Trusted

2023 Security Woes: Web3 Loses $1.8B to Criminals, but Are Lessons Being Learned?

2 mins
Updated by Ryan Boltman
Join our Trading Community on Telegram

In Brief

  • In 2023, a massive $1.8B was lost due to 751 security incidents in the Web3 industry, according to CertiK.
  • Despite the significant losses, there's a silver lining: a 51% decrease in the amount lost to security incidents compared to 2022.
  • CertiK's report highlights private key compromises and exit scams as the leading causes of security breaches in the crypto industry.
  • promo

According to Web3 security firm CertiK, a total of $1,840,879,064 was lost to security incidents in 2023. In total, 751 security incidents included code vulnerability, exit scams, phishing, private key compromises, and others.

Decentralized Finance (DeFi) protocols have billions in total value locked (TVL). Hence, if there are loopholes in the smart contracts of the projects, bad actors would take advantage and steal the funds.

Amount Lost to Web3 Security Incidents Declined by 51% – CertiK

CertiK shared its “Hack3D The Web3 Security Report 2023” with BeInCrypto, which mentions that in 2023, bad actors stole over $1.8 billion from the crypto industry.

On a positive note, the firm highlighted a 51% decrease in the amount lost to security incidents compared to 2022. In 2022, bad actors stole a total amount of over $3.7 billion.

Read more: What Is a Rug Pull? A Guide to the Web3 Scam

The screenshot below shows that the most damage occurred due to private key compromises of all security incidents. According to the report, crypto firms lost $880.9 million as the exploiters accessed private keys.

Exit scams were the most frequently executed type of security incident among various incidents. Last year, there were 306 exit scams, also known as rug pulls. CertiK shared some tips exclusively with BeInCrypto on how community members can mitigate the risk of rug pulls:

  • Conduct thorough research on project teams and their track records.
  • Analyze the tokenomics of the project for sustainability and fairness.
  • Look for projects with code audits from reputable firms.
  • Stay updated with community feedback and developments.
  • Be wary of projects promising unusually high returns.

“It’s crucial to remain vigilant and informed, as the excitement of a bull market can often overshadow the need for caution,” The security firm said.

2023 Security Incident Count And Amount Lost by Incident Type
2023 Security Incident Count And Amount Lost by Incident Type. Source: CertiK

What Does 2024 Hold?

While 2024 is only just beginning, the industry has lost almost $90 million to crypto exploits. Most recently, hackers stole over $4 million from DeFi protocol Gamma through a price manipulation attack.

However, CertiK is hopeful that in 2024, there will be a decline in losses. It told BeInCrypto:

“We are seeing a range of proactive security measures undertaken by projects, and there has been a  growth of bug bounty platforms. If asset prices pick up again and losses stay low, it would indicate that the Web3 industry broadly is learning its security lessons.”

One of the most notable white hat victories of 2023 is the complete recovery of nearly $200 million stolen from Euler Finance. In March 2023, the project lost the funds as hackers conducted a flash loan attack.

Read more: Crypto Project Security: A Guide to Early Threat Detection.

Do you have anything to say about Web3 security incidents or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Harsh.png
Harsh Notariya
Harsh Notariya is an Editorial Standards Lead at BeInCrypto, who also writes about various topics, including decentralized physical infrastructure networks (DePIN), tokenization, crypto airdrops, decentralized finance (DeFi), meme coins, and altcoins. Before joining BeInCrypto, he was a community consultant at Totality Corp, specializing in the metaverse and non-fungible tokens (NFTs). Additionally, Harsh was a blockchain content writer and researcher at Financial Funda, where he created...
READ FULL BIO
Sponsored
Sponsored