On March 28, Prisma Finance, a decentralized finance protocol, became the target of a cyber heist that resulted in the theft of nearly $10 million. Cyvers, a blockchain security alert service, was first to notice suspicious activity. Shortly thereafter, they reported an additional unauthorized transfer of $1 million, bringing the total loss to an estimated $10 million.
Immediate Response to the Security Breach
In response to the attack, Prisma Finance’s team of core engineers and contributors immediately suspended operations to conduct a thorough investigation. The protocol, known for facilitating decentralized liquid staking tokens, reports a total value locked of over $222 million, per data from blockchain analytics platform DefiLlama.
The perpetrator, identified by Cyvers, proceeded to convert the illicitly acquired assets into Ethereum. In the midst of the ongoing security incident, blockchain security firm PeckShield alerted the public to the escalating losses now totaling 3,257.7 Ethereum, which equates to $11.6 million. PeckShield also advised investors to stay updated through official channels and to exercise caution to avoid related scams.
Additional Scams Surface Following Hack
In the wake of the security breach, opportunistic scammers have sought to exploit the situation. PeckShield highlighted a fake Prisma Finance account, which tried to mislead users with a deceptive link under the guise of being the official account, marked with a gold badge—despite having no affiliation with Prisma Finance.
This incident adds to the growing number of hack attacks within the cryptocurrency space, eroding trust in the industry. Blockchain security firm Immunefi reported that as of February 29, 2024, over $200 million has been lost to 32 incidents, marking a 15.4% increase from the $173 million stolen in the first two months of 2023. Immunefi’s report also disclosed that in 2023, the sector saw $1.8 billion lost to criminal activity, with the North Korean Lazarus Group accounting for 17% of the total.
