MonoSwap Hack

In July 2024, MonoSwap, a decentralized finance (DeFi) protocol, suffered a $1.3 million loss following a sophisticated social engineering attack. The exploit began when scammers impersonating venture capitalists contacted the MonoSwap team under the guise of discussing a potential investment.

As part of the ruse, a MonoSwap developer was instructed to install a fraudulent video conferencing application named Kakao, which was actually infostealer malware. Once installed, the malware extracted private keys from the developer’s computer, enabling the attacker to gain full access to the protocol’s wallets and smart contracts.

The attacker then drained all staked liquidity positions, stealing approximately $1.3 million. In response, the MonoSwap team immediately warned users against adding liquidity or staking and advised them to withdraw any remaining staked funds to prevent additional losses.

The breach highlighted critical vulnerabilities in centralized DeFi management, particularly the dangers of granting single developers extensive wallet access through hot storage. This incident underscores the importance of decentralized control, multi-signature wallets, and rigorous security practices, including the use of cold storage for sensitive keys, to safeguard against such targeted attacks.