InvestWorld

Q2 2023 Sees $204M Vanish in DeFi Hacks and Scams, Reports De.Fi

Q2 2023 Sees $204M Vanish in DeFi Hacks and Scams, Reports De.Fi

$204 Million Lost in DeFi Misappropriations

DeFi (decentralized finance) misdeeds in the form of hacks and scams resulted in losses surpassing $204 million during Q2 2023. This insight emerged from a June 27 report produced by De.Fi, the Web3 portfolio application.

In-depth Analysis: The Q2 De.Fi Rekt Report

The report, dubbed the “Q2 De.Fi Rekt Report”, partly derives its data from De.Fi's "Rekt Database". The total sum originally misappropriated during the quarter exceeded $208.5 million. However, approximately $4.5 million was eventually recovered through various means such as legal actions, negotiations with hackers, and other recovery strategies, leaving the total unrecovered amount over $204 million.

According to the report, Q2 witnessed a substantial surge in DeFi hacks, nearly seven-fold year-on-year. The quarter saw 117 incidents compared to a mere 17 during the corresponding quarter of 2022. The total losses amounted to over $665 million for the first half of 2023.

Major Hacks of the Quarter

The most devastating hacks of Q2 were directed at Atomic Wallet, Fintoch, MEV-Boost, Bitrue, and GDAC. The Atomic Wallet breach on June 3 accounted for about 17% of the total, or $35 million. Fintoch users lost $30.6 million due to a supposed rug pull, while the MEV-Boost attack resulted in a $26.1 million loss. Collectively, these three attacks were responsible for more than 45% of Q2's total losses.

The Common Causes of DeFi Losses

According to De.Fi, the most frequently observed cause of losses was "access control issues," where an attacker unlawfully seized control of a wallet. This led to $75.8 million in losses, accounting for a quarter of the total. Exploits followed, leading to $55.3 million in losses. Q2 also witnessed users losing $47.3 million through exit scams or rug pulls.

Interestingly, the losses from DeFi scams and hacks in Q2 were actually less than those in Q1. In April, CertiK reported that more than $320 million vanished from January to March.