Crypto Hacks & Breaches Hit Record Low in April 2024, But Vulnerabilities Remain

April 2024 was a certainly a ride and the crypto market faced its fair share of challenges. A total of 37 security breaches rocked the industry, resulting in a staggering loss of $90.81 million. From hacks in smart contracts to exit scams, the month shed light on the persisting vulnerabilities within the crypto world.

Certik Alerts, a leading web3 security firm, released their comprehensive April report, revealing the lowest loss figure since 2021. Despite the hefty $90.81 million loss, there was a significant 141% decrease in breaches compared to March, offering a glimmer of hope amidst the turmoil.

Breaking Down the Losses

Uncovering vulnerabilities, exploitations, hacks, and scams collectively accounted for $25.7 million in losses, marking the lowest figure since 2021. This underscores the ongoing battle against cyber threats in the crypto domain.

Exit Scams

Exit scams, once rampant, saw a decline in April, with stolen funds dwindling to approximately $4.3 million.

Smart Contract Vulnerabilities and DeFi Protocols

Smart contracts bore the brunt of the losses, totaling a staggering $21 million, showcasing the inherent vulnerabilities within decentralized finance (DeFi) protocols. While flash loans amounted to a modest $129,000 in losses, they still highlighted areas of vulnerability.

Key Incidents & Notable Breaches

Delving deeper, several notable breaches unfolded in April:

1. OpenLeverage Attack 

On April 1, 2024, OpenLeverage was attacked resulting in losses of $260,000. The protocol guaranteed the users that payment would be done using insurance pools and reserve funds.

2. FixedFloat Exploitation 

The FixedFloat exchange suffered a $3 million hacker incident on April 2nd, 2024, underscoring the dangers of third-party dependencies in decentralized exchanges.

3. CondomSOL Exit Scam

CondomSOL orchestrated a flash crash on April 4th, 2024, gathering $920,000 before vanishing from Twitter, leaving investors in a state of panic.

4. Zest Protocol Breach

On April 12th, 2024, Zest Protocol experienced an attack, resulting in the removal of $1 million, with promises of reimbursement hanging in the balance.

5. Hedgey Finance Hack 

Contract weaknesses proved costly for Hedgey Finance on April 19th, 2024, bleeding out a staggering $47.7 million.

6. ZKasino Suspicion 

Suspicions swirled around ZKasino, with reports hinting at a possible exit scam, resulting in $33 million in losses.

7. Pike Finance Incident

Pike Finance’s USDC pool of Pike Beta was hacked on April 26, 2024, which resulted in the transfer of $300,000 due to the modification of the CCTP messages.

Understanding Loss Patterns

Smart contract vulnerabilities claimed nearly 51% of losses, followed by exit scams at 40.54%, totaling $37.57 million. Contract errors, responsible for 10 events, cost a hefty $46.93 million, highlighting the critical need for rigorous auditing practices.

A Tricky Terrain

As investors and users traverse the crypto landscape, conducting thorough research and fortifying security measures remains paramount. While April’s downturn offers a glimmer of hope, the question remains: Will this trend persist?

Also Check Out : Crypto Hack Report Q1 2024: Trends, Losses, and Recovery Efforts