Sign in Subscribe

June 2024 Cybersecurity Breaches: $89.51M Stolen in Sophisticated Hacking Attacks

June 2024 Cybersecurity Breaches: $89.51M Stolen in Sophisticated Hacking Attacks

In the context of cybersecurity, June 2024 has been a significant month. The total amount of funds stolen this month is $89.51 million, a stark reminder of the vulnerabilities that persist in the digital landscape. This month saw six significant hacking incidents, each employing sophisticated techniques to breach defenses and siphon off substantial amounts of money.

Detailed Analysis of Hacked Projects and Techniques

BtcTurk

Amount Lost: $54.00M

Hacking Technique: Private Key Compromised

Description of Technique: In this attack, the private keys used to secure the cryptocurrency were compromised. Private keys are the cryptographic keys that allow users to access their funds. When these keys are exposed, hackers can easily transfer funds out of the victim’s account. The exact method of compromise remains unknown, but it underscores the critical importance of securing private keys.

UwU Lend

Amount Lost: $20.00M

Hacking Technique: Flashloan Price Oracle Attack

Description of Technique: Flashloan attacks exploit the temporary nature of flashloans, which are loans that must be repaid within the same transaction. By manipulating the price oracles—services that provide price data to smart contracts—hackers can artificially inflate the value of assets, allowing them to borrow more than they should and then quickly repay the loan, pocketing the difference. UwU Lend was hit twice using this technique, with an additional $3.70M lost in a subsequent attack.

Velocore

Amount Lost: $6.80M

Hacking Technique: Fee Overflow Exploit

Description of Technique: This exploit takes advantage of how fees are calculated and processed. By creating transactions that generate excessive fees, hackers can cause an overflow in the fee calculation, resulting in unintended behavior and the misallocation of funds. Velocore fell victim to this sophisticated manipulation, leading to significant financial losses.

Loopring

Amount Lost: $5.00M

Hacking Technique: Guardian 2FA Service Exploit

Description of Technique: The Guardian 2FA (Two-Factor Authentication) service is designed to add an extra layer of security. However, vulnerabilities in the implementation allowed hackers to bypass this protection. By exploiting weaknesses in the 2FA protocol, attackers gained unauthorized access to user accounts and transferred funds out of Loopring’s platform.

OKX NFT Aggregator

Amount Lost: $14K

Hacking Technique: Access Control Exploit

Description of Technique: Access control exploits target the mechanisms that restrict user permissions. By finding and exploiting flaws in these controls, hackers can gain higher levels of access than intended. In the case of OKX NFT Aggregator, this allowed unauthorized transactions, resulting in a loss of $14K.

Comparison with Previous Month

Compared to May 2024, which saw five hacking incidents with a total loss of $372.90M, June 2024 has experienced a decrease in both the number of incidents and the total amount stolen. The amount lost dropped by $283.39M, a decrease of approximately 75.96%. The reduction in financial damage is significant, yet the persistence of attacks highlights ongoing vulnerabilities.

Comparison with Previous Year

When comparing June 2024 to June 2023, the data reveals a stark increase in both the number of incidents and the total amount stolen. June 2023 experienced fewer attacks and lower financial losses, underscoring a worrying trend of increasing cyber threats over the past year.

Comparison to Last 12 Months

Analyzing the past 12 months, the total amount stolen fluctuated significantly. The highest losses were recorded in November 2023 ($331.25M) and the lowest in October 2023 ($3.47M). June 2024’s losses are considerable but not the most severe. The trend indicates that while the number of attacks varies, the financial impact remains substantial, requiring continuous vigilance and improvement in cybersecurity measures.

Conclusion

June 2024 has been a critical month in the context of cybersecurity. The detailed analysis of the hacked projects and techniques used highlights the sophisticated nature of these attacks and the substantial financial damage they cause. The comparative analysis with previous months and years shows a fluctuating but persistent threat landscape. It is imperative for organizations to strengthen their cybersecurity measures to mitigate these risks and protect their assets from increasingly sophisticated cyber threats.