Crypto scams plunged 98% in March, but don’t pop the champagne just yet. While reported losses fell to $28.8 million from February’s alarming $1.5 billion, a closer look reveals that old threats are just wearing new disguises.
Blockchain security firm CertiK reported this dramatic downturn, noting February’s figures were inflated by the Bybit hack. However, digging into March’s data reveals code vulnerabilities as the biggest culprit, costing over $14 million, while compromised wallets drained over $8 million.
Among March’s notable incidents, Abracadabra.money, a decentralized lending protocol, suffered a $13 million smart contract breach on March 25. According to CertiK, the attacker exploited a flaw in the liquidation process. By repeatedly borrowing funds and liquidating their own positions, the attacker re-borrowed without repayment because the system’s RouterOrder records weren’t properly updated after liquidations.
Restaking protocol Zoth also got hit, losing $8.4 million after its deployer wallet was compromised. Decentralized exchange aggregator 1inch managed to claw back $5 million of the Zoth funds through a bug bounty. Adding to the crypto chaos, an unidentified Coinbase user reportedly lost 400 Bitcoin, valued at $34 million, in an unreported incident.
Phishing and spoofed crypto exchanges might account for over $46 million in potential losses, highlighting that despite the drop in reported scams, significant risks persist within the crypto ecosystem.
These events unfold against a backdrop of potential regulatory shifts under the Trump administration. Paul Atkins, Trump’s nominee for SEC chair, has voiced intentions to establish a “rational” regulatory framework for cryptocurrencies. In a Senate Banking Committee hearing, Atkins stated his top priority would be creating a “firm regulatory foundation for digital assets through a rational, coherent, and principled approach,” aiming for clarity and stability to curb future scams.