According to Chainalysis, 2022 is the year with the biggest crypto hacks, with $3.8 billion stolen primarily from DeFi protocols. However, DeFi hacks are in the headlines once again as 2023 starts off. Hackers target both DeFi protocols and individuals.
LendHub A Cross-Chain DeFi Lending Platform Hack
In January 2023, LendHub became the victim of the hack when attackers wiped away nearly $6 million by exploiting the smart contract of the platform.
This hack happened when the platform replaced the existing IBSV with a new version having Comptroller contracts. However, the old token was not removed because of an update failure. As a result, both were active in the market at the same price. This loophole allowed the hackers to interact with both token contracts individually. They opted for the mint and redeem opportunity in the old market and took out loans in the new market. This activity disturbed the liabilities calculations, and hackers quickly drained $6 million from the new token.
This hack indicated the importance of properly updating smart contracts on the blockchain.
DeFi Individual Attacks in January 2023
In January 2023, another trend of hacks was observed. Hackers have started targeting high-profile crypto individuals more than projects. Some of those victims’ names are as follows.
The victim of a phishing attack who lost 40 NFTs.
The victim of a Trojan horse, ended up losing control over his online accounts, including digital wallets.
He lost approximately 216 Bitcoin worth $3.6 million because of a leaked PGP private key and compromised accounts.
ShellBoxes Security Solution Against DeFi Attacks
The majority of the DeFi hacks happened due to vulnerabilities in smart contracts. While the personal attacks happened due to poor security practices.
Hence, effective cybersecurity testing and implementation is the only way to save your project from such attacks. If you are also planning to launch a new DeFi project or have not done security testing yet, reach our ShellBoxes security experts at firstname.lastname@example.org to ensure your project’s security.