Losses from exploits, scams, and hacks have dropped to just $28.8 million in March – a staggering contrast to February’s jaw-dropping $1.5 billion spike following the Bybit hack. While the numbers still leave a bitter taste, the decline has drawn sighs of relief from beleaguered investors and security experts alike.
A Closer Look at March’s Loss Breakdown
According to blockchain security firm CertiK, March’s losses were largely driven by two main culprits: code vulnerabilities and wallet compromises. Code vulnerabilities alone were responsible for over $14 million in lost funds. Meanwhile, attackers using compromised wallets snatched upwards of $8 million from unsuspecting users. Perhaps the most significant single event was the $13 million smart contract exploit on March 25, targeting the decentralized lending protocol Abracadabra.money. Despite the protocol’s grand promises of safer margin trading, this exploit dramatically underlined that not all that glitters is gold in the DeFi market.
#CertiKStatsAlert 🚨
— CertiK Alert (@CertiKAlert) March 31, 2025
Combining all the incidents in March we’ve confirmed ~$28.8M lost to exploits, hacks and scams after ~$4.8m was returned in the 1inch Resolver incident.
~$4.5M of the total is attributed to phishing.
Figures exclude the reported ~$32m theft from a… pic.twitter.com/Q2BHujUJpk
Trouble in the Fine Print
CertiK’s report on March 27 went into technical detail about one particular exploit, explaining that an attacker was able to game the system via a flaw in RouterOrder. The perpetrators managed to borrow funds, liquidate themselves, and then allegedly borrow again – none of which were repaid. This nefarious cycle was facilitated by a failure in the liquidation process to properly overwrite records used as collateral, allowing the attacker to falsely secure additional funds after a liquidation. In a bold countermeasure, the protocols team offered a 20% bounty – double the standard 10% – in exchange for the return of the stolen assets, though no public updates have emerged yet on whether any funds have been recovered.
1inch and the Silver Lining
On a brighter note, although CertiK reported over $33 million was stolen throughout March, decentralized exchange aggregator 1inch managed to claw back a significant portion of its losses. In a noteworthy episode on March 5, 1inch negotiated a bug bounty agreement with an attacker, successfully recovering most of the $5 million that had been stolen during an exploit. This move provided a glimmer of optimism and a demonstration that coordinated responses can somewhat stem the tide of crypto thefts.
Other Losses and Lingering Shadows
Not all losses have been neatly resolved in March. The restaking protocol Zoth saw its deployer wallet compromised, resulting in over $8.4 million in crypto assets being siphoned off by the attacker. Meanwhile, an unknown Coinbase user reportedly lost 400 BTC – that’s approximately $34 million at current prices – according to crypto sleuth ZachXBT. Adding insult to injury, ZachXBT warned that phishing scams have been rampant, with over $46 million potentially lost in March due to tactics like address poisoning and wallet spoofing. Australian federal police even alerted around 130 individuals about a scam message that spoofed legitimate crypto exchange sender IDs, while reports emerged about fraudulent messages tricking users into setting up a new wallet with pre-generated recovery phrases.
Practical Tips to Stay Protected
In now all-too-familiar crypto fashion, the onus is always on the individual to safeguard their assets. Here are some handy tips:
• Double-Check Smart Contract Audits. Always verify that any new DeFi project has undergone a rigorous audit, especially if it’s built on forked or rapidly developed code.
• Secure Your Wallet. Use multi-factor authentication, maintain a dedicated email for crypto activities, and consider hardware wallets for enhanced security.
• Beware of Phishing. Be extremely cautious with unsolicited messages on platforms like X that claim to be from a trusted source; always verify through official channels.
• Monitor for Updates. Stay informed of any bounty programs or recovery efforts by reputable platforms. Platforms like 1inch can provide hope that not all losses are final.
• Use Reliable Tools. Use blockchain explorers and reputable security research to verify transactions and identify potential threats early.
FAQs
What factors contributed to the dramatic drop in losses from February to March?
- The decline—from $1.5 billion in February to $28.8 million in March—in part reflects fewer exploits and scams in March, along with successful recovery efforts such as those by 1inch.
What is RouterOrder, and why was it exploited?
- RouterOrder is part of the liquidation process in certain DeFi protocols. An oversight in overwriting collateral records allowed an attacker to borrow additional funds after liquidation, resulting in significant losses.
Can I recover funds lost in a crypto exploit?
- Recovery is challenging, but certain cases like the 1inch example show that coordinated bug bounty agreements can help recover stolen assets. However, prevention is far more effective than recovery.
Why are phishing scams still rampant in crypto?
- Phishing scams are effective because they exploit user trust and often mimic legitimate communications. Vigilance and using additional security measures such as two-factor authentication are needed.
Emmanuel Ekokotu
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL FM strongly recommends contacting a qualified industry professional.
