Cryptocurrency scams and exploits are on the rise, as hackers and fraudsters take advantage of the growing popularity and volatility of digital assets. In May 2023, several incidents of crypto theft and manipulation led to a total loss of over $60 million, according to a report by CertiK, a blockchain security company.
According to On-chain Dectective ZachXBT, crypto investment platform Morgan DF Fintoch pulled off an exit scam and ran away with $31.6 million. The company lied about being owned by Morgan Stanley and hired a fake actor as its CEO. The Singapore Government and Morgan Stanley had warned about this scheme before.
Combining all the incidents in May we’ve confirmed ~$59.8M lost to exploits, hacks and scams.
Exit scams were ~$38.8M
Flash loans were ~$1.7M
Exploits were ~$19.3M
See more details below 👇 pic.twitter.com/vtfEBTqueB
— CertiK Alert (@CertiKAlert) May 31, 2023
Notable Hacks/Scams in May acordding to Certik
Another flash loan exploit hit the Jimbos protocol on May 28, resulting in a loss of 4,000 Ethereum (ETH) worth $7.5 million. The team offered a 10% bounty for the return of the stolen funds, but the hacker ignored it. The team is now cooperating with law enforcement agencies.
Some other incidents that occurred in the crypto space include the Tornado Cash (TORN) governance attack, which caused a sharp decline in the token price, and the Deus DAO burn function exploits, which led to a $6.5 million loss.
Moreover, meme coins that copy other projects are still a threat. One example was the launch of a token that mimicked $PSYOP. The original creator of $PSYOP, eth_ben, accused @3orovik of stealing his name and confusing the users.
Mixers are still a popular tool for hackers to launder their funds. Peckshield reported that as of May 31, 956 ETH and 8,410, BNB were transferred to Tornado Cash, while 450 BNB were sent to Fixed Float.
Other crypto scams and exploits in May included phishing attacks, fake giveaways, impersonation schemes, and malicious apps. For example, on May 18, a fake Elon Musk account on Twitter announced a giveaway of 10,000 bitcoins to celebrate Tesla’s acceptance of crypto payments. The account asked users to send a small amount of Bitcoin to a specified address and promised to send back double the amount. However, this was a scam and no one received any bitcoins back.
CertiK warned that crypto scams and exploits are becoming more sophisticated and frequent, as scammers take advantage of the lack of regulation and consumer protection in the crypto space. The company advised users to be vigilant and cautious when interacting with crypto platforms and services and to conduct thorough research before investing in any project.
CertiK also recommended users to use security tools and audits to verify the legitimacy and safety of crypto platforms and contracts.