People interested in keeping their funds secure from modern criminal banking systems turned to cryptocurrencies as an alternative store of value.
The peer-to-peer system used in the crypto sector, where trust isn’t a problem, has thrived. However, crypto exchanges where more is spent on coffee than on cyber security get hacked occasionally.
This report explores the unfortunate crypto security events incidents in November 2023.
Surge in Crypto Incidents during November
The Spanish adage “when it rains, it pours” became disaster personified for the world of crypto following a gush of cyber-attacks with over 28 incidents. November has become the red-letter month for the crypto sector, with crypto platforms losing some $350 million, the highest monthly total in 2023.
According to a report on hacks and scams by Web 3.0 bug bounty platform ImmuneFi, there was a notable shift in focus as centralized finance (CeFi) platforms overtook decentralized finance (DeFi) platforms as targets for crypto attacks.
The report states that CeFi platforms lost over $184 million, or 53% of the losses. The report states that crypto platforms have experienced over 296 incidents this year, leading to losses of over $1.75 billion in hacks and rug pulls.
Crypto Security Incidents Surge, Total Losses Reach $356.53 Million, Marking a 6.9-Fold Increase from October
A report by blockchain security firm CertiK posted on X (formerly Twitter) has termed November the “most damaging month” of 2023, following a shocking 6.9-fold increase from losses recorded in October. Hackers stole a staggering eye-watering $356.53 primarily using phishing scams, hacks, and rug pulls.
At the epicenter of these heists were two leading P2P decentralized exchanges, Poloniex and HTX. They bore the brunt of cybercrime during the month, with their combined losses amounting to over $244 million. Strangely, these two platforms are associated with renowned crypto entrepreneur and Tron (TRX) blockchain founder Justin Sun.
According to CertiK, the Poloniex incident, where approximately $126 million was lost, involved a private key compromise, the elephant in the room in most attacks. That the hackers could zero in on an individual account and siphon over $1 million shows a worrisome trend in phishing incidents that leaves a bad taste in the mouth.
Regarding attacks on P2P decentralized exchanges, an incident involving KyberSwap became the third-largest fraud case in November, where hackers stole a total of $45 million. The amount accounted for the entire amount targeting flash loan vulnerabilities and highlighted the danger of phishing scams as one address alone lost a whopping $27 million.
Exchange-Based Security Incidents (CEX and DEX) Result in a Staggering $215 Million in Total Losses
As if the sector had just stepped out of a bandbox, there was a notable surge in several other vectors of crypto-related crimes with sums exceeding the $100 million mark. The fraud involved duplicitous activities such as money laundering, highlighting the dynamic nature of dangers that exist in the crypto sphere.
In the public arena, the domino effect of these negative security incidents targeting both centralized (CEX) and decentralized (DEX) cryptocurrency exchanges adds up to over $215 million in losses. The stomach-churning figure underlines the industry players’ significance in reexamining security procedures and practices.
Everything being equal, stakeholders urgently need to strengthen the private key management protocols, introduce regular and robust security audits, and establish practical response plans besides integrating security awareness training programs for their technical and customer care staff.
To tie all the loose ends, industry players must deliberately rope in their customers and users by educating them to smell phishing scams no matter how much they’re disguised. All participants must remember that the famous crypto world adage “not your keys, not your coins” is still alive and kicking.
Every stakeholder in the crypto sphere will do well to remember to safeguard their private keys and scrupulously review transactions jealously. P2P decentralized exchanges must also ramp up security awareness besides instituting regular security audits so threats are nipped in the bud.
Dominant Role of Poloniex and HTX in November’s Crypto Losses, Responsible for 66% of the Monthly Total Due to Major Security Breaches
The two leading platforms linked to Tron founder Justin Sun, Poloniex and HTX, which bore the brunt of the November cyber-attacks, lost $131.4 million and $113.3 million, respectively. The incidents that have stood out for their magnitude and impact on the industry account for at least 66% of the month’s total losses.
These incidents should be a stark reminder that cybercriminals are waging an all-out war, and users must employ high-level security practices to secure their cryptocurrency investments. The increasing prevalence of cybercrime targeting crypto users remains a serious cause for concern and underscores the importance of crypto community members trusting project guidelines to remain safe.
