OKLink’s February 2024 report detailed $103 million in crypto losses, highlighting the critical need for increased security measures.
The blockchain industry faced significant security challenges in February 2024, as reported by OKLink in a recent review. Cumulative network losses totaled a staggering US$103 million, with phishing scams contributing 11.76% of those losses, according to the OKLink Security Incident Review.
The report highlighted that official social media accounts suffered 37 fraud and phishing incidents, mainly concentrated on platforms such as Twitter and Discord. These security breaches highlight the constant threat of cyberattacks in the crypto space.
The most significant REKT incident in February occurred when the senecaUSD staking protocol was exploited due to a logic flaw in the code, resulting in a loss of around $6.5 million USD. Since then, the attacker has returned approximately $5.3 million worth of assets. Additionally, the Shido project suffered a RugPull on February 29, 2024, resulting in a loss of around $2.1 million USD.
Other notable incidents include compromised keys and social engineering attacks. The Lightning Network FixedFloat project fell victim to an alleged private key leak that led to the theft of around $21 million USD in BTC and $4.8 million USD in ETH. These incidents represent a small fraction of the multifaceted security challenges facing the blockchain industry.
OKLink security experts inform that many hot wallets have been compromised this month due to private key leaks and project permissions being overtaken. Although losses from phishing, REKT and RugPull events have decreased compared to the previous month, the amount of damage caused continues to be a cause for concern among users and investors.
Experts recommend that project developers conduct extensive testing and audits of smart contracts before launch and manage project-related private keys with robust process controls to prevent potential exploits. For users involved in Web3 projects, due diligence on the authenticity and trustworthiness of projects is essential, along with increased ability to identify phishing websites and risky projects to mitigate investment risks.
The report also notes an incident involving PlayDapp, which suffered a loss of $290 million USD in PLA tokens. However, the actual liquidity did not support the cashing out of such a large amount, and the chain analysis revealed that the actual profits were significantly less (in the hundreds of thousands of US dollars) and difficult to accurately estimate. Therefore, only the initial loss of $31 million USD was included in the statistics.
The OKLink review serves as an extremely important reminder of the vulnerabilities in the crypto ecosystem and the importance of enhanced security measures and investor education to protect against such threats.
Image source: Shutterstock