- One of the biggest is the flash loan reentrant attack against Platypus Finance.
- DefiLlama covered seven notable hacks for February.
- The first hack in February was the price oracle attack on BonqDAO.
according to data Over $21 million in cryptocurrency was stolen by DeFi platform hackers in February from DeFi aggregator DefiLlama.
In a data report, DefiLlama uncovered seven major hacks worth $21 million.
7 Major DeFi Hacks of February
1. $1.7 Million BonqDAO Hack
The Bonq protocol was exposed to an oracle attack on February 1, 2023, allowing hackers to manipulate the price of the AllianceBlock (ALBT) token.
Hackers changed the price of the ALBT token upwards, created a large amount of BEUR, and exchanged it for other tokens on Uniswap. The hacker then lowered the price of his ALBT to almost zero, causing the liquidation of ALBT Trovers.
In the process, the hackers were only able to steal about $1 million due to lack of liquidity.
2. The $3 Million Orion Protocol Hack
The next day (February 2, 2023), the decentralized exchange Orion Protocol lost about $3 million due to a re-entry attack.
Hackers used malicious smart contracts to repeat withdrawal orders and steal funds.
3. The $3.65 Million dForce Network Hack
On February 10, white hat hackers stole approximately $3.65 million in cryptocurrency. However, the hackers later returned all the funds.
dForce confirmed the return of the funds on February 13, stating:
“On February 13, 2023, the stolen funds were fully returned to Multisig in both Arbitrum and Optimism. A perfect ending for all.”
4. Hacking of $9.1 million Platypus Finance
DeFi protocol Platypus Finance lost about $8.5 million in a February 16, 2023 flash loan attack.
A post-mortem analysis of the hack revealed that the hackers utilized the code in the wrong order.
The Platypus Finance team later confirmed the second and third exploits, resulting in an additional loss of $667,000, bringing the total loss to approximately $9.1 million.
However, French police arrested two suspects in connection with the hack and seized approximately $222,000 in cryptocurrency assets on February 25.
5. The $2 Million Dexible Hack
On February 17, multi-chain exchange aggregator Dexible lost nearly $2 million worth of cryptocurrency after the aggregator was attacked by hackers targeting the app’s self-swap feature.
Hackers were able to exploit the app’s latest smart contract vulnerability to steal funds from wallets that had unused spending authorizations in the contract. The attacker withdrew tokens to his unknown BNB wallet address via Tornado Cash.
6. $1.86 million Hope Finance hack
On February 20, Hope Finance, an arbitrum-based algorithmic stablecoin project, lost nearly $2 million due to a smart contract exploit.
Funds were stolen from the user’s account.
7. The $700,000 LaunchZone Hack
The LaunchZone hack, which plunged the price of the protocol’s native token, LaunchZone (LZ), was the last major DeFi hack in February. That happened to him on February 27th, resulting in a loss of around $700,000 in cryptocurrencies.
Hackers reportedly took advantage of unverified smart contract vulnerabilities to exfiltrate assets from the platform.
DefiLlama’s February numbers show an uptick from January’s figure of $740,000 due to two DeFi hacks by ROE Finance and Midas Capital.
according to Crypto Crime Report, the DeFi protocol lost about $3.1 billion worth of crypto assets to hackers in 2022. That’s over 82% of the total funds lost to hacks across the wider cryptocurrency market.