Beosin’s security arm, Beosin EagleEye, recently reported a $295.2 million total loss due to 61 web3 space attacks in Q1 of 2022. The report states that compared to Q4 of 2021, it decreased by approximately 77% and is also lower than any quarter in 2022.
Particularly for March, losses from attacks amounted to about 79.7% of the Q1 attacks, reaching about 235 million USD. Attacks increased from January to March.
The most frequently attacked projects were DeFi projects and mainly Ethereum-based platforms, this was followed by NFTs losing about $18.52 million. Next to Ethereum was the BNB Chain with the most attacks.
The DeFi projects had the highest amount of losses with about 248M USD lost covering 84% of the total loss amount. Flash loan attacks recorded the highest loss; all “eight flash loan incidents lost about 198 million US dollars”. The attack method used often is contract vulnerability exploitation; “27 attacks accounted for 44% of all incidents,” the report said.
Approximately $200 million of the funds stolen were recovered during the quarter compared to any quarter in 2022. And only 41% of the attacked projects have been audited. Specifically, the hacker who attacked dForce returned all the stolen funds of $3.65 million, also, the white hat hacker who attacked Tender.fi returned the stolen funds and also obtained 62 bounties in ETH.
One of the 61 major attacks, Euler Finance, a lending protocol on the Ethereum chain, lost about $100 million via a flash loan attack.
On March 13th, Euler Finance was reportedly attacked and losses after evaluation reached $197 million. A few days later, the Euler Foundation announced a $1 million reward for information about the hack and return of the stolen funds. Between March 18 and April 4, the attackers returned the stolen funds gradually and issued an apology for “disrupting others’ money, work, and lives.”
Additionally, major rugpull incidents were mostly on the BNB chain and totaled 41 for Q1 involving approximately $20.34 million. The top three rug pull projects include Kokomo Finance, FCS, and CirculateBUSD.
According to the report, many fraudulent projects choose BNB Chain because:
- BNB Chain has lower gas fees and shorter block generation intervals.
- BNB Chain has more active users.
- It is more convenient and quick for BNB Chain users to use Binance to deposit and withdraw funds.
Further, other major identified attack methods include phishing, man in the middle, and misconfigurations.
Read also;
TUSD takes off as a native token on BNB Chain
What do you think of this article? Share comments below.
