At least about USD $ 300 million were stolen in May by hackeos and crypt scams: Certik

The analysis firm Blockchain It informs that, of that total, most losses are related to code vulnerabilities in intelligent contracts, so it alerts the need for measures in the sector DEFI.

***

• More than USD $ 300 million stolen in May for hackeos and crypto scams.
• The losses shot by code vulnerabilities.
• These losses mark an increase of more than 4,400% compared to the previous month.
• Certik He also recorded phishing incidents, private keys and price manipulation.

During the month of May, Cripto users registered losses that exceeded USD $ 300 million due to various security incidents, according to a report by the signature specialized in cybersecurity Blockchain, Certik.

The report, reviewed by COINDESK, It emphasizes that The vast majority of these losses were caused by the exploitation of vulnerabilities in the code of intelligent contracts, which alone represented approximately USD $ 229 million of the total. This figure implies an increase of 4,483% compared to the month of April.

An anomaly in the behavior of attacks

Natalie Newson, senior researcher at Cetik, He described this increase as a relevant anomaly within security trends Blockchain. “Our research revealed a significant increase in losses due to code vulnerabilities, which represented most of the funds exploited in May”he explained.

This trend contrasts with the pattern observed in recent years. According to Cetik, Throughout the year 2024, USD $ 173 million had been lost due to these types of failures, while in 2021 that figure amounted to USD $ 1.3 billion, which so far suggested an improvement in intelligent contract development practices.

The case CETUS PROTOCOL: Epicenter of the loss

The most expensive incident of the month was the exploitation of Cetus protocol In sui Network. This attack, which resulted in losses of approximately USD $ 225 million, led the network operators to make the controversial decision to temporarily pause the block chain to contain the damage.

The decision to freeze a network Blockchain It has been a reason for debate, since many consider that it compromises the principles of decentralization. However, in this case it was justified by the magnitude of the escape of funds and the speed of the attack.

Phishing and theft of private keys, persistent threats

In addition to code failures, Certik reported that Other USD $ 47 million were stolen through phishing attacks. This type of scam consists in deceiving users to deliver their credentials of access to wallets or exchange accounts.

They also identified USD losses $ 11.6 million for private keys commitments, and USD $ 1 million associated with price manipulation in little liquid markets or exposed to malicious strategies.

While these last types of attack were less significant in volume, they continue to represent a threat to less experienced users or with poor security practices.

Context: Evolution of Web3 Security

During the last three years, the crypto industry has increasingly invested in audit and automation tools to reduce risks in intelligent contracts. Platforms like Cetik, Trail of Bits or Immunefi They have allowed to detect vulnerabilities before they are exploited, although the attackers continue to evolve.

Experts recommend following good practices such as the use of cold wallets, verification in multiple steps and avoid signing transactions without knowing their origin. Education remains a key axis to mitigate the impact of these incidents.

The report of Certik It serves as a reminder that, despite the technological and regulatory improvements, the ecosystem Blockchain It continues to be a high risk space where constant surveillance is essential.

Written article with the help of an AI content editor, edited by Angel Di Matteo / Diariobitcoin

Original image of Diariobitcoin, created with artificial intelligence, for free use, licensed under public domain.

WARNING: Diariobitcoin offers informative and educational content on various topics, including cryptocurrencies, AI, technology and regulations. We do not provide financial advice. Cryptactive investments are high risk and may not be adequate for all. Investigate, consult an expert and verify the applicable legislation before investing. I could lose all its capital.

Subscribe to our newsletter