Blockchain security firm CertiK’s annual report, “Hack3d: The Web3 Security Report 2023,” disclosed that over $1.8 billion in cryptocurrency assets were lost last year. The figure represents a significant 51% decrease from the staggering $3.7 billion losses recorded in 2022.
Crypto Loss Landscape: 2023
The report, a deep dive into the exploits, vulnerabilities, and trends shaping blockchain and smart contract security, provides valuable insights into the evolving landscape of Web3 security. With detailed incident analyses, technical insights, and comprehensive statistics, CertiK’s Hack3d reports serve as an essential resource for anyone seeking to comprehend the current state of Web3 security.
The report’s executive summary reveals that the total losses in 2023 amounted to $1,840,879,064, averaging $2.45 million per incident. However, the ten most costly incidents accounted for $1.11 billion, emphasizing the concentrated impact of a few major security breaches. The median loss per incident stood at a much lower $101,132.
November emerged as the costliest month of the year, witnessing losses totaling $363,367,327 across 45 incidents. The third quarter of 2023 stood out with the heaviest losses, amounting to $686,558,472 from 183 hacks, scams, and exploits. Private key compromises proved to be the most expensive attack vector, contributing to nearly half of all financial losses, with $880,892,924 lost in just 47 incidents, despite accounting for only 6.3% of all security incidents.
Among the chains, BNB Chain experienced the highest number of security incidents, with 387 hacks, scams, and exploits resulting in $134 million in losses, averaging $346,253 per incident. On the other hand, Ethereum faced 224 incidents but recorded higher losses at $686 million, averaging $3.0 million per incident.
A notable revelation from the report is the challenge posed by cross-chain interoperability, as security breaches affecting multiple chains accounted for $799 million in losses from 35 incidents. Beyond raw data, the report delves into the broader ramifications of these security breaches on the Web3 ecosystem.
It explores the success of “retroactive bug bounty” negotiations, details a major hardware wallet manufacturer’s backend compromise, highlights unprecedented hacker demands, and addresses the ongoing question of institutional adoption. However, “Hack3d 2023” emerges as an indispensable resource for stakeholders in Web3, offering a blend of technical depth, market analysis, and forward-thinking projections.
Related Reading | Crypto Risks Prompt EU Bank Regulator To Probe Non-Bank Links