The new year has barely begun, and the cryptocurrency industry is already facing a wave of security breaches with over $97 million stolen in a series of high-profile attacks.
These incidents have raised serious concerns about the security measures of various platforms and the growing sophistication of cybercriminals.
Gamma Heist: Over $3M in Digital Assets Drained
Gamma Strategies, a decentralized finance protocol, reported a cyber attack on January 4, 2024, which led to the loss of digital assets worth over $3 million. In response to the attack, Gamma Strategies has halted all deposits into its “public-facing vaults” to prevent further breaches.
The attackers managed to manipulate the price change threshold settings, allowing them to mint an excessive number of LP tokens. To address this vulnerability, Gamma is now setting all price change thresholds to “a safe level” and will require third-party code reviews before reinstating deposit functionality.
CoinsPaid Suffers Another Hack: $7M Lost
Estonian crypto-payments service provider, CoinsPaid, faced its second hack within a year on January 5, losing roughly $7.5 million in cryptocurrency from the Binance (BNB) and Ethereum (ETH) chains. This follows a previous breach in July 2023, where the company lost $37.3 million but managed to compensate customers from its reserves.
The Cyvers team, which reported the breach, suspects the Lazarus group might be responsible. The hacker converted the stolen assets into ETH and dispersed them across various accounts, with some funds deposited into exchanges like WhiteBit, MEXC, and ChangeNow.
Hacker has got another $1M worth of digital assets 924K BSC-USD and 268.5 $BNB.
All together total loss is $7.5M
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) January 6, 2024
Orbit Chain’s $82M New Year’s Heist
Orbit Bridge, part of the Orbit Chain protocol, was exploited for a massive $82 million just before the new year. The breach was detected by blockchain security firms and concerned individuals who noticed unusual outflows from the protocol.
The stolen funds included a mix of Tether (USDT), USD Coin (USDC), Ethereum (ETH), Wrapped Bitcoin (WBTC), and DAI, which were quickly moved to new wallets. Orbit Chain is known for its cross-chain transfers and is a key player in the interoperability between blockchain ecosystems.
Radiant Capital Loses $4.5M in ETH
Radiant Capital (RDNT), a cross-chain lending protocol, was hacked on January 4, resulting in the theft of 1,900 ETH, approximately $4.5 million. The exploit occurred due to a vulnerability associated with the activation of a new market. Radiant Capital has since suspended its lending and borrowing markets on Arbitrum for investigation.
Polychain Capital CEO’s Account Compromised
Olaf Carlson-Wee, CEO of Polychain Capital, had his personal social media account hacked and used to promote a fake airdrop for a non-existent native token, PCHAIN. The company has since regained control of the account and deleted the fraudulent post, but not before it reached over 40,000 viewers.
The Growing Threat of Crypto Heists
These incidents underscore the persistent threat of cyberattacks in the crypto industry. According to blockchain security platform Scam Sniffer, crypto phishing scams affected over 324,000 people in 2023, with nearly $300 million in losses.
The decentralized finance sector remains the most targeted, with 280 security incidents in 2023, causing $773 million in losses. Ethereum and Polygon were among the most affected networks, with losses of $487 million and $123 million, respectively.
As the industry grapples with these challenges, the importance of robust security measures and constant vigilance cannot be overstated. The recent heists serve as a reminder that both platforms and users must remain alert to the evolving tactics of cybercriminals.