DeFi hackers ring in New Year with 3 attacks in 5 days

Budding DeFi protocols have already struggled to keep hackers at bay in 2024, with almost $100 million lost in less than a week

article-image

Pavel Ignatov/Shutterstock modified by Blockworks

share

The first week of 2024 already has DeFi users on edge after three security incidents in five days.

Over the new year, South Korean cross-chain bridging project Orbit Chain lost $80 million in assets to hackers who’d raided the protocol’s multi-signature wallet.

The team says it’s now working with domestic and international law enforcement to determine the next steps and ways to execute a viable recovery plan.

On Monday — two days after the Orbit attack — cross-chain money market Radiant Capital lost an estimated $4.5 million in a flash loan attack. 

A bad actor had manipulated the liquidity index of a freshly created native USDC market on Arbitrum to rapidly siphon crypto from the protocol, leading to pauses in lending and borrowing activities through Radiant.

Loading Tweet..

The attack left Radiant Capital with bad debt and the team says it has since taken steps to re-capitalize. The hope is that users could regain access to their deposits. 

Next up was liquidity management platform Gamma Strategies, where an estimated $3.4 million was lost on Thursday. The attacker manipulated Gamma’s accounting mechanisms to mint an excess of liquidity provider tokens, which allowed them to illegitimately withdraw more than 1,300 ETH. 

Gamma has since shut off deposits on public-facing vaults to prevent further attacks. 

Loading Tweet..

Continued exploits across DeFi have left some concerned about the future of the space. 

“DeFi really needs to wake up,” Paul Frambot, CEO of software research and development company Morpho Labs posted on X. “It has been seven years, yet every week, new large-scale hacks, incidents freezing platforms, economic attacks.”

“We are missing orders of magnitude. We need to change the current paradigm.”

This sentiment is shared by Phillip Shoemaker, executive director of Identity.com, a non-profit organization providing decentralized identity verification. 

“Security audits are critical for this industry, including for smart contracts and data storage. But I don’t think there’s nearly enough security audits happening in the digital asset space as a whole,” Shoemaker told Blockworks.

He noted that the blockchain space needs to be doing “much, much more in this regard.”

“I think these hacks and various breaches are pushing a lot of people away from engaging with the industry – people just don’t know what’s secure and what’s not. This is something that we as an industry really need to address more thoroughly,” Shoemaker said.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Unlocked by Template (7).png

Research

Union’s improvements upon Tendermint consensus through CometBLS, coupled with ZK proving through Galois, allow for a broadly scalable, cost efficient, and low latency IBC implementation that is feasibly scalable across every existing blockchain, virtual machine and runtime. The implementation offers modular crosschain interoperability without the need for trusted intermediaries.  

article-image

Kraken’s chief security officer Nick Percoco said the exchange turned the tables on a North Korean hacker

article-image

Or is it approximately the least cypherpunk thing we could do?

article-image

Over 20% of SOL-USD swap volume goes through SolFi

article-image

CEO Vlad Tenev calls expected clarity on listing crypto asset securities “a big opportunity”

article-image

Big Tech pulled US indexes back into the green Thursday, as investors waited for two more Mag 7 first-quarter reports after the bell

article-image

Charts and takeaways from Tuesday’s jobs report and Wednesday’s GDP print, as the economy digests the tariff war