- November was the worst month for crypto hacks in 2023, with over $363 million stolen.
- Exploits were the most common type of attack, accounting for over $316 million in losses.
- Poloniex, Kronos Research, and the HTX/HECO bridge were the most targeted platforms.
- Flash loan attacks and exit scams were also responsible for significant losses.
- The attacks on Poloniex, Huobi, and the HECO bridge may have been targeted due to their connection to Justin Sun.
2023 has been no stranger to hacks, rug pulls and thefts in the crypto space.
Just last week, about $50 million was stolen from a well-known DEX aggregator, with negotiations proving abortive.
According to a new insight from blockchain security firm, CertiK, however, saying that November has been a wild month is not us being paranoid.
CertiK in a recent post on Twitter, has just confirmed that the amount of hacks, thefts and crypto fraud for 2023 was especially severe in November.
Here’s what they mean.
The Major Exploits
CertiK says that overall, about $363 million was stolen in November, overshadowing the previous 2023 high in September, when hackers stole $329 million.
CertiK notes that out of these hundreds of millions stolen, exploits took the majority.
In essence, hackers mostly went after the inner workings of smart contracts, protocols or the platforms themselves.
These exploits, CertiK says, account for a total of $316.4 million of the total damage in November.
Overall, three incidents were the most visible, including
Hackers went after a flaw in Poloniex’s withdrawal system on 15 November, draining a whopping $131.4 million worth of several coins from its hot wallets.
The details of this hack are included here, as per PeckShield Alerts.
The cross-chain bridge between the Huobi Eco Chain (Heco) and Ethereum was attacked on Nov. 18.
During this attack, more than $80 million worth of USDT, ETH, USDC and several other tokens were stolen, as outlined by LookOnChain, here.
Soon after, the attackers also exploited the crypto exchange, Huobi, and made away with $26.4 million on 22 November.
This brings the total, stolen from HTX/HECO to about $113 million.
Targeted Attacks On Crypto Businessman, Justin Sun?
At the same time, it is curious how Huobi, Poloniex and the HECO bridge have some degree of connection to billionaire crypto businessman, Justin Sun.
Poloniex was founded in 2014 and bought over by Justin Sun’s TRON Foundation in 2019.
Huobi on the other hand, now known as HTX, was founded in 2013 and acquired by Justin Sun’s TRON Foundation in 2022.
It is currently one of the largest crypto exchanges by trading volume, and, in September 2023, it rebranded as HTX, emphasizing its integration with the TRON ecosystem.
Finally, HECO Chain was launched as a public blockchain in 2020 by Huobi Global (now HTX), and backed by TRON.
Most of the exploits in November seem to be targeted attacks, as mentioned by this pretty “interesting” tweet above.
And all we can do is speculate as to their origins and why they happened.
Other Ways Hackers Drained Wallets
CertiK highlighted several other ways that individuals and companies have lost money throughout November.
The most popular of these methods include flash loan attacks and exit scams.
CertiK notes that in November, flash loan attacks caused about $45.5 million in damage.
The KyberSwap attack was the most notable flash loan attack, in which the attacker exploited a flaw in the protocol’s withdrawal mechanism and left KyberSwap with a loss of $45 million.
CertiK also notes that in November, exit scams were responsible for $1.1 million in losses, as shown below:
Overall, the most prominent are the Poloniex, Kronos Research and the HTX/HECO bridge attacks.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information, but it will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.