• In 2023, cryptocurrency users will lose nearly $2 billion in scams, rug-pulls, and hacks. This is roughly half of the amount they lost last year.
  • The industry is still susceptible to security threats, even though the decrease in security incidents can be largely attributed by improved security protocols.

Researchers at De.Fi, a security app, said that cryptocurrency users lost almost $2 billion in scams, rug-pulls, and hacks by 2023. This is roughly half of the amount they lost last year. However, it shows the industry’s vulnerability to security threats, the researchers stated in their annual report released on Wednesday.

The decrease in activity, attributed largely to improved security protocols and increased community awareness, is even more significant when you consider the $40 billion that was lost due to the collapse of stablecoin issuer Terraform Labs and crypto lenders Celsius and FTX.

The decline coincides with the bear market, during which major alternative tokens fell as much as 85 percent from their 2021 highs before recovering over the last few months when conditions became more bullish. De.Fi reported that the rate of recovery for funds has also improved to 10% from just 2% in 2020.

Losses caused by Blockchains

Ethereum, the largest blockchain in terms of active users, and the value-locked, suffered the greatest losses. Approximately $1.35 billion was erased over an estimated 170 incidents. The large ecosystem of Ethereum and its high-profile projects make it attractive to malicious actors. The biggest exploit was the $230,000,000 attack in July on Multichain.

BNB Chain was also a target with losses of $110.12 million across 213 incidents. Emerging network, zkSync Era, lost $5.2 in two incidents. Solana suffered a $1 million loss in one attack.

The losses on central platforms such as trading platforms and exchanges totaled about $256 million in seven cases. The attack on Poloniex , in November netted $122,000,000.

Popular Methods

The most destructive attacks were those that exploited weaknesses in the way permissions and rights of access are managed by smart contracts or platforms. These exploits can give unauthorized access funds or to critical functionality and have resulted in more than $852 Million of losses out of 29 cases.

Flash-loan attack was the second most cash-generating method, resulting in $275 million losses over 36 cases. These attacks take advantage of the decentralized Finance‘s uncollateralized loans feature, allowing attackers access to large amounts in cryptocurrency without any upfront capital. These borrowed funds are used by attackers to manipulate the market and exploit vulnerabilities within DeFi.

Over 263 cases, exit scams totaled $136 million. In this type of exploit, the rogue developer drains all liquid from a token that they have created or removes their presence online after collecting money from unwitting market participants.

Sheldon Reback is the editor.