Hedgey Finance: $44 Million Exploit Shock

Hedgey Finance, a token infrastructure platform, has experienced two concurrent hacks resulting in a combined loss of $44.7 million in funds. The first hack took place on the Arbitrum network and involved the theft of over $42.8 million worth of Arbitrum (ARB) tokens. The attacker has already transferred a portion of the stolen funds to the Bybit cryptocurrency exchange. The second hack occurred on the Ethereum network and resulted in the loss of $1.9 million in crypto. Hedgey protocol, the platform affected by the hacks, has acknowledged the exploits and is collaborating with auditors to identify the vulnerability behind the ongoing attacks.

Following Hedgey’s confirmation of the exploits, fraudulent accounts posing as the platform began sharing potentially harmful links in an attempt to deceive users. These accounts urged individuals to request refunds or revoke their smart contract approvals, directing them to suspicious links unrelated to Hedgey protocol.

The hacks occurred shortly before the highly anticipated Bitcoin halving event, which is expected to halve block issuance rewards. In the first quarter of 2024, a total of 223 hacks and exploits took place, resulting in the theft of over $502 million worth of digital assets. This represents a 54% increase compared to the same period in 2023 when $326 million was stolen. January proved to be the most profitable month for hackers, as they stole over $193 million in 78 incidents. Compromised private keys remained the primary attack vector, leading to losses of over $239 million in 26 incidents. Compromised private key exploits only accounted for 11.7% of all security incidents.

Fortunately, during the first quarter, approximately $77.9 million worth of stolen funds were eventually recovered, with a significant portion attributed to the Munchables security incident. In 2023, a total of $1.8 billion was lost to crypto hacks and scams, and it was determined that 17% of these losses could be attributed to the North Korean Lazarus Group, according to a report by Immunefi published on Dec. 28.