Just last weekend, two cryptocurrency platforms lost $90 million (R$ 447 million) after cybercriminals attack. The loss of Saddle Finance and FEI Protocol, which had US$ 10 million and US$ 80 million stolen, respectively, made the blockchain finance sector close April with more than US$ 370 million (R$ 1.8 billion) in cryptocurrencies. taken by hackers.
The balance is from the company CertiK, a cybersecurity specialist in web 3 projects, as it has been called the “internet of the future” based on blockchain, a technology known for storing and protecting virtual records in a decentralized way.
In addition to the attack last weekend, the month of April saw 31 cybercriminal actions against crypto or web3 projects, including the companies Beanstalk, Deus Finance and Bored Ape Yacht Club, famous for its NFTs — here’s how the technology works.
According to CertiK, the attacks were of different types, from exploiting data protocols to phishing users, which is the practice of luring victims with false information to access their data.
Cryptocurrency theft may have been bigger
According to a report in the Wall Street Journal, the amount stolen in cryptocurrencies throughout April could be even greater. That’s because a hacking attack on Beanstalk, a stablecoin project (a type of cryptocurrency), went beyond what was recorded in initial reports.
Initially, they estimated a loss of US$ 76 million (R$ 377 million). But, according to the publication, the hackers would have taken US$ 182 million (R$ 938 million) in digital assets. The incident was the fifth largest robbery ever seen in the area.
Until April 22 of this year, seven attacks of this type were registered. They netted criminals around US$2.9 billion (R$14.4 billion), already equivalent to 90% of the US$3.2 billion (R$15.8 billion) stolen in 2021.
Companies FEI Protocol and Saddle Finance (which merged with Rari Capital last year) offer money for hackers to return stolen funds
“For the attacker, please accept a $10 million bounty without explanation if you return users’ remaining funds,” wrote the EIF Protocol on Twitter.
Saddle is trying to do the same. On the social network, the company said it is trying to contact the hacker “to negotiate a reward”.
“If you are the intruder, please send us a DM.”
Paying a bounty to hackers is not a new strategy.
In 2021, after stealing US$ 600 million (R$ 2.9 billion) from the cryptocurrency platform Poly Network, a hacker, called by the company “Mr. White Hat” (Mr. all the money in exchange for US$ 486 thousand (R$ 2.4 million).
Earlier this year, a cybercriminal who stole more than $3 million from users of the Multichain blockchain service offered to return 80% of the stolen funds to victims, keeping the rest as a “tip” by devolution.