Prisma Finance, a decentralized finance (DeFi) protocol, fell victim to an exploit on March 28, resulting in the loss of approximately $10 million worth of cryptocurrencies. The anomaly was initially detected by on-chain security alert provider Cyvers, who reported multiple suspicious transactions involving PrismaFi. It was later revealed that the attacker had been funded by FixedFloat. Cyvers detected an additional $1 million in fraudulent transactions, bringing the total amount of funds exploited to nearly $10 million. In response, Prisma Finance announced that it would pause the protocol and launch an investigation.
Prisma Finance is a liquid staking token protocol with a total value locked (TVL) of over $222 million, according to DefiLlama. Following the initial exploit, the attacker began converting the stolen funds into Ether. On-chain security firm PeckShield confirmed that the attack was still ongoing and warned of other scammers attempting to benefit from the situation. One such scam involved a fake Prisma Finance account with a golden badge, which tried to redirect users to a suspicious link. However, it was clarified that the fraudulent account had no connection to Prisma Finance.
The incident highlights the ongoing issue of crypto hacks, which continue to undermine the credibility of the industry. In 2024 alone, more than $200 million worth of cryptocurrencies have been lost to hacks and rug pulls across 32 separate incidents, up until February 29. This represents a 15.4% increase compared to the same period in 2023, when $173 million of digital assets were stolen. In total, $1.8 billion was lost to crypto hacks and scams in 2023, with 17% attributed to the North Korean Lazarus Group, according to a report by blockchain security firm Immunefi.