Please note that simple phishing exploits were excluded due to the challenges associated with tracking criminal funds. In most cases, this vulnerability allows exploiters to abuse the authorization that has been set to the target contract. We aimed to provide more detailed information in the report than LUMOS currently offers, including exploit transactions, the entire fund flow (not just the destination), updated code-level details, and the current state of each case as of January 1, 2025. To answer this, let’s take a look at the exploited projects due to the contract vulnerabilities if they had undergone any security audits.