Losses linked to cryptocurrency scams, exploits, and hacks fell significantly to just $28.8 million in March, a stark decrease from February’s alarming total of $1.5 billion following the Bybit incident.
The bulk of the losses—over $14 million—were attributed to code vulnerabilities, while wallet breaches accounted for more than $8 million in stolen funds, as reported by a blockchain security firm on April 1.
The most notable incident of the month was the $13 million exploit that occurred on March 25 involving a smart contract of the decentralized lending protocol Abracadabra.money.
In a report released on March 27, the same security firm stated, “The attacker was able to borrow funds, liquidate themselves, and then borrow again without repaying them.” They explained, “This was possible because the liquidation process did not update records in RouterOrder that were marked as collateral, enabling the exploiter to falsely borrow extra funds post-liquidation.”
The protocol’s team has since promised a 20% bounty, which is double the usual 10%, for the return of the stolen assets. However, there have not been any public updates regarding whether any funds have been returned yet.
The second largest loss of the month involved the restaking protocol Zoth, where the deployer’s wallet was breached, allowing the attacker to withdraw over $8.4 million in crypto assets.
March Crypto Losses Declined After Some Funds Were Recovered
Some of the stolen amounts from March were returned. Overall, the security firm reported that over $33 million was taken during the month, but the decentralized exchange aggregator 1inch successfully negotiated a bug bounty with an attacker, recovering most of the $5 million lost in a March 5 exploit.
However, these totals do not factor in an unknown user on a major exchange who, according to crypto analyst ZachXBT, lost 400 Bitcoin (BTC), valued at around $34 million. Additionally, ZachXBT indicated that phishing scams pretending to be crypto exchanges could have led to losses exceeding $46 million in March.
Australian federal police revealed on March 21 that they had to notify 130 individuals about a message scam targeting crypto users, which used the same "sender ID" as legitimate exchanges.
On March 14, users also reported receiving messages impersonating crypto exchanges, attempting to fool them into creating new wallets using pre-generated recovery phrases controlled by the scammers.