Over the course of 2023, crypto users lost $1.8 billion to various hacks, exploits, scams and back pulls, bug bounty platform Immunefi said in a report published Thursday. While that’s a 54% drop from the $3.9 billion the industry lost in 2022, the number of individual incidents rose 90%, from 168 in 2022 to 319 in 2023.
The third quarter of the year proved to be the most disastrous, accounting for a third of all losses recorded during the year. In terms of monthly figures, the largest losses were recorded in November ($343 million), September ($340 million) and July ($320 million).
A total of $1.6 billion was lost due to hacks in 247 incidents mainly linked to decentralized financial platforms, while fraud was responsible for $103 million lost in 110 incidents, the report said.
Immunefi said that 13.5% of the stolen money, or about $231.7 million, found in 19 cases.
Most attacked blockchains
BNB Chain and Ethereum are consistently the most attacked blockchains, accounting for more than half of the total losses. According to Immunefi, 131 incidents involved BNB Chain-based projects and 91 incidents were on Ethereum. They were followed by Polygon with ten incidents and Avalanche with six.
North Korea’s Lazarus Group got away with $308.6 million in stolen funds from various projects in 2023, which is 17.4% of its total losses during the year. The group is believed to be behind the attacks on Atomic Wallet, CoinEx, Alphapo, Stake and CoinsPaid.
Other notable incidents in 2023 included attacks on Mixin Network ($200 million), Euler Finance ($197 million), Multichain ($126 million), Poloniex ($126 million) and BonqDAO ($120 million), Immunefi said.
