April’s Crypto Scams, Exploits and Hacks Lead to $103M Lost — CertiK

Crypto vulnerabilities, exit scams, and flash loan assaults continued unabated in April, with more than $103 million taken from crypto companies and investors.  CertiK, a crypto security and auditing business, published an April summary of crypto vulnerabilities, scams, and hacks on April 30, reporting a total loss of $103.7 million in April, increasing the year-to-date total loss to $429.7 million.

The month was notably blighted by big crypto exploits, such as $25.4 million lost owing to an exploit of multiple MEV trading bots on April 3, $22 million taken in a hot wallet vulnerability at the Bitrue exchange, and a $13 million loss due to a breach of the South Korean GDAC exchange.

According to CertiK, the sum lost to crypto and DeFi exploits in the month was $74.5 million, accounting for over half of the total $145 million exposed in the first four months of the year.

In addition, roughly $20 million was lost to flash loan assaults throughout the month, mostly by Yearn Finance, when a hacker exploited an outdated smart contract on April 13.

The blockchain security company said that total cash lost to exit scams reached $9.4 million in the month, with Merlin DEX losing $2.7 million as the top exit fraud. CertiK said on April 26 that it was looking into a “potential private key management issue” at the exchange.

Furthermore, the exit scam occurred after CertiK audited the protocol and warned about centralization issues. Following the attack, CertiK launched a compensation plan in which it urged the rogue developer to return 80% of the stolen funds in exchange for a 20% white hat bounty.

In April, there were over 50 crypto exploits, scams, hacks, and rug pulls, according to De. Fi’s Rekt Database. Furthermore, a large proportion of them was memecoin rug pulls.

The most recent was the Polygon-based Ovix protocol, which lost $2 million in an April 28 flash loan assault.