MarketWaves has recently analyzed reports on hacks in the DeFi and Web3 world, specifically examining the De.Fi REKT report.
This highlights the losses exceeding 82 million dollars recorded in the month of February 2024. DeFi is expanding rapidly, but with such growth also come threats and vulnerabilities that impact the entire ecosystem.
Let’s see below all the details.
Summary
Emerging Hacks in DeFi and Web3: the complete report
As anticipated, with the imminent end of February 2024, critical insights emerge outlining the predominant trends in security in DeFi, highlighting concerns and ongoing recovery efforts.
The analysis of data from the De.Fi REKT database has allowed to formulate useful suggestions aimed at supporting investors in devising more effective strategies to safeguard their assets within this space.
During the month in question, the DeFi sector experienced a significant increase in security-related incidents. A total of 82,287,101 dollars was lost on various platforms and chains due to various exploits.
However, efforts to mitigate these losses have led to the recovery of $1,325,932, highlighting the ongoing battle between security mechanisms and hacks.
February saw several notable cases, with PlayDapp, Fixed Float, and Jeffrey Zirlin among the most affected.
PlayDapp has suffered the biggest loss, amounting to $32,350,000 on the Ethereum chain, mainly concentrated in the games/metaverses category. Fixed Float followed with a loss of $26,130,157 on Bitcoin, highlighting the vulnerabilities of exchange platforms.
Jeffrey Zirlin’s $9.7 million loss on Ronin, on the other hand, highlighted the diversified nature of goals within the DeFi ecosystem.
Challenges and tips for security
The month of February saw significant issues arise in access controls, with significant losses amounting to $72,823,472 in four separate cases.
This underlines the persistent vulnerability in permission settings and access management within DeFi platforms.
The importance of adopting strict access control policies is emphasized by these incidents. Specifically highlighting the need to ensure that only authorized users can perform critical operations.
At the same time, exploits that exploit vulnerabilities in smart contracts or platform architectures have caused losses of $2,202,006 in four separate cases.
These episodes underline the importance of thorough control and testing of smart contracts before deployment. In order to reduce the risk of exploits and protect users’ resources.
Furthermore, phishing attacks, which aim to obtain sensitive information through deceiving users, have caused significant losses of $5,499,384 in four cases, completing the Top 3 of incidents.
These attacks underline the need for user education and awareness programs.
In particular, highlighting the importance of informing users about the tactics used by attackers and promoting the verification of the authenticity of communications and websites before sharing personal or financial information.
Vulnerabilities: analysis of DeFi targets in February 2024
The category of games/metaverses (web3) emerges as a significant target, with substantial losses highlighted in this period.
This trend reflects the growing interest in NFTs and gaming platforms within DeFi, attracting both users and malicious individuals.
The exploits in this category have caused losses exceeding 32.6 million dollars, with PlayDapp significantly contributing to this figure.
The DEX confirms itself as the second most popular exploit target, maintaining its attractiveness thanks to the significant liquidity that facilitates users’ transactions in the DeFi space.
Once again, this type of project has been targeted, with FixedFloat being the main victim during this month.
In third place are the loan and mortgage platforms. These, along with tokens, have recorded significant activity, highlighting their critical role in the DeFi ecosystem and their attractiveness to attackers.
Despite losses exceeding 1.3 million dollars, the recovery of this amount, even if it represents only a fraction of the total losses, highlights the effectiveness of recovery efforts of assets and underscores the importance of rapid response mechanisms.
Platforms and communities are called to pursue the development and continuous support of tools and strategies aimed at mitigating post-exploitation losses.
