KEY POINTS
- A fraud group resurfaced with a new scam project on the Blast blockchain network, as per SlowMist
- Multiple suspected rug pulls were also detected on the Ethereum network in the past week
- The Zest Protocol exploit was one of the major security exploits last week
More than $2.4 million was lost last week to a slew of security incidents in the cryptocurrency industry, including several rug pull projects, according to blockchain security firm SlowMist.
In its security report for the period of April 8 through April 14, data from SlowMist found that a total of $2,488,200 was lost to security incidents, including what it said was an "elaborate scam" pulled off by a fraud group on the Blast blockchain network.
The said fraud group, already notorious for exploits on Magnate, Solfire, Lendora and Kokomo among others, resurfaced on the Blast network through a new project called Leaper Finance, as per SlowMist.
"Leveraging approximately $1M of laundered funds from prior exploits, they artfully baited users with enticing liquidity, only to abscond with all deposited funds," the on-chain data analysis and security firm said Sunday.
Aside from the Leaper Finance exit scam, there was also a "rug pull rampage" on the Ethereum network. Projects Fake Truflation, Fake Monad, Fake Oasis AI and Fake Masa were all suspected rug pulls – a type of exit scam wherein developer/s raise money by selling an inflated token only to disappear after they've taken investors' funds – that collectively took over $1 million from investor-victims.
Another notable exploit in the past week was the hacking of the Zest protocol, SlowMist said. "Once a beacon of stability in the Bitcoin-native lending realm," Zest was exploited for a vulnerability wherein the attacker stole 324,000 in Stacks (STX) or approximately $897,480 from the protocol.
Zest has since released a statement in a series of posts on X (formerly Twitter) regarding the exploit, saying the "attack has been mitigated and user balances are safe." However, the protocol is frozen until further notice as the team works to relaunch it safely. It has since announced a reward of $100,000 for "anyone who leads us to the attacker and the funds."
Exploits in the crypto industry remain rampant, as hackers find new ways and evolve their strategies to pilfer funds from eager investors.
Among the latest exploits was that of crypto exchange FixedFloat, which was once again attacked by the same exploiters who took $26 million in Ether (ETH) and Bitcoin (BTC) from the exchange in February. The FixedFloat website has been down for "technical work" for the past two weeks following a second exploitation incident.
SlowMist previously revealed that there were total losses of some $139 million in the crypto sector last month. Nearly 47% of the major security incidents in March were associated with "insider malfeasance," the blockchain security firm noted.