Halborn Logo

// Blog

Month in Review

Month in Review: Top DeFi Hacks of January 2024


Rob Behnke

February 2nd, 2024

After a relatively slow December — potentially due to cybercriminals taking time off for the holidays — DeFi hacks returned in full force in January 2024. This month saw ten hacks with values over $1 million.

Top 10 DeFi Hacks of January 2024

The biggest DeFi hacks of January 2024 resulted in cumulative losses of over $50 million. The victims of these large-scale thefts include:

  1. Narwhal: Narwhal suffered a hack for an estimated $1.5 million. The cause of the attack is likely a compromised private key or a rug pull.

  2. Concentric Finance: Concentric Finance was the victim of a social engineering attack targeting a member of its team. By compromising the deployer wallet, the attacker was able to upgrade the project’s contracts and drain an estimated $1.7 million from them.

  3. Goledo Finance: Goledo Finance suffered a flashloan attack in January 2024. The attackers got away with an estimated $1.7 million from the project’s lending pool.

  4. Socket Protocol: The Socket Protocol was exploited in an attack that took advantage of poor input validation. Maliciously crafted input netted the attacker an estimated $3.3 million.

  5. Radiant Capital: Radiant Capital was the victim of a flashloan attack in January 2024. The attackers stole an estimated $4.5 million from the protocol by exploiting a newly-opened lending market on Arbitrum.

  6. Gamma: Gamma was also a victim of a flashloan attack that exploited vulnerabilities in the price change thresholds designed to protect against the attacks. The attackers targeted the project’s vaults on Arbitrum and stole an estimated $6.18 million.

  7. Abracadabra Money: An exploit of Abracadabra Money’s Cauldron’s V3 and V4 took advantage of vulnerabilities allowing unauthorized MIM borrowing. The attackers stole about $6.5 million before the issue was addressed.

  8. GMEE: GMEE suffered a supply chain attack in which the attacker accessed a vulnerable, old GitLab repository. This repo contained a private key that allowed the attacker to drain $7 million from the project.

  9. Coinspaid: In January 2024, Coinspaid suffered its second hack within six months. The payments processor lost an estimated $7.5 million in the breach.

  10. Somesing: Somesing, a Web3 music platform from South Korea, suffered a hack in January 2024. The attacker stole approximately $11.58 million worth of the project’s native SSX token.

Lessons Learned from the Attacks

The biggest DeFi hacks of January 2024 involved a variety of attack vectors. However, flashloan exploits featured prominently, accounting for several hacks. In some cases, the targeted protocols had defenses in place against the well-known threat; however, the attackers identified ways to bypass or overcome them.

As usual, many of these major DeFi hacks targeted unaudited protocols or ones where the exploited functionality was outside of past audits. To protect your protocol from making the list of a future month’s biggest hacks, get in touch.