Crypto hacks in September resulted in over $120 million in losses, with the top incidents targeting platforms like BingX, Penpie, and Indodax.
The crypto space has surpassed more than $120 million in losses in September due to more than 20 hacks, down 61.76% from August, according to data from blockchain forensic firm PeckShield.
In an X post on Oct. 1, PeckShield reported that BingX, a Singapore-based cryptocurrency exchange, was hit the hardest with over $40 million in losses, followed by Penpie at $27 million, and Indodax, which lost over $21 million. Other incidents included DeltaPrime, which saw $5.98 million stolen, and Truflation with $5.6 million in losses.
A phishing attack targeting $spWETH signatures resulted in an additional $32.4 million drain, though these figures were excluded from the overall tally. Partial funds were returned in the Shezmu hack, which saw $4.9 million stolen. Smaller hacks also impacted Onyx, BananaGun, Bedrock, and CUT, with losses ranging from $1.4 million to $3.8 million.
Over $400m lost in Q3
Despite the significant losses, the overall damage from crypto hacks was markedly lower compared to August, when the industry lost over $300 million worth of crypto in just 10 different incidents. In total, the crypto space saw a loss of nearly $413 million in Q3, per the latest report from web3 bug bounty platform Immunefi.
Data reveals that more than $409.9 million was lost to hacks across 31 specific incidents, and $3,087,552 was lost to fraud across only three specific incidents. Most of that sum was lost by two specific projects: WazirX, India’s crypto exchange, which suffered an attack that resulted in $235,000,000 lost, and BingX.
Analysts at Immunefi say that centralized finance was the main target of successful exploits at nearly 75% as compared to decentralized finance at 25.2% of the total losses. The most attacked blockchain network was Ethereum, with 15 incidents, followed by BNB Chain (formerly Binance Smart Chain) and Coinbase’s network Base.