Crypto and Web3 projects have experienced a significant increase in attack incidents in the third quarter of 2023 compared to the same period last year, according to a report by Immunefi, a blockchain security platform. The report revealed that there was a staggering 153% rise in attack incidents during this period, with a total of 76 attacks recorded, compared to just 30 in Q3 2022.
The consequences of these attacks were severe, resulting in a loss of nearly $686 million in the recent quarter. One of the most notable attacks was the Mixin hack on September 25, which drained approximately $200 million. Following closely behind was the Multichain hack, which resulted in over $126 million in losses and has yet to be fully recovered.
The Lazarus Group, a notorious hacking group, was responsible for draining over $208 million worth of crypto through multiple attacks on centralized services such as CoinEx, Alphapo, Stake, and Coinspaid. The group accounted for 30% of all stolen crypto in Q3, highlighting the organized and sophisticated nature of their operations.
Interestingly, only a small portion of the attacks consisted of rug pulls and other scams, which accounted for $23 million or 3.3% of the total losses. The majority, 96.7%, stemmed from hacks or exploits. It is worth noting that monetary losses from scams decreased by 23.9% compared to the same period last year, indicating some progress in combating fraudulent activities.
Decentralized finance (DeFi) hacks constituted a significant portion of the losses, accounting for 72.9% of the total, while centralized services accounted for the remaining 27.1%. However, the report did not provide a clear definition of what constituted a “decentralized” versus a “centralized” service.
In terms of specific networks, Ethereum and BNB Chain were the most targeted by hackers and scammers. Ethereum represented 42.7% of the losses, while BNB Chain accounted for 30.5%. Base and Optimism were also popular networks for attackers to exploit, ranking as the third and fourth most targeted networks, respectively.
This report aligns with previous findings by Certik, which also concluded that the third quarter of 2023 was particularly challenging for the crypto industry in terms of hacks and scams.
These increasing attack incidents highlight the ongoing need for enhanced security measures within the crypto ecosystem. As the value and popularity of cryptocurrencies continue to grow, it becomes even more critical to prioritize security to protect users and investors from these malicious activities.