During the shortest month of the year, malicious actors drained DeFi protocols of over $20 million.
Hackers stole at least $21 million from the decentralized finance (DeFi) space in February 2023.
According to the data released by DefiLlama, a website that tracks the DeFi ecosystem, the funds were lost in a series of attacks that targeted seven major DeFi protocols.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
What is a Perpetual Contract in Crypto? (Definition + Example)
The largest hack of the month was a flash loan reentrancy attack on the ChainSwap protocol. During the February 16th hack, ChainSwap lost $8.5 million in crypto assets.
In another incident, DForce Network lost approximately $3.65 million on another reentrancy attack. The team confirmed the exploit on February 10th. However, it was later announced through Twitter that the funds were recovered after the attacker claimed they were a white hat hacker.
The third largest hack of the month occurred at the beginning of the month, on February 2nd. The reentrancy attack that targeted a decentralized exchange Orion Protocol led to a loss of approximately $3 million.
Orion Protocol's CEO, Alexey Koloskov, confirmed the attack and highlighted the attacker used a malicious smart contract to make repeated withdrawal orders. The team responded by suspending some of the platform’s core functionalities as they worked on fixing the problem.
Other significant attacks highlighted by the source included:
- An attack on the selfSwap function of a multichain exchange aggregator, Dexible: $2 million;
- An oracle attack on BonqDAO: $1.7 million;
- A smart contract exploit on Hope Finance: $1.86 million;
- An exploit on an unverified contract on LaunchZone: $700,000;
Most of the attacks recorded during the month were executed through the protocol logic. Only a few were classified under rug pulls and smart contract exploits. Protocol logic is a standardized code used to create smart contracts and other decentralized applications (dApps). Hackers exploited the vulnerabilities in these codes, stealing funds from the target platforms.
Generally, flash loan attacks dominated the list of hacks, making it a major pain point for the DeFi niche.