Digest Technology
March 22, 2024

The New Wave of Cryptocurrency Hacks, Shocking Cases of 2024

In Brief

From gaming platforms to decentralised finance protocols and cryptocurrency exchanges, multiple entities have fallen victim to sophisticated attacks, resulting in staggering losses exceeding $150 million.

As the first quarter of 2024 draws to a close, the crypto world grapples with a series of alarming security breaches and hacks, shaking investor confidence and raising questions about the robustness of blockchain platforms. From gaming platforms to decentralised finance protocols and cryptocurrency exchanges, multiple entities have fallen victim to sophisticated attacks, resulting in staggering losses exceeding $150 million. These incidents underscore the urgent need for enhanced security measures and heightened vigilance within the cryptocurrency ecosystem. Let’s delve into the hacks that have dominated headlines in the first months of 2024.

PlayDapp experienced a security breach following a $32 million PLA token theft

Blockchain gaming platform PlayDapp lost almost $32.5 million worth of tokens due to a security flaw that was uncovered on February 9. Leading blockchain security company PeckShield first spotted the assault, which has had a major negative impact on the network and PLA, the native token.

PeckShield’s research revealed that the attacker generated 200 million PLA tokens in two different transactions after gaining access to PlayDapp’s secret key. As a result, there were too many tokens in circulation, which caused PLA’s value to drop precipitously by over 10%. Even if PeckShield alerted PlayDapp to the issue right away, PlayDapp failed to recognise the attack or even start to investigate it. Investors and platform users are concerned about this lack of action, and worries have also been expressed over PlayDapp’s security protocols.

Investors are concerned since PLA’s value has decreased dramatically as a result of the exploit. In the first 24 hours, the token price dropped by 8.4%. Even though PlayDapp has now acknowledged the issue in public, the platform still has to move quickly to safeguard its systems and stop any more hacks. Strong security protocols are crucial in the blockchain space, especially for platforms managing substantial volumes of user assets, as this event serves as a reminder.

A $26 million cryptocurrency theft hits FixedFloat, stealing Bitcoin and Ether

An unidentified party breached Fixedfloat, a controlled, efficient cryptocurrency exchange, and took about $26 million worth of bitcoin with them. X user 0xJosh reported the details first, saying that the exchange was experiencing “minor technical problems” and had entered maintenance mode as a result of the attack.

The blockchain security and auditing company Peckshield subsequently discovered that 409 BTC, worth nearly $21 million, and 1,728 ETH, worth $4.85 million, had been stolen during this hack. The company further stated that the majority of the stolen Ether had already been moved to several blockchain exchanges.


White hat attack costs Super Sushi Samurai $4.6M; SSS token drops 99%

A security assault on the Layer 2 network Blast within the Telegram messaging service led to $4.6 million being stolen from the GameFi project Super Sushi Samurai (SSS). The incident involved using the smart contract’s minting feature, which happened shortly after the SSS coin launch.

Coffee, a smart contract developer at Yuga Labs, discovered an issue in the token contract that enabled users to transfer their whole wallet value to themselves in order to double their money. The attacker allegedly doubled their money and drained liquidity on decentralised exchanges by exploiting this weakness. The freshly created tokens were subsequently sold by the attacker for 1,310 wrapped Ether (ETH), or $4.6 million.

Duelbits crypto casino hit by $4.6M breach

The hack entailed transferring $4.6 million from Duelbits wallets on the Ethereum and BNB chains to an unidentified address, according to Cyvers CEO Deddy Lavid. Furthermore, it looks like the wallet access control has been broken. This implies that access credentials or private keys could have been misplaced or taken. The hackers intended to convert various tokens into Ether in order to guarantee the highest level of liquidity for the fastest possible fund cycle.

The fact that Ether was carefully tied to assets on the BNB chain adds to the complexity. This implies that illicit earnings were transferred across platforms in order to conceal their source. However, the hacker’s haste was evident when they exchanged all of the BNB for BSC-USD without taking into account the fact that they lacked the gas costs required to link the assets to Ether.

Mozaic finance hacked for $2.4M via private key compromise

A statement from the protocol’s development team claims that on March 15, the Abitrum network was compromised via the yield farming protocol Mozaic Finance. The group asserts that the hacker has placed all of the stolen money on the controlled cryptocurrency exchange MEXC and is “confident” that it will receive its money back. Blockchain security company CertiK announced that the attacker used the “bridgeViaLifi” contract, which can only be called by a developer wallet, to drain funds. Thus, CertiK came to the conclusion that “a private key compromise appears to be the root cause of this incident.”

