The number of exits from scam projects has also risen sharply this month, up 375.5% compared to October. A total of 35 incidents were recorded in November with a total loss of approximately $29.877 million, compared to 26 incidents in October with a loss of approximately $7.2 million.
The number of flash loan attacks was halved compared to the previous month at 8, but the losses increased: $5 million was lost this month, compared to just $1 million in October.
We can also see that the number of Discord and related scam projects has decreased in recent months: 12 incidents were recorded this month, compared to 97 in August and 57 in September.
Of the 62 incidents recorded this month, 35 were exit scams, 8 were flash loan attacks, and 19 were classified under the “Other” category.
large attack
There were 36 large-scale attacks in November, equal to the number of attacks in June. The average loss per attack was about $16.551 million, a significant increase from the average loss of $7.267 million for attacks in October.
The largest attack this month was the FTX hack, which caused a total of $477 million in damages. Shortly after FTX filed for bankruptcy on November 11, 2022, FTX’s general counsel, Ryne Miller, tweeted that they were “investigating anomalies.” The next day, Ryne Miller reported on Twitter that the company had “activated precautionary measures” and moved all of its project assets to cold storage, meaning the project asset wallets were no longer connected to the internet.
There are many theories about how the hack happened, but most reports suggest it was an insider act. FTX is the second largest attack of the year, after the Ronin Bridge ($624 million) incident in March. The FTX incident is still under investigation, and it is expected that it will take quite a while before the truth comes to light.
The second largest attack this month was the theft of the hot wallet of the Deribit exchange on November 2, 2022. A whopping $28 million was lost due to private key leaks, making it the third largest private key breach in 2022. The Deribit exchange said the loss will be covered by company reserves, so user funds will not be affected. The Deribit exchange claims to keep “99% of user funds in cold wallets to limit the impact of these events.” Apart from that, they also stated that operations have not been affected by the incident as withdrawals are now impossible for any hackers due to the additional manual confirmation required.
The third largest loss in November 2022 was caused by the Flare exit scam that occurred on November 13, totaling $18.5 million. This project does not have any social media accounts and is not affiliated with Flare Networks. As of now, the deployers of the scam are laundering money in Tornado Cash.
exit scam
In November 2022, losses due to exit scams amounted to $29.877 million, a 375.5% increase from October. These losses came from 35 incidents that were confirmed by CertiK, which represents a 40% increase in the number of exit scams compared to the previous month.
Let's take a look back at the 11 months that have passed this year, 6 of which have resulted in $6-$8 million in losses to exit scams. That said, it's not uncommon for exit scam losses to be high in November. That’s because FLARE’s $18.5 million in losses in exit scams this month accounted for the bulk of November’s exit scam losses.
In addition, in the data recorded by CertiK, as in previous months, money laundering of project assets is still frequent this month, but such incidents are not included in our monthly statistics.
Flash loan attack
Compared to October, there were fewer flash loan attacks this month, but losses were higher. The total number of flash loan attacks was eight, with a total loss of $6 million, compared with 16 flash loan attacks in October, with a total loss of $1 million. Additionally, the average loss per attack in November was $637,000, compared to $98,000 in October.
The largest flash loan attack this month was the DFX Finance attack.
At 4 a.m. on November 11, 2022, the DFX Finance swap contract was attacked, resulting in a loss of about $5 million.
The attacker took advantage of the flawed flash loan mechanism in the swap contract to bypass the check of repaying the flash loan by depositing tokens into the contract, and then withdraw the token from the contract after completing the flash loan. The vulnerability is caused by a contract design problem, that is, the contract does not take into account that the token of the flash loan can be used to deposit and eventually "repay" the flash loan.
Discord and related scams
Discord attacks in November have been on the decline for 5 consecutive months, with only 12 incidents recorded, but we still need to be vigilant.
write at the end
On a monthly basis, November is the second-highest month in 2022 for the amount of money lost to hacks, bugs, and off-the-wall projects.
The main reason for the higher amount of losses is that the hack of the FTX exchange caused a loss of $477 million, and this incident alone accounted for 79% of the total funds lost for the month. Without the incident, November's total loss would have been $119.5 million, the third-worst 11-month period this year.
In addition, in each month of 2022, there will be more or less one or two events with extremely high losses, which will cause the total loss amount in a single month to be too large.
Overall, November was the second-highest month this year for the amount of funds lost due to large-scale attacks, a result that is inseparable from the "hard work and dedication" of extreme attacks.
