SECURITY

By 2023, the cumulative losses from hacking and scams in the Web3 industry have reached $1.7 billion.

share
By 2023, the cumulative losses from hacking and scams in the Web3 industry have reached $1.7 billion.

The on-chain data platform OKLink released a report on hacking incidents in the cryptocurrency industry in 2023, with a total of 17 billion US dollars falling into the hands of hackers during this bear market, involving 520 security incidents. However, compared to the losses of nearly billions of dollars in the previous bull market, it is still a relatively small amount.

Blockchain Industry Hit by $1.7 Billion in Hacks in 2023

This year, there have been over 520 publicly disclosed security incidents in the blockchain industry, resulting in losses exceeding $1.7 billion.

However, compared to the $3.728 billion lost in 2022, the losses have decreased by about 54%; the amount hacked in 2021 even reached up to $9.8 billion, with a reduction of approximately 84%.

Major Loss Incidents

The top three blockchain hacking incidents in terms of losses in 2023 are Multichain, Euler Finance, and Mixin Network:

  • In May of this year, Zhao Jun, the CEO of the cross-chain bridge protocol Multichain, was taken away by the police from his home, losing contact with the team. Starting on July 6, Multichain experienced an unusually large-scale unauthorized withdrawal, with stolen assets exceeding $230 million.

    Cross-chain protocol Multichain may have been hacked for $126 million! Reason under investigation, official: Services suspended, authorization revoked

  • On March 14, the lending protocol Euler Finance on Ethereum was attacked by hackers, resulting in losses of approximately $197 million.

    Beosin: Euler Finance attacked due to logic error, with losses of about $197 million

  • On September 23, the cloud service provider database of the public chain project Mixin Network was attacked, resulting in losses of approximately $140 million.

    All data stored on Google Cloud? Mixin Network, previously endorsed by Li Xiaolai, hacked for $200 million

Following are projects such as Paiwang with $125 million, BonqDAO with $120 million, the long-standing wallet provider Atomic Wallet with $115 million, and Heco's cross-chain bridge with $86 million in losses, among various other projects.

Other notable cases include the Vyper vulnerability leading to a hack of over $50 million on Curve, SafeMoon with $8.9 million, and NFT Trader involving 37 BAYC and 13 MAYC totaling $3 million.

Other Cases

In addition to losses caused by protocol code vulnerabilities, there have been numerous phishing attacks and scams targeting users, mostly concentrated on Twitter and Discord:

  • On September 6, a whale user fell victim to a phishing attack, losing $24.24 million in cryptocurrency.
  • On September 10, Vitalik's Twitter account was hacked, with the hacker controlling the account posting malicious phishing links, stealing over $690,000 in assets, with 73% coming from NFTs.

Security Should Not Be Taken Lightly

Regardless of the amount of funds, once a product has security concerns, the impact on crypto products is significant compared to traditional industries. Building trust is very difficult and can be destroyed in an instant, so every security incident's impact on the industry or project should not be underestimated.

Aave hit by security vulnerability|Funds are safe pending community vote to restart the market

Therefore, whether as a user or a team, attention to security should still be exercised in the future, and complacency should not be taken lightly just because the industry is advancing.