Rob Behnke
June 3rd, 2024
After a relatively slow April, DeFi hackers pulled out all of the stops in May 2024. A total of seven hacks grossed losses of over $600 million. This included a hack of a centralized exchange that was the largest hack in over one year.
Compromised private keys featured heavily in May 2024’s hacks. The biggest hacks of this month included the following:
Crypto Whale: On May 3, a crypto whale suffered an address poisoning attack with losses of 1155 WBTC or about $70 million. However, the stolen funds were later returned by the attacker.
GNUS: Fanom-based GNUS suffered a $1.27 million hack in May 2024. The attacker exploited a vulnerability to mint fake GNUS tokens on Fantom, transferred them to Ethereum, and sold them in liquidity pools.
Sonne Finance: Sonne Finance was targeted by a flashloan that exploited a well-known bug in forks of Compound Finance. The attacker exploited flaws in the process used to manage this vulnerability to steal $20 million from the project.
AlexLab: AlexLab is a Bitcoin-based DeFI project that experienced a $4.3 million hack in May 2024. The likely cause of the attack was a compromised private key associated with the project’s cross-chain bridge.
pump.fun: pump.fun experienced a combined access control and flashloan attack in May 2024 when a former employee used their privileges to attack the protocol. In total, approximately $1.9 million was stolen from the protocol.
Gala Games: In May 2024, Gala Games experienced a hack due to a private key leakage of a privileged account. The attacker used this access to mint 5 billion GALA tokens worth about $200 million, which they exchanged for Ether.
DMM Bitcoin: DMM Bitcoin is a centralized Japanese cryptocurrency exchange. On May 31, 2024, the exchange suffered a breach that caused 4,502 BTC worth $304 million to be transferred from the attack. This was the largest blockchain hack since December 2022.
In May 2024, roughly half of the biggest hacks of the month involved compromised private keys. With access to a privileged account, an attacker can bypass access controls or directly transfer cryptocurrency out of that account.
Projects and individuals can manage the risks of these attacks by implementing private key management best practices. Using a multi-sig wallet and storing essential keys in cold wallets helps to minimize the security risks to these protocols.
For help in protecting your project against attackers, get in touch with Halborn.