DefiYield, the DeFi investing and yield farming platform, tracks exploited projects across the DeFi ecosystem through its REKT database. Since January 2022, it has tracked over $60 billion in lost or stolen funds across 1,195 events, including Terra Luna. Ronin, Nomad, and the Wormhole bridge.
Roughly $2.4 billion has been recovered throughout the same period, just under 5% of the total loss. Until August, the majority of exploits occurred outside of the Ethereum ecosystem. However, as shown in the chart below, since the start of August, over 90% of funds lost happened within the Ethereum network.
A staggering $212,927,092 was lost in August, with the Nomad bridge exploit accounting for $190 million. Other exploits included the Solana Slope wallet incident, ZBExchange, Reaper Farm, and Acala Swap. The most prominent exit scam in August totaled $3.5 million from Dragoma. Several high-value rug pulls were also from two NFT platforms, HeroCat and SudoRare.
September saw an 18% decrease in stolen or lost funds, yet $170 million was still ripped from the DeFi ecosystem through exploits and hacks. The Wintermute hack made up most of the lost funds at $160 million. A further $977,550 was lost through the same Profanity vanity address exploit, which DefiYield has categorized as an “access control” issue.
Unlike other exploits, such as the Boy X Highspeed exploit, which took advantage of issues with the project’s smart contract, the Wintermute/Profanity exploit resulted from poor account management.
Wintermute used a flawed tool to generate a vanity Ethereum address with reduced cryptographic security, prioritizing gas fee optimization over security. The Boy x Highspeed exploit was the second largest in September at $2,584,890.
Three flash loan attacks were present in the top 10 exploits of September. New Free DAO, DAO Officials, and Cauldron all suffered flash loan attacks for $2,001,622.
Many exploits saw funds…
Click Here to Read the Full Original Article at Ethereum (ETH) News | CryptoSlate…
