmart contract defects were the main cause of 95% losses in hacking cases.
Over the past month, a total of six social media accounts have been compromised, leading to losses from meme token shillings or social engineering. Hijacked X accounts have slowed down recently, but are vectors for reaching potential targets.
Individual phishing scams have also been active for the past month. A total of $9.6 million was stolen from 7,164 victims. According to Slowmist, the Lazarus Group is currently targeting individuals with large wallets, spending up to $5.2 million from one victim via malware.
The exploit targeted merchants with a prominent crypto wallet.
Slowmist has issued warnings to merchants accepting codes to avoid exposure to the main wallet. The other potential victim class is retail buyers involved with merchants on the chain.
Marinade’s finances resulted in Sol Reward’s losses
While not explicitly a hack, marinade finance was also the cause of the loss in May due to a flaw in the protocol. The project allowed validators to bid only on dusty SOLs, while receiving disproportionate rewards.
As a result, the validator took more SOL than it had accumulated, causing losses to MASOL holders to marinate marinade finance. Marinade Finance allowed the verifying officer to bid high for the production of the Block, but dropped the bid and deposited only dust.
Nevertheless, Marine Finance still allowed the release of rewards for security and block production. This meant that malicious balliters could earn substantial passive income with minimal investment.
Based on rough estimates, these validators took 3.4 million SOLs and again betted and received additional rewards. The main reason was that the marinade finance code did not remove low bidders as it was actually promised. Exploit Running for 126 Solana Epochs, or more than three months, before the possibility of unfair benefits was recognized.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
