Thu, November 28

November 2023 Witnesses a Disturbing Surge in Crypto Exploits 

Solana's New Memecoin COOLCoin Dump Raises Concerns Press Release
  • November month records an alarming surge, marking an 8-fold increase compared to October hack losses.
  • Hacks dominate 98% of losses compared to crypto frauds.
  • Major security breaches, such as Poloniex Exchange, HECO Bridge, and KyberSwap, shed light on the critical need to assess contract vulnerabilities and security measures.

In a recent report by QuillMonitor, an analytical tool powered by QuilAudits, November emerged as a concerning month for the crypto sphere, with a staggering $254.34M in losses. The notable figure was spread across 12 significant incidents, indicating an alarming 8-fold surge compared to October’s losses.

Hacks take the lead

Hacks remained the primary cause behind a whopping 98% of total losses in November 2023, contrasting with fraudulent activities like rug pulls, which amounted to a mere 2%.

These incidents exposed vulnerabilities in smart contracts, constituting the majority of attacks that resulted in approximately $54.1M in losses across 4 incidents. 

Renowned platforms like KyberSwap and Raft Fi experienced substantial losses, underlining the dire need for heightened smart contract security measures.

Biggest Hits of the Month and Its Root Causes 

  • Heco Chain faced an $87M theft from a private key compromise. This underscores the vulnerability of custodial systems, where a compromised private key resulted in unauthorized access and substantial asset misappropriation.
  • Poloniex suffered a $60M loss due to an exploit in its hot wallet infrastructure, which allowed unauthorized access to the funds stored within it. This incident highlights the critical importance of strengthening wallet security infrastructure.
  • KyberSwap fell victim to a $47M loss through an arbitrage attack, a smart contract vulnerability. The exploit allowed the attacker to manipulate price differentials between different markets, resulting in substantial losses. This emphasizes the imperative need for rigorous smart contract auditing and proactive vulnerability patching.
  • Kronos Research underwent a $26M attack after an assaulter compromised admin keys, leading to the unauthorized access and theft of developer funds. This is a strong reminder of vulnerabilities associated with centralized access control mechanisms.
  • Nobitex Protocol fell for a $12.5M loss due to a private key compromise, which again insists on the significance of safeguarding cryptographic keys.  

Year-to-Date Losses and Most Targeted Chains

Zooming out to a yearly perspective, the accumulated loss for 2023 stands at a whopping $1.67B. 

Notably, the most targeted chains in November were Ethereum, Arbitrum, and BNB chain, bearing the brunt of these malicious activities.

Understanding Threat Landscape

At the forefront of understanding and staying up-to-date with web3 threats lies QuillMonitor, an intuitive web3 hacks analytics tool that offers real-time insights and trends, enabling you to stay vigilant against emerging vulnerabilities.

Recent events in the crypto sphere underscore the critical need for heightened security measures. The dominance of hacks over scams highlights the importance of being vigilant against malicious actors and vulnerabilities inherent in smart contracts.

Inputs From The Industry Leading

Mitigating risks associated with smart contracts demands rigorous due diligence and comprehensive audits. QuillAudits is a strong defender who has safeguarded over $30B+ in user funds in the Web3 world. With a team of ethical hackers, QuillAudits carefully examines blockchain and smart contract codes to find and report vulnerabilities.

QuillCheck, a tool from QuillAudits, helps navigate the complex Web3 space. It’s like a compass guide, helping users spot good and bad tokens by checking their codes and analyzing the market. It’s great at detecting scams like rug pulls and honey pot schemes, making it easier for users to make smart choices in Web3.

Amidst the recent surge, 2023 has lost over $1.67B so far. Nevertheless, a positive trend emerges as projects forge partnerships with bug bounty platforms, striving to enhance defenses and mitigate potential incidents, marking a proactive step towards enhancing industry-wide security practices.

Disclaimer: TheNewsCrypto does not endorse any content on this page. The content depicted in this press release does not represent any investment advice. TheNewsCrypto recommend our readers to make decisions based on their own research. TheNewsCrypto is not accountable for any damage or loss related to content, products, or services stated in this press release.

A passionate content writer, particularly interested in sports writing. Always keen to explore crypto world.