September 4th, 2023
Compared to the chaos of July, August 2023 was a relatively quiet month for DeFi hacks and rug pulls. That said, there were several large hacks and thefts that occurred that month.
Several DeFi protocols were exploited due to a range of vulnerabilities in August 2023. Some of the biggest hacks that month included:
Steadefi: The Steadefi Protocol was exploited for about $1.1 million. The attacker gained access to the project’s private keys, which granted them access to certain privileged functions and the ability to drain funds from the protocol.
Cypher Protocol: An attacker exploited a couple of vulnerabilities in the Cypher Protocol’s smart contracts in August 2023. By exploiting how master and sub-accounts interact, the attacker was able to steal about $1 million from the protocol.
Zunami Protocol: The Zunami Protocol’s smart contracts contained a price manipulation vulnerability that was exploited in August 2023. By manipulating the value of the pool and creating slippage, the attacker was able to steal an estimated $2.1 million.
Exactly Protocol: The Exactly Protocol was an Optimism-based project that was hacked via a smart contract exploit. Weak validation checks enabled the attacker to drain about $7 million from the protocol.
August also had a couple of rug pulls with values over $1 million, including:
LayerZero Token: A fake LayerZero token on BSC performed a rug pull. The team stole 4,828 worth about $1 million.
Magnate Finance: Magnate Finance was a project hosted on base that was associated with several past rug pulls. The creator extracted an estimated $6.4 million in tokens from the protocol.
The August 2023 DeFi hacks were enabled by a wide range of vulnerabilities, including weak validation checks, price manipulation, and business logic errors. These are mostly well-known types of vulnerabilities that could have been found and fixed via a smart contract audit. In the case of the August rug pulls, several appeared to be obvious scams.
To learn more about identifying the warning signs of a rug pull, check out our blog on 7 Warning Signs of a Crypto Exit Scam.