According to blockchain analysis firm CertiK, over $32.2 million was lost to crypto scams and security incidents in October, with vulnerabilities, exit scams, and flash loan manipulations among the leading causes.
In October alone, more than $32.2 million in user funds have been lost to security incidents and scams in the crypto market, according to blockchain analysis CertiK.
A large part of these incidents were vulnerability exploits, accounting for $22 million of the lost funds. Topping the list was the Fantom Foundation security breach, which alone saw hackers drain $700,000 in funds – mostly from an employee wallet. The hacker today moved the stolen funds into Tornado Cash.
Exit scams and rug pulls also accounted for $8 million of the lost funds in October. The biggest exit scam so far this month was the Standard Cross Finance one. The scam started as a gaming project that hired actors to act as developers and executives to steal $1.6 million from investors.
The scammers behind this were allegedly also involved in the Fontoch scam earlier this year, which stole $31.6 million from investors and users.
Flash loan scams accounted for $1.7 million in lost funds this month. In these schemes, malicious actors exploit the features of flash loans—where borrowing and repayment happen in a single transaction. Attackers use these loans to manipulate asset prices or exploit smart contract vulnerabilities, often leaving platforms or users at a financial loss.
The biggest flash loan scam this month was in Platypus DeFi, accounting for $2.2 million in loss. However, more than 80% of the funds were returned.