While the amounts lost during November are substantial, they pale in significance as they account for 54% of the $3.7 billion lost in similar exploits in 2022. According to CertiK’s analysis, the crypto industry lost $1.7 billion in 2021. These disturbing statistics reveal a worrying trend where attacks and vulnerabilities escalate, leaving users vulnerable unless they learn more effective measures for safeguarding their assets.
In a stark reversal of the regular trend where hackers were in love with Decentralized finance (DeFi) platforms, November experienced a significant shift where centralized finance (CeFi) protocols were the primary targets. This new trend marks a pivotal moment since. In contrast, a total of 37 DeFi protocol incidents occasioned losses amounting to $158.6 million, the handful of attacks on CeFi platforms HTX, Poloniex, and Kronos Research saw $184.4 million siphoned, which is at least 53.8% of November’s damage.
Poloniex Hack Leads to $117 Million Loss in November; Suspected Sophisticated Compromise of Private Key
According to media reports, hackers believed to belong to the notorious Lazarus Group managed to infiltrate a hot wallet belonging to Poloniex and stole more than $117 million. The hacking incident was reportedly caused by a compromise to the wallet’s private keys.
The keys are believed to have been obtained through several social engineering tactics, including a coordinated phishing attack and dissemination of a Trojan virus. Data on etherscan shows the hacker first transferred 4,900 ETH worth at least $10,219,220 from Poloniex hot wallet to their wallet address tagged as Poloniex Hacker 1 before getting into a transferring spree.
Next, the hacker transferred some 25.5 million ELON tokens worth $ 3,984,349 from a hot wallet to the same address tagged as Poloniex Hacker 1. Further, the malicious actor drained another hot wallet tagged as Poloniex 4 of over $62.62 million worth of crypto, leaving only a meager $3,662,756 remaining in the wallet.
The exploiter, who was having a field day, is said to have mistakenly transferred some $2.5 million worth of GLM tokens to a deployer address rather than their intended address. The hackers stole tokens worth thousands or hundreds of dollars each in USDT, TUSD, ETH, GLM, TRON, LINK, DYDX, MANA, FLOKI, SHIB, and PEPE.
An investigation by Arkham Intelligence shows that the amount of crypto stolen could be worth over $117 million. Per their report, at least $57.79 million worth of the stolen crypto assets were initially held on the Ethereum Mainnet, $18.55 million on Bitcoin, and $47.52 million in Tron, among others. The Poloniex team acknowledged the unfortunate occurrence, explaining the wallet had been disabled for maintenance.
Writing on his X account, Tron founder Justin Sun also acknowledged the Poloniex incident and said investigations had commenced following the hacking. Sun said the exchange maintained a healthy financial position despite the hack. It said all affected funds would be reimbursed besides collaborating with other exchanges to facilitate recovery of the stolen funds.
Conclusion
The high November security incidents have coincided with a growing crypto interest. An emerging early bull market seems to have awoken the hackers, following the long lull associated with the long-drawn bear market, when criminals had much less to target and steal.
Nonetheless, this unmatched level of fraud is a permanent reminder that the cryptocurrency ecosystem is still filled with persistent vulnerabilities. The sophisticated nature of these cyber-attacks highlights the need for enhanced security practices and some level of regulatory scrutiny to safeguard the public and ensure investors maintain trust in the nascent crypto ecosystem.
More Info:
- Binance’s to Pay $4.3 Billion to U.S., HTX Heist, Genesis vs. Gemini (Again), and Grayscale’s ETF Quest
- Bitcoin’s $69K Revival, Consumer Price Index Impact, JPMorgan’s Skepticism, Blockchain ‘Intents’ unveiled
As the crypto sector continually evolves, it’s paramount that industry players address the ongoing vulnerabilities to foster trust. Thankfully, many crypto projects are beginning to collaborate with bug bounty platforms like ImmuneFi to strengthen their internal defenses and avoid similar incidents.
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL.FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL.FM strongly recommends contacting a qualified industry professional.
