Certik Study: $332 Million Lost to Exploits, Hacks and Scams in September, More Than $1.3 Billion Lost in 2023
In the month of September, digital assets worth approximately $332 million were siphoned from trading platforms via methods that include flash loan attacks, exit scams, and exploits. The value of digital assets stolen through exploits rose from $13.5 million in August to nearly $330 million in September.
Mixin Kernel Incident Most Significant Exploit in September
According to the cybersecurity firm Certik, digital assets worth approximately $332 million were stolen via code exploits, exit scams and flash attacks in the month of September alone. Exploits alone accounted for more than 98% of the thefts ($329.8 million) while the amount stolen through flash loan attacks and rug pulls was less than $2.4 million.
As shown by the data, the biggest incident during the month was the $200 million exploit suffered by Mixin Network on Sept. 23. As reported by Bitcoin.com News, the Mixin network team has since asked the attackers to take a bug bounty reward and return the rest of users’ funds.
#CertiKStatsAlert 🚨
Combining all the incidents in September we’ve confirmed ~$332M lost to exploits, hacks and scams.
Exit scams were ~$1.9M
Flash loans were ~$0.4M
Exploits were ~$329.8M
See more details below 👇 pic.twitter.com/DMFN9LWU8V
— CertiK Alert (@CertiKAlert) September 30, 2023
A few weeks earlier, the cryptocurrency exchange platform Coinex Global suffered an exploit in which digital assets worth $54 million were stolen. According to reports, preliminary investigations hinted at a possible compromise of private keys which enabled the criminals to move funds from the platform’s hot wallets. For context, in August the total value of digital assets stolen through exploits only totaled $13.5 million.
Meanwhile, unlike in the month of August when digital assets lost through exit scams topped $26 million (more than half of the nearly $46 million that was stolen), only $1.9 million was lost via this tactic in September. Likewise, the data indicates that the value of digital assets lost via the so-called flash loan attacks dropped significantly from $6.4 million in August to $0.4 million in September.
The cybersecurity firm’s data shows that the total value of funds siphoned from digital asset platforms since the start of the year now exceeds $1.3 billion. In August, this figure was just under one billion dollars.
What are your thoughts on this story? Let us know what you think in the comments section below.