Crypto Investors Lost $54M to Rugpulls, Scams in May: Blockchain Security Firm De.Fi

May saw fewer exploits than April, suggesting better security practices among crypto users and developers.

AccessTimeIconJun 2, 2023 at 12:13 p.m. UTC
Updated Jun 12, 2023 at 2:56 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

In a turbulent month for the cryptocurrency market, May 2023 witnessed a wave of scams and hacking incidents that resulted in cumulative losses of over $54 million, a new report from security firm De.Fi shows.

The amount is a nearly half of April's $101.5 million loss, suggesting better security practices among users and developers. However, no funds were recovered in May 2023 – compared to $2.2 million recovered in April.

The BNB Chain ecosystem accounted for the majority of the incidents, with losses above $37 million across ten cases. Ethereum-based projects saw the least exploits at just over $2 million.

BNB Chain ecosystem lost the most to exploits and rug pulls last month. (De.Fi)
BNB Chain ecosystem lost the most to exploits and rug pulls last month. (De.Fi)

Among the top ten cases, Fintoch suffered the highest loss of $31.7 million due to a smart contract exploit. Jimbo Protocol on Arbitrum experienced a loss of $7.5 million due to a rugpull, while Deus Finance on BNB lost $6.2 million in a smart contract exploit.

Other notable cases included Tornado Cash, Mother, WSB Coin, Linda Yaccarino, Block Forest, SNOOKER, and land, with losses ranging from $145,000 to $733,000.

Rug pulls remained the most prevalent, accounting for twelve cases and losses totaling $37 million. There were nine cases of exploits resulting in losses of $8.8 million, while flash loan Attacks, although less frequent with five cases, still led to significant losses totaling $8.9 million. Exit scams were responsible for two cases, resulting in a loss of $177,000.

A “rug pull” is a colloquial term for a type of crypto scam that typically see the developer, or developers, gain legitimacy on social media, hype up a project and raise a significant sum of money only to drain liquidity after that project’s tokens are first offered to the public.

Flash loans, on the other hand, are a sophisticated type of exploit that allows traders to borrow unsecured funds from lenders using smart contracts instead of third parties. Attackers typically take out flash loans to manipulate the prices of a project’s token – where the smart contract is unable to detect the manipulation – and drain treasury funds.

As such, governance tokens were the most commonly targeted category, with 19 cases reported and losses totaling $3.3 million. Decentralized exchanges (DEX) were targeted in three cases, resulting in losses of $4 million. Stablecoins recorded the highest amount lost, reaching $6.2 million in a single case.

Other categories, such as yield aggregators, gaming and metaverse applications, non-fungible tokens (NFTs) and centralized crypto platforms reported no losses during this period. Borrowing and lending protocols remained unaffected as well.

Edited by Parikshit Mishra.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.

Read more about