Web3 Security Remains a Big Question in 2023 Following 167 Major Attacks Last Year

3 mins
12 January 2023, 22:24 GMT+0000
Updated by Ryan James
12 January 2023, 22:25 GMT+0000
In Brief
  • Despite the rise in web3 projects, is the space really secure?
  • In 2022 over 167 major attacks in the Web3 space, with a total loss of approximately $3.6 billion from all types of attacks, an increase of 47.4% from 2021.
  • Security companies set up the Trust Army — public goods community for Web3 trustworthy that teaches basic security rules to those new to crypto.
  • promo

Web3 security becomes ever-so crucial as the traction continues to gain momentum from last year to the ongoing year. The high-security risks have been a severe obstacle to the industry. Therefore, various web3 cybersecurity audit firms are doing their bit to counter the rise of such bad actors. 

The technology surrounding web3 continues to create headlines and make heads turn. As companies rush to incorporate the opportunity, capital worth billions flows within the web3 domain. Last year, web3 start-ups raised more than $7 billion in investments despite the bear market conditions. 

With the staggering amount of funds available, developers get the required resources to build with web3. But that also allows illicit activities and bad actors to capitalize on the cash flow. 

So, the question that arises is: Is web3 secure

Doubts Regarding web3 Security

The fundamental idea behind web3 is giving control back to the user. That conflicts with security. People make mistakes (human error); therefore, in the traditional world, one aims to build systems, and a good example is the banking system. Various institutions enforce 2FA. 

Even if bad actors somehow manage to hold off the access codes, the bank has an anti-fraud detection system that will detect if someone other than the owner logs in or tries to access the owner’s money. Thereby locking down the account. Overall, security layers are present to protect cash from fraudulent activities. 

On the other hand, web3, which promotes ‘your keys, your coins’ and ‘your keys, your NFTs,’ the transactions are irreversible. 

Source: YouTube

Web2 vs Web3: Security

Typically, in web2, when a platform is hacked, the worst case is that people lose their personal information. Like credit card numbers, their addresses, their names get leaked out onto the internet. But credit card companies can freeze their cards, issue new ones, and refund whatever was stolen. 

So, hacks are temporary in nature. While web2 does get hacked a lot, those hacks are typically less severe with fewer consequences. When web3 gets hacked, thousands of people permanently lose access to their assets. 

CoinTracker Hack, data breach

Most security measures come from governance, such as implementing 2FA and specific compliance steps. Although the whole point of web 3 is that there is no governance, it’s decentralized. Contrary to what security needs. A secure portal needs strict regulations and rules.

Now, crypto businesses and platforms took measures in the past to facilitate such actions; hacks continue to make headlines. BeInCrypto reached out to various security companies to shed some light on the scenario. 

Web3 Hacks on a Roll 

The Global Web3 Security & AML Report 2022, co-produced by Beosin, Buidler DAO, Legal DAO, and Footprint, was shared via Twitter. Per the report, web3 witnessed over 167 significant attacks, with a total loss of $3.60 billion. This accounted for an increase of 47.40% from 2021. 

Global Web3 security and AML report 2022
Source: Beosin

These losses caused a considerable dent financially as ten security incidents lost over $100 million in a single attack, and losses of 21 security incidents ranged from $10 million to $100 million. Surprisingly, the first half of last year alone contributed more than $2 billion to hacks and exploits in web3 projects, more than all of 2021 combined.

With the rise in bad actors, web3 security companies have taken steps to help reduce or eliminate such actors. BeInCrypto heard from one of the leading web3 cybersecurity audit companies as it officially confirmed the launch of its DAO.

Measures to Correct Illicit Operations

As new projects build within web3, most operators have accounted for remedies to offset potential hacks. Likewise, several security firms see a rise in the adoption trend, as was the case here. 

Throughout 2022, Hacken kept steady and rapid growth: its revenue increased by 166%, 537 new clients used its services, and zero smart contracts audited by the team were hacked. One of their key goals for the year was to find a way to merge the interests of Hacken equity stakeholders and HAI holders, and the creation of hDAO marks the start of this journey.

Security companies set up the Trust Army — public goods community for Web3 trustworthy that teaches basic security rules to those new to crypto. Thereby paving the way for a substantial transformation of society to the first product-oriented, self-governing, highly expert, and empowered cybersecurity assembly in Web3.

Overall, security plays a crucial role in the further development of web3 in 2023. Especially with different platforms supporting the domain. From gaming to music giants like Warner Music Group, all joined forces to inject web3 exposure. Talking about exposure, many employees even switched their jobs to work within web3. All the more reason to make such an exciting and lucrative space a secured one. 

Remember: a secured space can also go hand-in-hand with regulators who are looking for opportunities to clamp down on the blockchain industry. 


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.