In 2023, crypto users experienced a significant setback, losing $1.8 billion to hacks and scams, as reported by Immunefi. While this marks a 54% reduction from the industry's 2022 losses of $3.9 billion, the number of individual incidents surged by 90%, escalating from 168 in 2022 to 319 in 2023.
Disastrous Third Quarter Leads the Losses
The third quarter emerged as the most disastrous period, contributing to a third of the total losses throughout the year. November took the lead in monthly losses, recording $343 million, followed by September with $340 million and July with $320 million.
Breakdown of Losses: Hacks vs. Fraud
Hacks accounted for the majority of losses, totaling $1.6 billion across 247 incidents, primarily linked to decentralized finance platforms. In contrast, fraud contributed $103 million in losses across 110 incidents, as highlighted in the report.
Recovery Efforts Show Limited Success
Immunefi reported a recovery of 13.5% of stolen funds, approximately $231.7 million, in 19 cases. Despite these efforts, the challenges of fund recovery remain evident.
Most Targeted Blockchains
BNB Chain and Ethereum emerged as the most targeted blockchains, collectively representing over half of the total losses. BNB Chain experienced 131 incidents, while Ethereum faced 91 incidents. Polygon and Avalanche followed, with ten and six incidents, respectively.
Lazarus Group Dominates Cyber Attacks
North Korea's Lazarus Group stood out, absconding with $308.6 million stolen from various projects in 2023, constituting 17.4% of the year's total losses. Lazarus Group is believed to be responsible for attacks on Atomic Wallet, CoinEx, Alphapo, Stake, and CoinsPaid.
Notable Incidents in 2023
Apart from Lazarus Group's exploits, other notable incidents included attacks on Mixin Network ($200 million), Euler Finance ($197 million), Multichain ($126 million), Poloniex ($126 million), and BonqDAO ($120 million), according to Immunefi.
2023 proved to be a challenging year for crypto security, marked by a surge in incidents despite a decrease in overall losses. As the industry grapples with evolving threats, the need for robust security measures becomes increasingly apparent.