Month in Review: Top DeFi Hacks of October 2024

October 2024 was quieter than the previous month. This month, only six incidents broke the $1 million threshold for a total of over $84 million in losses. Additionally, almost $20 million of this was later returned to the original wallet.

Biggest DeFi Hacks of October 2024

In October 2024, the following six DeFi hacks included values of over $1 million:

• EigenLayer Investor: An attacker took advantage of EigenLayer’s email-based process for getting blockchain wallet addresses for investors. By inserting themselves into the email chain, an attacker was able to substitute their own address for that of the investor, resulting in $5.7 million in tokens being sent to them instead.

• Radiant Capital: In October 2024, an attacker used social engineering to install malware on the devices of Radiant Capital developers. This malware was used to trick developers into signing malicious transactions that resulted in $50 million in losses.

• Tapioca DAO: Tapioca DAO also suffered a social engineering attack attributed to the Lazarus Group. The attacker gained access to private keys that allowed them to steal approximately $4.7 million in tokens.
  

• Unverified Base Contracts: Several unverified lending contracts on the Base chain suffered a price manipulation attack. An estimated $1 million was stolen from the contracts via excessive borrowing. 

• U.S. Government: A wallet controlled by the U.S. government experienced a suspicious transfer of $20 million in recovered funds from the Bitfinex hack. Of these, approximately $19.3 million were later returned to the U.S. government’s address.

• Sunray Finance: Sunray Finance suffered a $2.855 million hack in October 2024. The attacker gained access to private keys, enabling them to steal and sell SUN and ARC tokens.

Lessons Learned from the Attacks

In October 2024, the biggest threats to DeFi security were primarily off-chain. Instead of targeting smart contract vulnerabilities, most attackers compromised private keys, used malware, or redirected funds to their own wallets. Only one major hack targeting Base contracts involved on-chain exploits.

These threats highlight the importance of robust security programs that cover all aspects of a DeFi project’s operations. Training users to identify social engineering attacks, deploying anti-malware and endpoint security solutions, and establishing secure processes for sharing and verifying blockchain addresses are as important as performing smart contract audits. For help with ensuring that your project’s security protocols align with best practices, reach out to Halborn.