According to statistics from the SlowMist Hacked Archive, in March 2024, there were 33 security incidents within the Web3 ecosystem, resulting in total losses of approximately $139 million.
The causes of these incidents spanned “a range of vulnerabilities, including smart contract flaws, insider malfeasance, flash loan attacks, private key leaks, and account theft.”
Main Incident
WOOFi Exploit
On March 5, 2024, the decentralized exchange (DEX) WOOFi, “operating on the Arbitrum network, was exploited through its Smoothed Price Moving Mechanism (sPMM) algorithm that controls the pricing of WOOFi trades.”
This exploit was orchestrated using “a series of flash loans, where the attacker manipulated the price of the WOO token due to low liquidity, and subsequently repaid the flash loans at a lower price.”
The attacker repeated this process three times in “a very short span, ultimately stealing approximately $8.75 million after repaying the flash loans.”
Unizen
On March 9, 2024, the DeFi trading platform Unizen suffered “a loss of approximately $2.1 million in USDT due to an attack that exploited a vulnerability in the platform’s smart contract’s external calls. By March 12, Unizen’s CTO, Martin Granström, announced via Twitter that $185,000 worth of stolen funds had been recovered from four hackers.”
Mozaic
Mozaic, a DeFi project, “was attacked on March 15, 2024, resulting in the theft of about $2 million.”
The project attributed the theft “to a developer who managed to obtain private keys held by core team members. Mozaic also stated that about 90% of the stolen funds had been frozen on the MEXC exchange.”
Remilia
On March 17, 2024, the hot wallet and multisig vault of Remilia, the parent company of Milady, were compromised, “leading to the transfer and sale of multiple official Remilia wallet assets. Charlotte Fang, founder of Milady, reported being targeted by hackers.”
Despite the financial department’s use of multisig, the private keys “stored in a password manager were compromised.”
The attackers stole “approximately 490 Ethereum (about $1.8 million), $58,000 in USDC, over 130 Milady NFTs, 320 Remilio NFTs, and several hundred derivative tokens issued on the NFTX platform, valuing the assets at over $6 million at their lowest price.”
For a complete breakdown of all other reported security breaches from SlowMist, check here.
In the 33 security incidents “reported this month, four projects (Munchables, Super Sushi Samurai, Dolomite, and Unizen) successfully recovered approximately $68.46 million of stolen funds.”
This month, three incidents of insider malfeasance “resulted in losses of $65.4 million, accounting for 46.9% of the total funds stolen.”
The SlowMist security team strongly advises projects “to thoroughly review their internal security measures and strengthen access controls for sensitive information and assets.”
Additionally, eight incidents “involving smart contract vulnerabilities led to losses of about $36.89 million.”
The SlowMist team recommends that project “to remain vigilant, conduct routine security audits, and promptly address new security threats and vulnerabilities to limit potential losses.”
Lastly, the incidents documented in this update “represent the major security events of the month; incidents involving individual users are not included in this summary.”
At SlowMist, they aim on “being a frontrunner in blockchain security, dedicating years to mastering threat intelligence.”
Their expertise is grounded in “providing comprehensive security audits and advanced anti-money laundering tracking to a diverse clientele.”