Hack Report

May 2024 Cybersecurity Crisis: $372.90M Stolen in High-Profile Hacking Incidents

cryptosummary

3 min read
May 2024 Cybersecurity Crisis: $372.90M Stolen in High-Profile Hacking Incidents

In the last calendar month, the cybersecurity landscape has been significantly impacted by a series of high-profile hacking incidents. The total amount of funds stolen amounted to a staggering $372.90 million, marking a critical period for the cybersecurity community.

Significant Hacking Incidents

Throughout the month, there were five major hacking incidents reported. Below is a detailed analysis of each affected project and the techniques used:

DMM Bitcoin

Amount Lost: $305.00 million
Hacking Technique: Private Key Compromised (Unknown Method)
Description of Technique: The attackers managed to gain access to the private keys associated with DMM Bitcoin. Private key compromises often occur due to weak key management practices or vulnerabilities in the cryptographic systems. In this case, the exact method remains unknown, but the result was a massive theft of funds.

ALEX

Amount Lost: $23.90 million
Hacking Technique: Private Key Compromised (Phishing)
Description of Technique: Phishing involves tricking individuals into providing sensitive information, such as private keys, by posing as a trustworthy entity. The attackers likely used deceptive emails or websites to gain access to ALEX's private keys, resulting in a significant financial loss.

Gala

Amount Lost: $22.00 million
Hacking Technique: Infinite Mint and Dump
Description of Technique: This technique involves exploiting vulnerabilities in a project's smart contract to mint unlimited tokens and then selling them off quickly. The attackers exploited a flaw in Gala's contract, allowing them to create and dump tokens, causing a substantial financial impact.

Sonne Finance

Amount Lost: $20.00 million
Hacking Technique: Flashloan Donate Function Logic Exploit
Description of Technique: Flashloan attacks involve borrowing large amounts of funds without collateral, exploiting vulnerabilities in smart contracts. In this case, the attackers manipulated the donate function's logic in Sonne Finance, enabling them to siphon off funds through a series of complex transactions.

pump.fun

Amount Lost: $2.00 million
Hacking Technique: Private Key Compromised (Unknown Method)
Description of Technique: Similar to the DMM Bitcoin incident, the private keys of pump.fun were compromised. The exact method remains unknown, but the attackers successfully accessed and drained the funds.

Comparison with Previous Month

In comparison to the previous month (April 2024), where six incidents resulted in a total loss of $63.11 million, May 2024 saw a significant increase. The amount stolen in May was $372.90 million, representing a staggering increase of 490.8% in the total funds lost. The number of hacking incidents also rose from five to six, indicating a heightened level of cybercriminal activity.

Comparison with Previous Year

When compared to the same month last year (May 2023), which witnessed five incidents and a total loss of $372.90 million, the current month's figures are identical in terms of the amount stolen. However, the number of incidents remains consistent, showcasing a persistent threat level in the cybersecurity landscape.

Comparison to Last 12 Months

Over the past 12 months, the total amount of funds stolen has fluctuated significantly. The highest loss was recorded in May 2024 ($372.90 million), while the lowest was in October 2023 ($3.47 million). The trend indicates a volatile cybersecurity environment, with occasional spikes in high-profile hacking incidents. Comparing the total losses from the last 12 months to the same period the previous year shows an overall increase in cybercriminal activity and financial impact.

Conclusion

The analysis of the last calendar month highlights the critical need for robust cybersecurity measures. With a total of $372.90 million stolen and five significant hacking incidents, it is imperative for projects to strengthen their defenses against increasingly sophisticated attacks. The comparison with previous months and years underscores a persistent and growing threat, emphasizing the importance of proactive and comprehensive cybersecurity strategies to safeguard digital assets.

Read more