News
Hackers stole $93M from crypto projects in April Hackers stole $93M from crypto projects in April

Hackers stole $93M from crypto projects in April

In monetary value, the biggest exploit was the sandwich attack on maximal extractable value (MEV) bots that resulted in a $25 million loss.

Hackers stole $93M from crypto projects in April

Cover art/illustration via CryptoSlate

Upland: Berlin Is Here!

Crypto exploiters stole $93.4 million from 41 exploits on crypto projects — averaging more than one exploit daily, according to Peckshield data.

According to the blockchain security firm, this represents a significant decline compared to the amount stolen in March. At the time, hackers stole over $200 million from decentralized finance projects. However, it is still significantly higher than the $35.3 million stolen in February.

Crypto Exploits
Source: Peckshield

Meanwhile, DeFillama data showed that DeFi projects lost $276.4 million during the first quarter of the year.

The exploits

In terms of monetary value, the biggest exploit was the sandwich attack on maximal extractable value (MEV) bots that resulted in a loss of $25 million. CryptoSlate reported that USDT issuer Tether blacklisted the validator address that drained the bots — drawing criticism from the crypto community.

Meanwhile, MEV bots have long been controversial in the industry, considering their penchant for extracting value from crypto traders. According to the MEV blocker, these bots have extracted over $1.38 billion from blockchain network users.

For context, one anonymous MEV bot operator, Jaredfromthesubsway, made more than $1.4 million by sandwiching transactions of crypto investors trading meme coins.

Meanwhile, Singapore-based exchange Bitrue lost almost $23 million in a hack after one of its hot wallets was compromised. Another centralized exchange Gdac was exploited for $13 million.

Additionally, multiple decentralized finance protocols were victims of various hacks within the month. The affected projects included Yearn Finance, Hundred Finance, SushiSwap, 0vix Protocol, and Terraport.

The most notable in recent days was the zkSync-based decentralized exchange Merlin DEX which lost roughly $2 million to rogue developers. Blockchain security firm CertiK audited the project before its launch and has promised to refund impacted users.

Meanwhile, hackers are still relying on mixers to move their ill-gotten funds. As of April 30, malicious players transferred over 1,000 ETH and 2,515 BNB into Tornado Cash, while 203 ETH were sent to Fixed Float.

Posted In: , DeFi, Hacks