Back to main

Quantstamp Identifies Top 5 DeFi Protocols Hit by $38.9 Million in Losses from Exploits in January

Quantstamp, a decentralized finance (DeFi) security startup, has unveiled a list of the top five smart contract protocols that suffered significant losses due to exploits and malicious activities in the month of January.

These incidents collectively resulted in losses amounting to $38.9 million.

Radiant Capital was among the first victims, experiencing a loss of $4.5 million in early January due to a flash loan attack.

The attack was attributed to a “known rounding issue” in the current Compound/Aave codebase, as identified by blockchain security firm PeckShield.

Radiant promptly took action by suspending its USD Coin pool on Arbitrum to address the issue and ensure the security of user funds. Operations resumed after a thorough investigation.

Gamma Strategies faced a similar flash loan attack just hours after Radiant’s incident, resulting in the siphoning of $6.1 million from its public-facing vaults due to a code bug. To mitigate the vulnerability, Gamma temporarily halted deposits and swiftly fixed the issue.

Wise Lending experienced a loss of at least $460,000 on January 12th in a flash loan attack, involving manipulation of the price oracle used by the platform.

Remarkably, this marked the second attack on the protocol within six months, causing the depletion of 170 Ether (ETH).

READ MORE: Solana-Based Jupiter Exchange Dominates Trading Charts with $480 Million Volume in 24 Hours

On January 16th, Socket, a multichain protocol, suffered a security breach due to a vulnerability in user verification input, allowing hackers to steal nearly 2,000 ETH, valued at over $4 million.

However, Socket managed to recover 1,032 ETH (approximately $2.3 million) and reimbursed all affected users as part of its efforts to restore user funds.

Goledo Finance faced a security breach similar to Gamma’s exploit, resulting in the theft of $1.7 million on January 28th.

Negotiations with the perpetrator are ongoing, and Goledo has offered a reward for the return of the stolen funds.

The hacker’s accounts on centralized exchanges have been frozen, and Goledo is evaluating the extent of the loss to formalize a recovery strategy, with local law enforcement briefed on the situation.

Goledo has also outlined its compensation process for user asset recovery, providing a Google form for affected users to submit their claims.

The DeFi space continues to grapple with security challenges, highlighting the importance of ongoing vigilance and improvements to protect user funds.

Discover the Crypto Intelligence Blockchain Council

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Read on Crypto Intelligence Investment Disclaimer