DeFi Sector Vulnerability: How Do Investors Face Fraud?

Modern technology is evolving at the speed of light, and so are fraudsters. Attackers are becoming more and more inventive in their methods of stealing money. However, blockchain researcher ZachXBT is on guard for our safety and constantly warns about new scammers in his X. And recently, he warned of a group of fraudsters trying to lure victims into a new scam using millions of stolen funds.

The Main Points of the Investigation

In a post on X, ZachXBT published the results of an investigation into Leaper Finance, a lending protocol based on Blast. According to the researcher’s analysis, the fraudsters are behind several scams, including those affecting users of Magnate ($6.5 million), Kokomo ($4 million), Solfire ($4.8 million), and Lendora.

“In the past they let the TVL grow to 7 figs before stealing all of users funds deposited to the protocol and falsify KYC documents + use low tier audit firms. They now have launched scams on Base, Solana, Scroll, Optimism, Arbitrum, Ethereum, Avalanche, etc,” noted ZachXBT.

It is noted that the group is also responsible for fraud on Hash DAO, Glori Finance, and ZebraDAO. The losses caused by the group are estimated at more than $20 million.

In addition, as part of the latest fraud, the group of hackers funded the Leaper Finance address on the Blast network with nearly $1 million laundered from previous frauds, adding even more liquidity to lure victims.

Shortly after ZachXBT exposed Leaper Finance’s connection to the scam, the latter responded by harassing the researcher, announcing a “token launch.”

“Nice work! My comrades here at Lazarus fear you yet admire you!” they said, referring to the North Korean hacker group Lazarus. Thereafter, the Leaper Finance and Glori Finance accounts on X were deactivated, and the projects’ websites stopped working.

However, this is not the end of the story.

Disappearance of Fraudulent Projects

A few hours after the investigation, the three crypto projects disappeared from the Internet without a trace. ZachXBT identified the address of a wallet with stolen funds that provided liquidity to these projects. 

Further updates on the situation showed that the wallet was previously used to finance a carpetbagging project, and now provides liquidity to a number of projects on various blockchains, including Base, Solana, Scroll, Optimism, Arbitrum, Ethereum, and Avalanche.

The current trend suggests that the stolen funds are being redirected to create fraudulent cryptocurrency projects aimed at deceiving unwary investors.

Data from the blockchain platform Scam Sniffer shows that in March, Base recorded an 18-fold increase in the amount of cryptocurrency stolen through phishing scams compared to January. They also report that phishing scams on Base stole approximately $3.35 million in March.

Moreover, Base is not the only “friend” of fraudsters. A study by Smart Betting Guide experts shows that Ethereum is the blockchain that is most susceptible to fraud. It accounts for 33 hacking incidents, followed by BNB Chain with 14 incidents, Arbitrum with 6, Solana and Bitcoin with 2 attacks each. Experts also note that the DeFi sector is the most vulnerable crypto sector in this 2024. In support of this, we see similar situations mentioned above.

Solana’s Problem with Network Overload

However, even though Solana has the lowest number of hacker attacks, the blockchain has one constant problem: network congestion. The Solana Foundation explains that the problem is due to a combination of high demand for the Solana blockchain space and the inability to implement patches in a timely manner. 

During Paris Blockchain Week, Austin Federa, head of strategy at the Solana Foundation, spoke to Cointelegraph about efforts to address these issues. 

“The goal of the Solana project is to build the world’s fastest network that is open, permissionless and decentralized, and that is a tall order. There’s a team of engineers across different core contributor groups working on building the Solana network, and sometimes, they don’t quite get it right,” Federa said.

According to the head, the level of consensus in Solana continues to function as intended, but there is an understanding that the network does not meet expectations in terms of user experience. In fact, the network developers planned to eliminate “problem areas” in a specific mechanism for implementing the network stack. However, the roadmap for implementing the updates and the expected demand for the Solana network “did not coincide”. 

Federa adds that “The charitable view of this is a failure of success. There’s massive demand for the Solana block space, and there’s a huge demand for the network. It’s processing more transactions than Ethereum’s layer 1 and layer 2s combined.”

He also notes that ecosystem developers may have been able to anticipate such spikes in demand based on previous experience with the network. Solana developers were aiming to fix an “implementation bug” that recently led to a sharp increase in the number of transaction failures on Solana. Federa said that the technicians had “little sleep” preparing patches and testing features before they hit the main network.

Crypto Exchanges Recommend a Second Security Layer

As a result of the increasing number of phishing scams, some cryptocurrency exchanges have begun to recommend that users keep their funds safe by using YubiKey devices and access keys, as well as hardware wallets.

Coinbase’s head of security, Jacob Klein, told Cointelegraph that they were the first exchange to provide YubiKey compatibility.

“YubiKey devices are the most secure form of authentication that we provide,” said Klein.

He says the devices can serve as a form of two-factor authentication (2FA). According to Klein, this can be useful because account passwords can be lost or even hacked during phishing attacks.

“With all the phishing scams taking place, the question users must consider is, ‘How can I avoid myself from getting hacked?’ This is why a YubiKey may seem like the obvious and best solution to protect crypto funds,” he said.

Cryptocurrency exchange Binance also introduced YubiKey devices in 2019. However, despite this, the exchange itself is not a model of security, but rather the opposite. Binance users’ data has been leaked several times, and in some cases, even put up for sale on the darknet. Not to mention cases of money laundering, support for criminal organizations, and numerous cases of illegal labor. 

Security is a fundamental criterion for choosing a cryptocurrency exchange. Every step on the exchange should be reliable – from the moment you deposit fiat currency to your wallet to the moment you start trading. However, it is difficult for an average user to assess the security level of a cryptocurrency exchange on their own. In 2021, cybersecurity consulting company Hacken compiled a list of the most secure companies on the market. It includes such well-known exchanges as Cryptology, Kraken and WhiteBIT with the highest rating of 10, Coinbase – 9,51, Crypto -9,35, etc. 


Nevertheless, despite the rapid development of the crypto industry, it still faces serious security challenges. The ZachXBT investigation reveals fraud schemes of various crypto projects. Moreover, security problems are widespread not only among “young” projects but also among popular Ethereum, Solana, BNB Chain, and others. Although the developers are doing their best to improve the security of these networks, we should not forget about the use of security methods. Events like this only emphasize the importance of critical thinking and awareness among investors. 

Deniz Tutku

Deniz Tutku

I am Deniz, a crypto writer and crypto enthusiast. I specialize in writing articles about cryptocurrency and blockchain articles, and I also occasionally write reviews for various projects.