DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report

Brian Yue
Last updated: | 1 min read
DeFi exploit

February 2024 witnessed the DeFi sector grappling with security exploits that led to losses exceeding $82 million.

A report sent to Cryptonews by Web3 app and antivirus solution De.Fi noted that $82,287,101 was lost, with just $1,325,932 recovered.

The biggest DeFi security exploit in February happened in the Ethereum-based Play-to-Earn game PlayDapp, causing a loss of $32.3 million on Ethereum.

PlayDapp faced a major security breach with compromised private keys, resulting in the unauthorized minting and theft of 1.79 billion PLA tokens. The attacker added a new minter to PlayDapp, converting tokens into $32 million USD, then proceeded to disperse stolen funds across various addresses.

Access Control Issues Leading Cause in DeFi Exploits


Access control issues dominated the past month, accounting for $72,823,472 in losses across four cases.

“Proper access control mechanisms are essential to ensure that only authorized users can perform sensitive operations, thereby preventing unauthorized access or manipulation of funds,” De.Fi said in its report. “The cases impacted by access control issues emphasize the importance of comprehensive security audits to identify and rectify potential vulnerabilities in the system’s access control protocols.”

Ethereum and Bitcoin Heavily Affected


The gaming/metaverse sector recorded the biggest losses, with PlayDapp’s losses being the main contributor. Decentralized Exchanges were also popular targets, with FixedFloat, which lost $26.1 million on Bitcoin, being the largest contributor.

Borrowing and lending platforms were the third most-impacted category, losing over $1.3 million last month.

Ethereum was the chain with the highest losses at $40.1 million, with Bitcoin ($26.1 million), BNB Chain ($4.77 million), and Ronin ($9.7 million) also experiencing major losses.

De.Fi concluded that DeFi platforms have to embrace stringent security measures to protect against phishing and other exploits.

“To navigate these challenges, platforms must prioritize comprehensive security audits, embrace robust access management practices, and foster community education to empower users against phishing and other social engineering attacks,” De.Fi said. “As DeFi continues to mature, the collaboration between platforms like De.Fi, security researchers, and users will be paramount in safeguarding the ecosystem and fostering its sustainable growth.”