Quantstamp, a decentralized finance (DeFi) security firm, has determined which five smart contract protocols saw the greatest losses in January due to hacker and exploit attacks.Quantstamp noted in a post on the social networking platform X that $38.9 million in damages were incurred in January as a result of malicious actors’ use of a variety of attack techniques, including key breaches, smart contract hacks, and frauds.
Early in January, Radiant Capital suffered losses of $4.5 million due to a flash loan assault.The problem was traced to a “known rounding issue” in the Compound/Aave codebase as of right now, according to blockchain security company PeckShield.In order to address the issue, the DeFi lender suspended its USD Coin pool on Arbitrum.Radiant made it clear that user monies were safe, and following an inquiry, business as usual was restored.
On January 4, just hours after the Radiant attack, Gamma Strategies was also the target of a flash loan attack that led to a coding fault that let hackers to steal $6.1 million from Gamma’s vaults that were visible to the public.Gamma momentarily stopped deposits to resolve the problem, which closed the vulnerability.On January 12, a flash loan assault cost Wise Lending at least $460,000.This was the second attack on the protocol in six months, and the exploit entailed changing the pricing oracle that Wise Lending employed.170 Ether were removed from the Web3 lending app.
A security flaw in user verification input resulted in a breach of Socket, a multichain protocol, on January 16.Because of this, hackers were able to take almost $4 million worth of approximately 2,000 ETH.But as part of its strategy to return customer cash, Socket was able to retrieve 1,032 ETH, or roughly $2.3 million, and paid all impacted users.A flash loan assault at Goledo Finance resulted to the theft of $1.7 million in a security breach akin to Gamma’s exploit.As of January 28, Goledo has declared a prize for the restoration of the monies, and negotiations with the offender are still ongoing.
The hacker’s centralized exchange accounts were declared frozen by the lending protocol.Goledo has informed local law enforcement of the situation and is assessing the magnitude of the loss in order to create a recovery plan.The Goledo group has outlined its payment procedure for the retrieval of user assets.Users can submit their claims via a Google form that the team has made available.