According to Web3 security firm CertiK, a total of $1,840,879,064 was lost to security incidents in 2023. In total, 751 security incidents included code vulnerability, exit scams, phishing, private key compromises, and others.
Decentralized Finance (DeFi) protocols have billions in total value locked (TVL). Hence, if there are loopholes in the smart contracts of the projects, bad actors would take advantage and steal the funds.
Amount Lost to Web3 Security Incidents Declined by 51% – CertiK
CertiK shared its “Hack3D The Web3 Security Report 2023” with BeInCrypto, which mentions that in 2023, bad actors stole over $1.8 billion from the crypto industry.
On a positive note, the firm highlighted a 51% decrease in the amount lost to security incidents compared to 2022. In 2022, bad actors stole a total amount of over $3.7 billion.
Read more: What Is a Rug Pull? A Guide to the Web3 Scam
The screenshot below shows that the most damage occurred due to private key compromises of all security incidents. According to the report, crypto firms lost $880.9 million as the exploiters accessed private keys.
Exit scams were the most frequently executed type of security incident among various incidents. Last year, there were 306 exit scams, also known as rug pulls. CertiK shared some tips exclusively with BeInCrypto on how community members can mitigate the risk of rug pulls:
- Conduct thorough research on project teams and their track records.
- Analyze the tokenomics of the project for sustainability and fairness.
- Look for projects with code audits from reputable firms.
- Stay updated with community feedback and developments.
- Be wary of projects promising unusually high returns.
“It’s crucial to remain vigilant and informed, as the excitement of a bull market can often overshadow the need for caution,” The security firm said.
What Does 2024 Hold?
While 2024 is only just beginning, the industry has lost almost $90 million to crypto exploits. Most recently, hackers stole over $4 million from DeFi protocol Gamma through a price manipulation attack.
However, CertiK is hopeful that in 2024, there will be a decline in losses. It told BeInCrypto:
“We are seeing a range of proactive security measures undertaken by projects, and there has been a growth of bug bounty platforms. If asset prices pick up again and losses stay low, it would indicate that the Web3 industry broadly is learning its security lessons.”
One of the most notable white hat victories of 2023 is the complete recovery of nearly $200 million stolen from Euler Finance. In March 2023, the project lost the funds as hackers conducted a flash loan attack.
Read more: Crypto Project Security: A Guide to Early Threat Detection.
Do you have anything to say about Web3 security incidents or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).
For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.