Abracadabra Finance drained an estimated $6.4 million in an apparent security attack

Abracadabra Finance’s DeFi protocol was allegedly the target of a serious security breach. According to security specialists from Peckshield and Blocksec, the protocol looks to have lost more than $6.4 million. According to Blocksec, the attackers specifically targeted the project’s smart contract, taking advantage of a rounding error that led to a “precision loss.” The business evaluated that there were still over $29 million in assets under the impacted contract.

A security issue at Socket Tech impacts several D’Apps and wallets.

On January 16, an attack in the cross-chain infrastructure protocol Socket.Tech had an impact on some Web3 applications. An estimated $3.3 million went missing as a result of the assault on the Bungee Exchange, a frontend for the Socket Protocol that connects Ethereum and 12 EVM chains. Through the exploitation of a flaw in the SocketGateway component of the system, a hacker was able to obtain money from users who had granted that component authorisation without the users’ knowledge or agreement. About thirty minutes after PeckShield, a blockchain security business, initially reported the theft at 2:26 PM ET, Socket Tech verified it.

CoinsPaid has experienced its second security breach in six months, this time $7.5M

Crypto payment gateway CoinsPaid has experienced its second security breach in six months. Web3 security firm Cyvers reported detecting unauthorised transactions of nearly $7.5 million. According to Cyver’s team on X (formerly Twitter), the attacker swapped around 97 million CPD tokens for ETH worth approximately $368,000 before moving the funds to externally owned accounts (EOAs) and crypto exchanges MEXC, WhiteBit and ChangeNOW. CoinGecko’s data shows CPD trading at $0.0006 at the time of writing, down 39.5% in 24 hours.

Orbit Chain loses $81M in cross-chain bridge exploit

Hackers took advantage of a cross-chain bridge on Orbit Chain, a platform that connects and transacts with many blockchains, and they lost $81 million as a result. In a post on X, the project verified the hack, stating that before targeting Orbit Chain’s Ether (ETH) vault, a hacker financed a wallet utilising the approved privacy protocol Tornado Cash. The hack’s proceeds were then transferred to many ETH wallets. Approximately $18 million worth of the dai (DAI) stablecoin and 26,741.6 ETH ($64 million) are being held in these wallets.

Disclaimer

In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.

About The Author

Victoria is a writer on a variety of technology topics including Web3.0, AI and cryptocurrencies. Her extensive experience allows her to write insightful articles for the wider audience.

More articles
Victoria d'Este
Victoria d'Este

Victoria is a writer on a variety of technology topics including Web3.0, AI and cryptocurrencies. Her extensive experience allows her to write insightful articles for the wider audience.

Hot Stories

Missed Bitcoin’s Rise? Here’s What You Should Know

by Victoria d'Este
December 20, 2024
Join Our Newsletter.
Latest News

From Ripple to The Big Green DAO: How Cryptocurrency Projects Contribute to Charity

Let's explore initiatives harnessing the potential of digital currencies for charitable causes.

Know More

AlphaFold 3, Med-Gemini, and others: The Way AI Transforms Healthcare in 2024

AI manifests in various ways in healthcare, from uncovering new genetic correlations to empowering robotic surgical systems ...

Know More
Read More
Read more
Transak Increases Accessibility To Memecoins By Listing 11 New Tokens
Markets News Report Technology
Transak Increases Accessibility To Memecoins By Listing 11 New Tokens
December 20, 2024
Missed Bitcoin’s Rise? Here’s What You Should Know
Opinion Business Markets Technology
Missed Bitcoin’s Rise? Here’s What You Should Know
December 20, 2024
The Explosive Rise of Crypto Theft in 2024 with North Korea Leading the Charge
Opinion Business Markets Software Technology
The Explosive Rise of Crypto Theft in 2024 with North Korea Leading the Charge
December 20, 2024
Multiple Network Unveils Brand Upgrade, Focusing On Privacy Protection And Data Acceleration 
News Report Technology
Multiple Network Unveils Brand Upgrade, Focusing On Privacy Protection And Data Acceleration 
December 20, 2024