Decentralized Finance (DeFi) hacks have fallen dramatically, but crypto rug pulls are on the rise, according to a new survey.
The unregulated Wild West nature of crypto often breeds exit scams and hacks. But while DeFi infrastructure is getting secure, and hence the amount lost to attacks is decreasing, the greed of Web3 users is proving more troubling.
DeFi Hacks in Decline
According to the blockchain security firm Beosin, the amount lost to DeFi hacks has declined for the last two months. In May, there were 22 incidents of the DeFi exploit, wherein hackers stole $19.69 million in total.
Beosin says that the amount lost has reduced by around 79% from April’s data.
The Jimbos Protocol hack from last weekend contributed $7.5 million to the total $19.69 million lost to hacks. The liquidity protocol based on the Arbitrum chain lost 4,090 Ethereum (ETH) due to a lack of slippage control of liquidity-shifting operations.
Later on Wednesday, the project announced an $800,000 bounty for those tracking the hackers and bringing back the funds.
Reason for Decline in DeFi Hacks
As technology is gradually maturing, various cybersecurity experts, white hat hackers, and on-chain sleuths contribute to improving the infrastructure. For example, this week, dWallet Labs discovered a critical vulnerability in the TRON multi-sig wallet and reported it to the team.
Even in March, the blockchain security firm Halborn discovered vulnerabilities that affected Dogecoin and 280 other networks, putting over $25 billion worth of crypto at risk.
According to Beosin’s studies, over half of the projects that became victims of DeFi hacks were unaudited. Hence, the firm urges the projects to audit their smart contracts from professional auditing companies before deploying the project on the mainnet.
Indeed, auditing might reduce the probability of vulnerabilities being unseen in projects.
$45.02 Million Lost to Rug Pulls
Of course, major DeFi projects are auditing their smart contracts. And additionally, white hat hackers are also helping discover vulnerabilities. Hence, amounts stolen in DeFi attacks have declined.
But there are no limits to the greed of crypto investors. Leveraging greed, the bad actors might launch lucrative projects offering guaranteed returns and conduct a rug pull.
The incidents when the core team of projects steals users’ funds and disables their online presence is called a rug pull.
Bad actors stole $45.02 million through rug pulls last month. Among them, the DeFi project Morgan DF Fintoch itself is responsible for stealing $32 million in users’ funds.
It promised a daily return on Investment (ROI) of 1% and claimed to be owned by Morgan Stanley. The project used a photo of a paid actor on its official website and claimed him to be the CEO.
The GREED Experiment
A Solana developer ran the “GREED experiment,” to educate people about crypto fraud. BeInCrypto reported that the developer launched a token, GREED, and asked the community to connect their wallets to the website and give write permissions to their Twitter accounts to increase the probability of getting a bigger airdrop.
More than 55,000 people connected their wallets, and over 42,000 gave access to publish the Tweets from their accounts. Lastly, the developer ended the experiment with a tweet :
“Greed consumed me.
I connected my wallet to a random site, signed a blind tx, handed over write perms for my Twitter.
This was the $GREED experiment.”
Got something to say about DeFi hacks, rug pulls, or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or Twitter.
For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.