In a previous blog post we talked about the most popular attacks that the DeFi sector is experiencing. According to DeFiLlama, February losses for various projects were around $21 million.

Lets remember what are some of the most popular DeFi hacking methods:

1. Smart Contract Exploits: Smart contracts are self-executing computer programs that are used to automate transactions on the blockchain. Hackers can exploit vulnerabilities in these smart contracts to steal funds or manipulate transactions.
2. Flash Loan Attacks: Flash loans are a type of DeFi loan that allows users to borrow funds without collateral. Hackers can use flash loans to manipulate the price of a particular token, liquidate collateral, or drain liquidity pools.
3. Liquidity Pool Exploits: Liquidity pools are used to facilitate trading on decentralized exchanges. Hackers can exploit vulnerabilities in these pools to manipulate the price of a particular token or drain funds from the pool.
4. Token Swap Exploits: Token swaps are used to exchange one cryptocurrency for another. Hackers can exploit vulnerabilities in these swaps to steal funds or manipulate the price of a particular token.
5. Social Engineering Attacks: Hackers can use social engineering tactics, such as phishing or impersonation, to gain access to user accounts and steal funds.

So what were the biggest losses of February 2023?

BonqDAO lost $1.7 million

On February 1, BonqDAO informed its followers that its Bonq protocol had been subjected to an oracle attack, which allowed the perpetrator to manipulate the price of AllianceBlock (ALBT) token. As a result, the attacker was able to boost the price of ALBT and generate a significant amount of Bonq Euro (BEUR). Subsequently, the attacker exchanged the BEUR for other tokens on Uniswap. Unfortunately, the price of ALBT dropped drastically, resulting in the liquidation of the token. Despite initial estimates by blockchain security firm PeckShield suggesting that losses could be as high as $120 million, it was later revealed that the hackers managed to cash out only $1 million due to a lack of liquidity on BonqDAO.

Orion Protocol lost $3 million

The following day, on February 2, Orion Protocol, a decentralized exchange, was hit with a loss of approximately $3 million as a result of a reentrancy attack. The attackers used a malicious smart contract to drain funds by repeatedly issuing withdrawal orders against the targeted account. CEO of Orion Protocol, Alexey Koloskov, confirmed the attack and assured users that their funds were secure. Koloskov suggested that the problem was potentially caused by a vulnerability in a third-party library used by their experimental and private brokers rather than any inadequacies in their core protocol code.

Platypus Finance lost $9.1 million

Platypus Finance, a DeFi protocol, was the victim of a flash loan attack on February 16, resulting in a loss of $8.5 million from the protocol. According to an Omniscia post-mortem report, the attack was made possible by code that was out of order. On February 23, the Platypus team announced their intention to remint frozen stablecoins to return about 78% of the main pool funds. In addition, the team confirmed two more incidents that led to a total of $667,000 being exploited, bringing the total losses to around $9.1 million. On February 25, French authorities apprehended two suspects connected to the hack and confiscated approximately $222,000 worth of cryptocurrency assets.

Hope Finance lost $1.86 million

A few days after the previous DeFi attacks, on February 20, users of Hope Finance, an Arbitrum-based algorithmic stablecoin project, were targeted by a smart contract exploit, resulting in approximately $2 million being stolen from users. Web3 security firm CertiK reported the incident on February 21 after Hope Finance announced the scam on its Twitter account. According to a CertiK team member, the scammer altered the smart contract details, resulting in funds being drained from the Hope Finance genesis protocol: "It appears that the scammer changed the TradingHelper contract, which meant that when 0x4481 called OpenTrade on the GenesisRewardPool, the funds were transferred to the scammer."

Dexible lost $2 million

On February 17, multichain exchange aggregator Dexible suffered an exploit that targeted the app's selfSwap function, resulting in the loss of $2 million worth of cryptocurrency. According to a February 18 post from the exchange, "a hacker exploited a vulnerability in our newest smart contract. This allowed the hacker to steal funds from any wallet that had an unspent spend approval on the contract." The Dexible team discovered that the attacker had used the app's selfSwap function to transfer over $2 million worth of crypto from users who had previously authorized the app to move their tokens. The attacker then withdrew the coins through Tornado Cash into unknown BNB wallets.

DForce Network lost $3.65 million with a twist

Another DeFi protocol, dForce network, fell prey to a reentrancy attack in February, resulting in losses of approximately $3.65 million. dForce confirmed the attack in a post on February 10. However, there was a surprising turn of events when the attacker came forward as a white hat hacker and returned all the funds. "On February 13, 2023, the exploited funds were completely returned to our multisig on both Arbitrum and Optimism, which was a perfect outcome for everyone," dForce stated.

According to the 2023 Crypto Crime Report by blockchain data company Chainalysis, hackers took $3.1 billion from DeFi protocols in 2022, comprising over 82% of the overall stolen amount for the year.

‍