The 5 biggest DeFi hacks of 2023

More than $1.3 billion has been lost to crypto hacks this year

by Bessie Liu /
article-image

Artwork by Crystal Le

share

Ledger was recently exploited for an estimated $610,000 —  a reminder that security and privacy remain important priorities for the crypto ecosystem.

According to DeFiLlama, hackers have cost crypto startups and projects more than $1.3 billion in losses this year. Since June 2016, on-chain losses have amounted to an estimated $7.54 billion, with $5.69 billion hacked in DeFi protocols. 

Brian Pak, co-founder of Chainlight, told Blockworks that these exploits should be a fundamental reminder that security is still overlooked in much of the DeFi Ecosystem.

Read more: ‘Wallet drainer’ code added to Ledger library has crypto on edge

“As we enter into another bull market and liquidity starts to pour into the DeFi ecosystem, we can expect to see hacks like this happen more often,” Pak said. “It is of paramount importance that protocols take preemptive measures and are properly audited. Furthermore, builders must place more focus on security if the DeFi ecosystem is to flourish.”

With 2024 just around the corner, let’s look at the five largest exploits that occurred this year.

1. Mixin Network — $200 million

Hong Kong-based decentralized peer-to-peer network Mixin Network was exploited for an estimated $200 million in September this year, making it one of the biggest hacks of the year.

Mixin has since released a new system with enhanced security features. It has also offered the hacker a bounty of $20 million in return for the stolen assets. 

“Most of our platform assets were users, and we hope you can refund them,” the Mixin team wrote. The company added in a post on X that the hacker could reach the team anonymously or through appropriate channels in order to return the compromised assets.

2. Euler Finance — $197 million

DeFi lending protocol Euler Finance was the victim of a flash loan attack that saw $197 million stolen after an attacker tricked the smart contracts into believing there were fewer collateral tokens than debt tokens. 

Following the exploit, the Euler team offered a $1 million reward bounty to ensure the attacker was arrested. 

After a series of back-and-forth communications, the Euler attacker — who went by “Jacob” — returned all stolen funds to the Euler team. 

3. Poloniex — $126 million

The Justin Sun-owned exchange Poloniex saw an estimated $126 million drained after hackers gained access to its hot wallets in mid-November.

Immediately after the hack, Sun wrote in a post on X that “Poloniex maintains a healthy financial position and will fully reimburse the affected funds,” and that the exchange was offering a 5% white hat bounty to the hacker in exchange for the stolen cryptocurrencies.

The hacker was given seven days to consider the offer before Sun would turn to law enforcement. 

A month after the attacks, Poloniex has since resumed withdrawal and deposit services for select tokens on the TRON network, including USDT, USDD, BTT, WIN, NFT, SUN, JST, USDJ and USDC. 

4. Multichain — $126 million

Cross-chain bridge Multichain saw a total of $126 million being moved from its bridges to an unidentified address after its private keys were compromised.

Stolen funds had been transferred to different addresses and were not withdrawn or put through cryptocurrency mixers. 

Soon after the attack, it was revealed that the company’s founder and CEO had been missing for a month, and it was suspected that Chinese authorities had arrested him

Multichain services have stopped indefinitely, and the team has urged users not to use any multichain bridges. 

5. Atomic Wallet — $100 million

North Korean hackers stole an estimated $100 million from Atomic Wallet after an estimated 5,000 crypto wallets were compromised, with one particular wallet losing over $1 million in funds
After failing to address the incident and downplaying its urgency, a group of investors have since sued the wallet provider.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Permissionless III Hackathon

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

learn more

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Permissionless is a conference for founders, application developers, and users. Come meet the next generation of people building and using crypto.

learn more

recent research

Research Report Templates (1).png

Research

Why Solana Mobile Should 100x Their Phone Production

Solana Mobile is a highly ambitious foray into the mobile consumer hardware market, seeking to open up a crypto-native distribution channel for mobile-first applications. The market for Solana Mobile devices has demonstrated a phenomenon whereby external market actors (e.g. Solana-native projects) continuously underwrite subsidies to Mobile consumers. The value of these subsidies, coming in the form of airdrops, trial programs, and exclusive NFT mints, have consistently covered the cost of the phone and generated positive returns for consumers. Given this trend in subsidies, the unit economics in the market for Mobile devices, and the initial growth rate and trajectory of sales, it should be expected that Solana mobile can clear 1M to 10M units over the coming years. As more devices circulate amongst users, Solana Mobile presents a promising venue for the emergence of killer-applications uniquely enabled by this mobile-first, crypto-native distribution channel.

by Luke Leasure

/

news

article-image

Analysis

Empire Newsletter: How US presidencies map to crypto markets

Plus, breaking down Donald Trump’s shifting crypto stance

by Katherine Ross&David Canellis /
article-image

DeFiMarkets

Mt. Gox customers to receive crypto assets after 10-year wait

Markets are holding relatively steady despite the supply shock

by Donovan Choy /
article-image

Markets

Markets brace for volatility as VIX rises to highest level since April 

Analysts are looking ahead to August, a historically volatile month made more interesting this year by the US presidential election

by Casey Wagner /
article-image

Analysis

On the Margin Newsletter: A notoriously rough month for markets is upcoming

Plus, a look into Lighting Labs’ newest feature

by Casey Wagner /
article-image

Opinion

Crypto investors must embrace new tax rules or risk falling behind

Crypto’s Wild West era is over — it’s time to embrace regulation to secure the future of digital assets

by Zac Townsend /
article-image

Analysis

Lightspeed Newsletter: Wine tokenization on Solana

Plus, Solana has now surpassed Ethereum in trailing 30-day decentralized exchange volume

by Jack Kubinec&Jeff Albus /