Hackers and crypto miners appear to have cooled off during the 2022 holiday season. December marks the “lowest monthly total” with $62.2 million in stolen cryptocurrencies, according to CertiK.
The blockchain security firm released a list on December 31 revisiting the biggest attacks of that month. He pointed out that Exit Scams was the top performing attack strategy this month with $15.5 million. $7.6 million was stolen in so-called flash loan exploits.
Combining all incidents in December, we confirmed the loss of approximately $62.2 million due to exploits, hacks, and scams.
The lowest monthly figure this year.
Exit scams cost about $15.5 million
Flash loans were around $7.6 million
See details below pic.twitter.com/1ub3mYVv6K
— CertiK Alert (@CertiKAlert) December 31, 2022
January 1st was in another Tweeter confirms that the top 23 exploits account for about 98.5% of the total. The Dec. 2 Helio Protocol situation accounted for the biggest chunk at $15 million.
The protocol behind Stablecoin HAY (HAY) suffered losses as a trader took advantage of a price gap.
The DeFi protocol Ankr, which also had an exploit, plays a role here. Trader Helio borrowed 16 million HAY tokens and was able to make a huge profit. This led to the destabilization of the stablecoin protocol.
The second largest case of the month, $12.9 million, was stolen in an exploit on Defrost Finance’s v1 and v2 protocols on December 23. Here the hacker uses a flash loan attack to flush the log.
A few days after the exploit, the hacker returned the protocol funds v1. Money from hack v2 is always stolen.
CertiK called this exploit an “exit scam” because such an attack requires an administrator key. Defrost denied these claims to Cointelegraph, stating that the key had been compromised.
The December figures are significantly lower than the previous month, more precisely they are down 89.5%. In November, the FTX crypto exchange hack, in which $477 million was stolen, was considered the biggest event.
36 major attacks were recorded in November totaling a loss of approximately $595 million.
As always, make sure a project has an audit and KYC before investing!
— CertiK Alert (@CertiKAlert) December 1, 2022
In total, in 2022, the top 10 exploits alone cost multiple protocols and trade $2.1 billion. The victims were overwhelmingly cross-chain bridges and DeFi protocols.