Crypto Security Report 2023: Unveiling a $2 Billion Loss Landscape to Hacks, Scams, and Exploits, According to De.Fi
In the year 2023, participants in the cryptocurrency realm witnessed losses amounting to nearly $2 billion, primarily attributed to scams, rug pulls, and hacks. This sum marked a significant decrease compared to the estimated $4.2 billion losses incurred in 2022. The reduction, approximately half of the losses from the previous year, is credited to the implementation of enhanced security measures, increased awareness within the cryptocurrency community, and an overall decline in market activity. Despite these advancements, the industry remains exposed to security risks, as emphasized in the recently published annual report by the security application De.Fi on a Wednesday.
The noticeable decline in losses can be partially elucidated by the adoption of improved security protocols, a heightened sense of awareness within the community, and a general downturn in market activity. When considering the additional $40 billion lost in the collapses of the stablecoin issuer Terraform Labs, crypto lender Celsius, and the FTX exchange, the overall reduction becomes even more substantial.
This decline coincided with a bear market, during which several major alternative tokens experienced significant declines. However, these tokens have shown signs of recovery in recent months as market conditions turned more favorable. Furthermore, the recovery rate of funds exhibited a notable improvement, increasing to around 10%, a considerable jump from the meager 2% recorded in 2022, according to findings from De.Fi.
Blockchain Vulnerabilities: Navigating Cryptocurrency Losses in 2023
Ethereum, being the predominant blockchain in terms of active users and value locked, suffered the most substantial losses, with approximately $1.35 billion erased in around 170 incidents. This underscores Ethereum's attractiveness to malicious actors, given its extensive ecosystem and involvement in high-profile projects. Notably, one of the most impactful exploits on Ethereum was the $230 million attack on the cross-chain platform Multichain in July.
BNB Chain emerged as another enticing target, experiencing losses totaling $110.12 million across 213 incidents. Additionally, emerging networks such as zkSync Era faced losses of $5.2 million in two incidents, while Solana incurred a loss of $1 million in a single attack.
Losses on centralized platforms, including exchanges and trading platforms, added up to approximately $256 million across seven cases. The most significant of these incidents was the November attack on Poloniex, resulting in a net loss of $122 million.
Unveiling Cryptocurrency Risks: Insights into Prevailing Strategies and Threats
Access control exploits emerged as the most detrimental, causing losses exceeding $852 million in 29 instances. These exploits take advantage of vulnerabilities in how permissions and access rights are managed within smart contracts or platforms, granting unauthorized access to funds or critical functionalities.
Flash-loan attacks ranked as the second-most lucrative method, leading to losses amounting to $275 million over 36 cases. These attacks exploit the uncollateralized loan feature in decentralized finance (DeFi), enabling perpetrators to borrow significant amounts of cryptocurrency without upfront capital. Subsequently, they manipulate market prices and exploit vulnerabilities within the DeFi space.
Exit scams constituted losses totaling $136 million across 263 cases. These scams involve rogue developers draining liquidity from tokens they have issued or disappearing from the online space after raising funds from unsuspecting market participants.