Cryptocurrency investors lost more than $300 million to scams, hacks and exploits in May, according to blockchain security firm CertiK.
The majority of those losses were related to code vulnerability exploits, which accounted for $229 million — a 4,483% rise on April.
Phishing, which involves an attacker stealing a user’s trading account or wallet credentials, accounted for $47 million of losses while private key compromise and price manipulation were behind $11.6 million and $1 million of losses respectively.
“Our research revealed an interesting anomaly in May: a significant increase in losses from code vulnerabilities, which represented a majority of exploited funds”, said CertiK senior blockchain security researcher Natalie Newson.
“It is important to point out that over the fast few years, losses from code vulnerabilities have decreased significantly. In 2024 $173 million was lost to code vulnerabilities, compared with $1.3 billion in 2021.”
The largest incident of all in was the Cetus Protocol exploit that prompted Sui to controversially pause the blockchain as attackers made off with $225 million.