Cryptocurrency hacking and skimming losses exceed $103m in April

During April, cryptocurrency projects lost $103.7m due to exploits, hacks and exit scams. The cumulative loss since the beginning of 2023 was $429.7m, according to a report by analytics firm CertiK.

April's biggest exploits included a $25.4 million attack on several MEV trading bots, a $22 million exploitation of a Bitrue exchange hot wallet vulnerability, and a $13 million hack of South Korea's GDAC platform.

CertiK estimates that total losses from crypto and DeFi exploits for the month amounted to $74.5m.

About $20m was lost to projects due to flash credit attacks. The bulk of this amount came from DeFi protocol Yearn Finance, whose hacker took advantage of an old smart contract.

Cumulative losses from cryptocurrency exit scams last month reached $9.4 million. The largest incident in April was the Merlin DEX case, which lost $2.7 million due to a problem with private key management. The hack occurred immediately after an audit conducted by CertiK. Analysts worked with the exchange to present a compensation plan for those affected.

According to the De.Fi Rekt database, a total of more than 50 crypto exploits, scams, hacks and rug pull schemes (mostly with memcoins) occurred in April.

The most recent incident last month was a flash-credit attack on the Polygon-based Ovix protocol, which resulted in a $2 million loss.

As a reminder, according to CertiK, in the first three months of 2023, blockchain projects lost more than $320 million in hacks and fraud.