The state of Web3 and blockchain security improved over the past year, causing a twofold decrease in losses to crypto hacks and other cybersecurity incidents.
Blockchain security firm CertiK presented its annual report titled “Hack3d: The Web3 Security Report 2023” on Jan. 3. According to its estimates, over $1.8 billion in digital assets were lost across 751 security incidents in 2023.
This amount illustrates a decline of 51% from the total of $3.7 billion registered in 2022. Moreover, while the average amount lost was $2.45 million per incident, the median loss per incident in 2023 was much lower – $101,132. The ten most costly incidents accounted for $1.11 billion.
Statistically, Q3 2023 brought the most losses, with $686,558,472, from 183 hacks, scams, and exploits. November was the peak month for hackers, causing an aggregate loss of $363,367,327 in 45 incidents.
Nearly half of all financial losses were registered due to private key compromises, although this type of hack accounted for just 6.3% of all security incidents. The scammers targeted large-amount wallets for this type of hack. Overall, private key compromises caused their owners a loss of over $880 million in 47 incidents, with a median individual loss of $18,7 million.
As for the different blockchain networks, BNB Chain experienced the highest number of security incidents. The network experienced a total of 387 hacks, scams, and exploits bringing $134 million in losses, with an average loss of $346,253 per incident.
Ethereum witnessed a total of 224 incidents, with $686 million in losses, at an average of $3.0 million per incident. Meanwhile, security breaches affecting cross-chain interoperability accounted for $799 million of losses in 35 incidents.
Cross-chain bridge protocol attacks have long remained a pain point for the industry. In 2022, they accounted for 69% of total crypto funds stolen, amounting to $2 billion in losses. According to the Chainalysis report, bridge protocols are often targets because they “feature a central storage point of funds that back the ‘bridged’ assets on the receiving blockchain”. Besides, the more value flows through cross-chain bridges, the more attractive they become for hackers.
Although the decline in hack losses, to some extent, reflected broader declines in crypto asset valuations, Certik analysts concluded that 2023 also marked a “positive development” in blockchain security, specifically highlighting the proactive measures crypto industry players take.