A recent report by blockchain security platform Immunefi reveals a staggering 153% increase in attack incidents for crypto and Web3 projects during the third quarter of 2023 compared to the same period in 2022.
The data analysis revealed a concerning trend in the crypto industry. Specifically, during Q3 2022, there were 30 reported attack incidents. However, this number skyrocketed to a significant 76 during Q3 2023. These attacks resulted in substantial financial losses, amounting to nearly $686 million in the recent quarter. This increase is alarming for the crypto industry’s security landscape.
One notable factor contributing to the increased losses was the occurrence of large-scale attacks, Mitchell Amador, Founder and CEO at Immunefi, said:
Q3 witnessed the highest loss in this year, driven by large-scale attacks such as the one on Mixin Network and Multichain. Statebacked actors played a crucial role as they were allegedly behind several cases this quarter. Their particular focus on CeFi led to a sharp surge in losses within this sector.
Crypto Exploits: Key Takeaways from Q3 2023
The Immunefi report highlights some key takeaways from Q3 2023. Two major exploits during the quarter accounted for a staggering $326 million, constituting 47.5% of all losses in that period.
Hacks remain the primary cause of losses, accounting for a staggering 96.7% of the total. In contrast, frauds, scams, and rug pulls played a minor role, contributing only 3.3% to the overall losses. As for targets, successful exploits primarily targeted DeFi platforms, making up 72.9% of total losses. The remaining 27.1% were attributed to CeFi platforms.
In Q3 2023, Ethereum and BNB Chain emerged as the two most targeted blockchain networks. Ethereum faced a total of 35 individual attack incidents, while BNB Chain experienced 25 incidents. Additionally, Base protocol, backed by Coinbase, became a prime target with reported losses across four projects.
The Lazarus Group, a notorious hacking group, caused significant losses of $208.6 million in Q3 2023, which accounted for 30% of the total losses. They were allegedly responsible for high-profile attacks on platforms including CoinEx, Alphapo, Stake, and CoinsPaid.
On a somewhat positive note, the report highlights that in six specific cases during Q3 2023, a significant amount of $61,169,000 has been successfully recovered from stolen funds. This recovery represents 8.9% of the total losses incurred.
However, these findings highlight the immediate necessity for heightened security measures in the cryptocurrency and Web3 spheres due to their escalating exposure to threats and vulnerabilities.