Throughout history, theft has been a persistent issue for investors, and the rise of cryptocurrencies has not been exempt from this trend. Since the inception of Bitcoin by Satoshi, the scale and frequency of fraud have only increased. The year 2023 has witnessed its share of high-profile hacks targeting various companies. Here’s a look at some of the most significant cyber heists of the year.
BonqDAO fell victim to a smart contract exploit due to an Oracle breach on February 1, leading to a loss of $120 million. A hacker manipulated the AllianceBlock Token prices, generating a large amount of BEUR, which was then swapped on Uniswap, triggering ALBT treasury liquidations. BonqDAO and AllianceBlock are collaborating to resolve the issues, including issuing new ALBT tokens.
Euler Finance, a notable DeFi protocol, suffered a $197 million flash loan attack on March 13, exploiting a liquidity vulnerability in Euler’s eToken function. The hacker, known as “Jacob,” returned $54 million in ETH and $10 million in DAI, marking one of DeFi’s most significant recoveries.
Atomic Wallet experienced a $100 million attack on June 3, impacting over 5,500 crypto wallets. Cybersecurity analysts linked the attack to the notorious North Korean cybercrime syndicate Lazarus Group. A group of Russian and CIS investors initiated legal proceedings against Atomic Wallet.
Multichain’s cross-chain bridge protocol was hit by a suspected rug pull attack on July 6, resulting in over $126 million in losses. Chainalysis data raised suspicions of internal involvement due to multiple independent issues. Significant assets, including wETH, wBTC, USDC, Dogecoin, and Tether, were affected.
CoinsPaid was targeted by a phishing scam on July 22, losing $37 million. Hackers used social engineering to trick an employee into installing software that compromised critical profiles and keys, leading to unauthorized access to the company’s infrastructure.
Curve Finance faced an attack on July 30, with an estimated loss of at least $60 million. The platform offered a reward to the attacker, initiating a recovery process that successfully retrieved a significant portion of the funds. The attack targeted Curve Finance’s liquidity pools, especially those containing stablecoins.