MarketWaves recently analyzed reports on hacks in the DeFi and Web3 world, specifically analyzing the De.Fi REKT report.
The latter emphasizes losses greater than 82 million dollars recorded in February 2024. DeFi is expanding rapidly, but with this growth, threats and vulnerabilities are also emerging that impact the entire ecosystem.
Let’s see all the details below.
Emerging Hacks in DeFi and Web3: the complete report
As anticipated, with the imminent end of February 2024, critical insights emerge that outline the predominant trends regarding security in DeFihighlighting concerns and relentless recovery efforts.
The analysis of data from the De.Fi REKT database has allowed us to formulate useful suggestions aimed at supporting investors in devising more effective strategies for safeguarding their assets within this space.
During the month in question, the DeFi sector experienced a significant increase in security incidents. A total of $82,287,101 has been lost on various platforms and chains due to various exploits.
However, efforts to mitigate these losses resulted in the recovery of $1,325,932, highlighting the ongoing struggle between security mechanisms and hacks.
February saw several notable cases, with PlayDapp, Fixed Float e Jeffrey Zirlin among the most affected.
PlayDapp suffered the largest loss of $32,350,000 on the Ethereum chain, mostly concentrated in the games/metaverse category. Fixed Float followed with a $26,130,157 loss on Bitcoin, highlighting the vulnerabilities of the exchanges.
Jeffrey Zirlin’s $9,700,000 loss on Ronin, however, highlighted the diverse nature of targets within the DeFi ecosystem.
Security challenges and tips
The month of February saw significant problems emerge in access controls, with significant losses amounting to $72,823,472 in four distinct cases.
This highlights the persistent vulnerability in permission settings and access management within DeFi platforms.
The importance of adopting rigorous control policies of accesses is emphasized by these incidents. Specifically highlighting the need to ensure that only authorized users can perform critical operations.
At the same time, exploits, which exploit vulnerabilities in smart contracts or platform architectures, have caused losses for $2,202,006 in four distinct cases.
These incidents highlight the importance of thorough vetting and testing of smart contracts before deployment. So as to reduce the risk of exploits and protect user resources.
Furthermore, phishing attacks, which aim to obtain sensitive information by deceiving users, have caused significant losses of $5,499,384 in four cases, completing the Top 3 of accidents.
These attacks highlight the need for user education and awareness programs.
In particular highlighting the importance of informing users about the tactics used by attackers and promoting verifying the authenticity of communications and websites before sharing personal or financial information.
Vulnerabilities: Analysis of DeFi targets in February 2024
The games/metaverse (web3) category emerges as a notable target, with substantial losses highlighted in this period.
This trend reflects the growing interest in NFT and gaming platforms within DeFi, attracting both users and malicious actors.
Exploits in this category caused losses greater than 32.6 million dollars, with PlayDapp contributing significantly to this figure.
The DEX remains the second most popular exploit target, maintaining its appeal thanks to the significant liquidity that facilitates user transactions in the DeFi space.
Once again, this type of project has been targeted, with FixedFloat who turned out to be the main victim during this month.
In third place are the lending and mortgage platforms. These, along with tokens, have seen considerable activity, underscoring their critical role in the DeFi ecosystem and their attractiveness to attackers.
Despite losses exceeding $1.3 million, the recovery of this figure, even though it represents only a fraction of the total losses, highlights the effectiveness of the recovery efforts of assets and highlights the importance of rapid response mechanisms.
Platforms and communities are called upon to pursue the development and ongoing support of tools and strategies aimed at mitigating post-exploitation losses.
Source: https://cryptonomist.ch/2024/03/02/web3-analisi-report-hack-mondo-defi/