The digital asset industry witnessed many unprecedented events in 2022, making it one of the worst years in crypto history. Despite the challenges, cybercrime activity significantly reduced in December compared to previous months, like October, which saw a surge in crypto hacks and thefts.
According to blockchain security firm CertiK, the industry suffered losses of approximately $62.2 million in December, making it the lowest monthly figure in 2022.
Cybercrime Activity Decreases in December
Blockchain intelligence firm Chainalysis disclosed that the industry lost more than $3 billion across 125 hacks from January to October 2022.
However, crypto thefts slowed down in December, with only a few companies impacted. While October had 11 exploits within the first two weeks, leading to more than $500 million in losses, December only saw 11 attacks throughout the month.
Some of the victims of crypto theft in December included the Helium Protocol, Defrost Finance, BitKeep, Ankr, Lodestar, and the Raydium Protocol, which lost approximately $15 million, $12.9 million, $8 million, $7 million, $6.5 million, and $5.5 million, respectively.
Combining all the incidents in December we’ve confirmed ~$62.2M lost to exploits, hacks and scams.
The lowest monthly figure this year.
Exit scams were ~$15.5M
Flashloans were ~$7.6M
See the details below 👇 pic.twitter.com/1ub3mYVv6K
— CertiK Alert (@CertiKAlert) December 31, 2022
Flash Loan Attacks and Rug Pulls Amount to $23M
Aside from crypto hacks, the industry suffered losses of around $7.6 million due to flash loan attacks and $15.5 million in exit scams, also known as rug pulls.
Exit scams occur when software developers create and launch a project only to abandon it after attracting wealthy investors to the platform.
One example of this scam is the alleged rug pull on the Defrost Finance platform on December 23. The DeFi protocol reportedly suffered a flash loan attack on its V2, leading to the loss of millions of dollars belonging to users.
While blockchain security firm CertiK claimed that the attack was an exit scam after conducting investigations, cryptocurrency security company Peckshield also alleged that it was a rugpull, having received intel from the community before the incident.
DeFi-focused security company DeFiYieldSec also alleged that an insider perpetrated the attack, claiming that the multi-sig wallet used to request an oracle change before the attack belonged to the protocol’s creator.
However, on December 29, Defrost Finance denied these allegations, calling them “slanderous and inaccurate.” The protocol said it has recovered the funds and plans to redistribute the stolen assets to affected users.