+1000% Funds Lost to Crypto Crimes in February 2023

For the first time in 3 months, the amount of funds lost to crypto crimes is on the rise again!

In February, 84 crypto crimes leading to at least $279M lost were registered, an almost 1000% jump from January 2023.

Even the little warming of the crypto winter we have seen at the beginning of this year, is not enough to make the crypto market liquid enough that DeFi protocols would be safe enough from oracle exploits.

This is a cause for concern as low liquidity increases the vulnerability of price manipulation through oracle exploits, which is precisely what occurred with BonqDAO.

On February 1st, a staggering $120 million was lost to an oracle exploit, which constituted the largest hack of 2023 to date.

Like last month, exit scams were aplenty.

$11,4 million were lost to them, and no less than 4 projects appear to have staged “hacks”, when really these “hacks” were not so well disguised exit scams. Allowing them to swiftly abscond with the stolen funds and drive into the sunset.

Flash loan attacks have also resurfaced, accounting for a comparatively modest $800k loss in January 2023, but resulting in losses of almost $15.9 million this month.

February also bore witness to the revelation of a purported crypto ponzi scheme that embroiled various members of the UK Parliament and resulted in losses amounting to at least 87 million.

The architects of the scheme, Phoenix Community Capital’s founders, succeeded in promoting their alleged fraudulent endeavor through all-party parliamentary groups (APPGs).

These are informal, cross-party factions of House of Commons and House of Lords members that lack official status within Parliament, but, really, function as lobbying hubs.

For many APPG critics, this transgression represents the proverbial straw that broke the camel’s back. It is yet another instance in a long line of lobbying and espionage scandals that have affected APPGs since their inception.

For them, this situation is the prime example of how fraudulent projects will make use of APPGs and parliamentarians to gain credibility for their project in a bid to entrap more unsuspecting victims.

The hypothetical plus side of so many parliamentarians falling victims to a crypto fraud, is that maybe, hopefully, it will spur these policymakers into leading to the implementation of effective measures aimed at protecting and assisting those who have been victimized by crypto crimes.

One can only hope so.

What no one hopes for, though, is the attitude of some Web3 founders when faced with their own ineptitude to efficiently protect their users.

On February 20th, the DEX aggregator, Dexible, fell prey to a smart contract exploit that resulted in losses amounting to $2 million. From founders who made the choice to not even audit their newly deployed smart contract that would ultimately be hacked, one would have expected that the users would be served with excuses, instead they were served with an attitude.

To summarize their response, they shrugged off the incident, and offered what they probably thought was a quite witty response in quoting Rekt Hack leaderboard: “exploits happen in DeFi”.

…

This nonchalant, debonair, tone-deaf approach to security breach was also fully embraced by Bitbns CEO Gaurav Dahake.

In February, the crypto exchange Bitbns was hacked for $7,5 million and the company chose to conceal the incident until crypto sleuth zachxbt disclosed the information.

Instead of owning up to their mistakes and just saying sorry, Dahake declared that hacks were “ not abnormal” in the crypto space, and went on to explain that it happened to many exchanges and that this would improve their security system.

One would think that being responsible for such a large amount of funds and shouldering the responsibility of people’s life savings, these firms would prioritize security above all else.

And when involuntarily failing the very people who trusted them, they would admit to their failings, apologize for not being up to snuff, and work three times harder to ensure that it will not happen again.

There is something very wrong in the crypto space if hacks and fraud are the expected status quo, and some Web3 actors’ response to Web3 users is to basically say ‘deal with it’ instead of proactively dealing with security issues that are plaguing the space.

Web3 users deserve better.

About us

Nefture is a WEB3 Cybersecurity Company that keeps your wallet safe with our Metamask Extension. Register for the beta here!

We also allow brands to tap into web3 through 360° support on their blockchain project:

We specialize in blockchain technologies to make your project come to life and cybersecurity to completely secure your web3 journey: from building Smart Contracts, Audits, Minting websites, Dapps, Discord Audits and Securing,… to Security Breaches Investigation and Management!

Start your web3 journey with us: https://agency.nefture.com/