Crypto-related exploits, hacks, and scams in May resulted in significant financial losses, reaching nearly $60 million, as confirmed by blockchain security firm Certik. Various malicious activities such as exit scams, flash loan attacks, and DeFi protocol exploits contributed to the overall loss. The cumulative malicious losses for the year now stand at $489.57 million, with May’s figures representing a decrease compared to the previous month.
One noteworthy incident reported by on-chain Detective ZachXBT involved an exit scam by the crypto investment platform Morgan DF Fintoch, which allegedly stole $31.6 million. The company employed deceptive practices, including false claims and the use of a paid actor as its CEO, as revealed by CryptoSlate.
On May 28, the Jimbos protocol experienced a flash loan exploit that resulted in the loss of 4,000 Ethereum (ETH), amounting to approximately $7.5 million. The Jimbos team, in response, has initiated collaboration with law enforcement agencies after their 10% bounty offer to return the stolen funds went unanswered.
Two other significant incidents include the governance attack on Tornado Cash (TORN), which caused a considerable drop in the token price, and the exploit of the Deus DAO burn function, leading to a loss of $6.5 million.
In addition to these events, the proliferation of copycat meme coins remains problematic. One instance involved the launch of a token imitating $PSYOP, where the creator of the original token, eth_ben, accused @3orovik of appropriating the PSYOP name. This situation made it challenging for users to differentiate between the two tokens.
Hackers continue to exploit mixers as a means to launder their illicitly acquired funds. As of May 31, Peckshield reported that malicious actors had transferred 956 ETH and 8,410 BNB to Tornado Cash, while an additional 450 BNB were sent to Fixed Float. These incidents highlight the ongoing challenges in maintaining the security and integrity of the crypto industry.