The month was particularly bad for exploits, with the amount lost accounting for half of the total crypto exploited so far in 2023.
Crypto exploits, exit scams, and flash loan attacks saw little signs of letting up in April, with more than $103 million of funds stolen from crypto projects and investors in the month.
On April 30, crypto security and auditing firm CertiK posted an April roundup of crypto exploits, scams, and hacks, revealing total funds lost in April was $103.7 million, bringing the year-to-date total loss to $429.7 million.
The month was particularly marred with major crypto exploits, such as $25.4 million lost due to an exploit of several MEV trading bots on April 3, $22 million stolen in a hot wallet exploit at the Bitrue exchange and the hack of South Korean GDAC exchange leading to a loss of $13 million.
The total lost to crypto and DeFi exploits in the month amounted to $74.5 million, making up around half of the total $145 million exploited in the first four months of the year, according to CertiK.
The month also saw around $20 million lost to flash loan attacks, led mainly by Yearn Finance after a hacker exploited an old smart contract on April 13.
The blockchain security firm noted that total funds lost to exit scams reached $9.4 million in the month, with the top exit scam for the month being Merlin DEX which lost $2.7 million. On April 26, CertiK reported that it was investigating a “potential private key management issue” at the exchange.
Furthermore, the exit scam occurred after the protocol was audited by CertiK which warned about centralization issues. CertiK launched a compensation plan following the attack in which it urged the rogue developer to return 80% of the stolen funds with a 20% white hat bounty offered.
Related: One crypto wallet launched 114 dodgy memecoins in two months
According to De.Fi’s Rekt Database, there were over 50 crypto exploits, scams, hacks, and rug pulls in April. Moreover, a large portion of them was memecoin rug pulls.
The most recent was the Polygon-based Ovix protocol which lost $2 million in a flash loan attack on April 28.
Magazine: US enforcement agencies are turning up the heat on crypto-related crime