Quantstamp claimed that bad actors utilized attack strategies such as key compromises, smart contract hacks, and scams.
The security startup reports that established the top five smart contract protocols that experienced the most significant losses due to hackers and exploits last month.
In an X (formerly Twitter) post, the startup noted that the bad actors’ actions using different attack tactics, such as key compromises, smart contract hacks, and scams, led to losses amounting to $38.9M.
Quantstamp reported the exploits targeting decentralized finance (DeFi) exploit coinciding with PeckShield disclosing that bad actors orchestrated a $2.6 billion loss in 2023.
Radiant Capital Suffers $4.5M Exploit
A flash loan attack in early January resulted in Radiant Capital facing $4.5M in losses. PeckShield, a blockchain security company, established that the problem was due to an ‘identified rounding problem’ in the present Compound/ Aave codebase.
The decentralized finance lender paused its USDC pool on Arbitrum to solve the matter. Radiant explained that user funds were safe, and activities recommenced following a problem.
On January 4, Gamma Strategies was also affected by a flash loan attack hours following the attack on Radiant. It led to a code bug that enabled attackers to steal $6.1M from Gamma’s public-facing vaults. Dealing with this problem involved temporarily pausing deposits, which addressed the susceptibility.
Socket and Wise Lending Suffer Security Breaches
A flash loan attack on January 12 resulted in Wise Lending suffering a loss of at least $460,000. This attack entailed the manipulation of the price oracle utilized by the protocol and was the second attack within half a year. 170 Ether was drained from the Web3 lending application.
Socket, a multichain protocol, was hit by a security breach on January 16 caused by a susceptibility in user verification input. This permitted the hackers to take almost 2000 Ethereum, whose valuation was more than $4M. Nevertheless, 1032 Ethereum (nearly $2.3M) was recouped and refunded to all affected persons.
Goledo Finance Suffer $1.7M Exploit
Goledo Finance was affected by a security breach on January 28 resembling Gamma’s attack. The flash loan attack led to a loss of $1.7M. Talks with the culprit are still underway, and Goledo has declared an award for the return of the funds.
Goledo announced the freezing of the hacker’s accounts on centralized exchanges. Besides, it is assessing the magnitude of the loss to ratify a recovery plan, and local law enforcers are aware of the situation.
The Goledo team has laid out its reimbursement process to recoup user assets. It offered a Google form for people to submit their claims.