Blockchain security firm PeckShield reported that crypto projects suffered a loss of approximately $52 million due to hacks and scams in March. This represents a significant increase from February’s losses, which were closer to the low tens of millions.
The majority of the March damage stemmed from protocol exploits, phishing, and rug pulls targeting smaller DeFi and gambling projects.
PeckShield’s latest monthly report reveals that attackers continued to exploit hot wallets, weak admin keys, and unaudited smart contracts. Furthermore, a portion of the stolen funds is still routed through mixers and cross-chain bridges.
The majority of March’s total was made up of several significant incidents highlighted in the report. These comprised high-yield schemes with aggressive returns, gaming platforms, and vulnerabilities on mid-tier DeFi protocols. Attackers frequently exploited upgradeable contracts with inadequately protected admin roles, basic logic flaws, and unchecked token approvals.
Phishing campaigns continued to operate as well. Users signed harmful approvals, clicked phony airdrop URLs, or gave impostor support professionals access to seed phrases. After seizing control, the attackers swiftly converted assets into liquid tokens such as ETH, USDT, or USDC, depleted wallets, and then pulled them from the original chain.
How Much Was Recovered
Not all of the $52 million in losses appears permanent. PeckShield notes that white‑hat hackers and negotiation efforts helped recover a slice of stolen funds in a few cases. Some attackers accepted bug bounty‑style deals and returned part of the loot in exchange for avoiding further legal pressure.
Still, the net losses for victims stayed high. Projects without strong backers or insurance often struggled to compensate users. In several cases, teams paused contracts, froze frontends, or proposed token‑based compensation plans that left depositors facing steep haircuts.
PeckShield’s breakdown reinforces a few known lessons for DeFi and NFT users. Contracts without audits or with very short track records carry higher risk, especially when they hold a large total value locked. High yields, complex cross‑chain bridges, and opaque admin keys also remain red flags.
While monthly loss numbers fluctuate, March’s $52 million figure is another reminder that on-chain security remains far from solved and that both users and teams need to treat risk management as a core part of any crypto strategy.
READ MORE: Algorand Price Jumps 18% After Google Quantum Paper Cites ALGO 32 Times
