The year 2023 has been a challenging one for the cryptocurrency industry, as it has witnessed a surge in the number of hacks. By September 30, hackers had managed to steal a whopping $900 million, a staggering figure that surpasses the total stolen in similar attacks the previous year, which amounted to $2.7 billion. While the cumulative value of stolen crypto in 2023 is lower, the increased number of hacks is a cause for concern.
One key factor contributing to the smaller average haul in 2023 is the decline in asset prices and reduced DeFi TVL (Total Value Locked). As fewer dollars are locked into protocols, there is less for hackers to exploit. However, even with this decrease in stolen funds, the fact that the industry is losing over $100 million a month to hackers is detrimental to its reputation. Nonetheless, there is a silver lining: attackers seem to be focusing their efforts on projects rather than individuals.
Recent high-profile scandals, such as the FTX collapse, have triggered a shift in users’ perception of wallet security. Public blockchains have proven valuable in analyzing hacks and exploits, as they provide a permanent record of transactions. However, identifying the culprits behind these attacks remains a challenge, even with the presence of potential clues.
Cielo, an on-chain analytics service, maintains a public list of wallets involved in some of the largest hacks of the year. Notable examples include the Mixin hack amounting to $200 million, the HTX hack of $8 million, and the CoinEx hack totaling $55 million. The entry methods recorded by DefiLlama, a platform tracking major crypto hacks, include database attacks, frontend attacks, and compromised private keys.
The Diverse Landscape of Crypto Hackers
While state-sponsored groups like North Korea’s Lazarus Group have taken credit for several high-profile hacks, they cannot be solely blamed for the $900 million stolen in 2023. Brandon Brown, the CEO and Co-Founder of FairSide, explains that the crypto space is filled with diverse actors engaged in malicious activities. He emphasizes that attributing the majority of crypto-related crimes to a few sophisticated actors would be overly simplistic. However, the allure of potential profitability in cryptocurrency thefts attracts both state-sponsored and organized crime groups to this domain.
The primary targets for hackers are poorly secured protocols, liquidity pools, and smart contracts where the money lies. Nevertheless, individual users are also susceptible to attacks. The public visibility of high-value wallets on the blockchain serves as a wish list for attackers. By connecting a wallet to its owner, hackers can exploit the opportunity for social engineering attacks.
Recent incidents involving high-profile individuals like Vitalik Buterin and Mark Cuban highlight the vulnerability of even savvy users. Both suffered losses: Buterin had his Twitter account hijacked through a SIM swap, resulting in $700,000 stolen from his followers, while Cuban fell victim to a phishing attack that drained his wallet. These incidents underscore the importance of impeccable operational security (opsec) for all cryptocurrency holders.
Despite the concerning rise in hacks, there is positive news for crypto holders. The development of improved tools for web3 wallets is enhancing their security and resilience. Additionally, the frequency of hacks has raised awareness among users about the necessity of robust opsec practices.
Looking ahead, industry experts anticipate that market conditions will improve in Q1 of 2024. Those who have managed to retain their cryptocurrency holdings can face future challenges with greater confidence. However, it remains crucial for users to stay vigilant and prioritize security measures to protect their digital assets.
The staggering amount of over $1 billion lost to crypto hacks in 2023 is a significant concern for the industry. The rising number of attacks, along with the shift towards targeting projects rather than individuals, highlights the need for enhanced security measures. Public blockchain analytics and increased focus on wallet security offer promising avenues for combating these threats. By staying proactive and leveraging improved tools, crypto holders can navigate the dynamic landscape of cryptocurrency with resilience and confidence.