The year 2023 has seen an unprecedented surge in crypto hacks, with the total amount stolen on track to exceed $1 billion. In fact, by the end of September, hackers had already pilfered $900 million, an astonishing figure that falls just short of the $2.7 billion lost in similar attacks the previous year. While the cumulative value of stolen cryptocurrencies is lower this year, the number of hacking incidents has increased. One reason for the smaller average haul in 2023 can be attributed to falling asset prices and reduced decentralized finance (DeFi) total value locked (TVL). With fewer dollars locked into protocols, hackers have fewer opportunities to exploit.
Although the cryptocurrency industry is hemorrhaging over $100 million per month to hackers, there is some solace in the fact that attackers are primarily targeting projects rather than individuals. Following last year’s FTX collapse and other scandals that rocked the crypto world, users have become more conscious of wallet security. Public blockchains, with their transparent and immutable nature, facilitate comprehensive forensic analysis of hacks, phishing attacks, and exploits. However, while these blockchains can reveal what happened and when, they often fail to provide definitive proof of the attacker’s identity, even when clues are present.
Intriguing Insights from Onchain Analytics
Onchain analytics service Cielo maintains a public list of wallets involved in some of the most significant hacks of 2023. Notable entries include hackers associated with Mixin ($200 million), HTX ($8 million), and CoinEx ($55 million). September alone saw a staggering total of $308 million stolen. DefiLlama, which monitors major crypto hacks, categorizes different entry methods, such as database attacks, frontend attacks, and compromised private keys. Hackers have proven to be resourceful, as some of the largest hacks this year have been attributed to state-sponsored groups like North Korea’s Lazarus Group, previously held responsible for the Ronin hack, one of the largest onchain thefts in history. Nevertheless, while these well-funded and well-trained groups deserve acknowledgment, they cannot claim sole credit for the $900 million worth of stolen cryptocurrencies this year.
Brandon Brown, the CEO and Co-Founder of FairSide, an insurance alternative provider for self-custody wallets, offers valuable insights into the diverse range of actors involved in malicious activities within the crypto space. Brown explains that while major hacks often capture headlines and can be attributed to prominent groups, it would be overly simplistic to ascribe the majority of crypto-related crimes to just a few sophisticated actors. Nonetheless, the allure of high-profile cryptocurrency thefts, with their potential profitability, continues to attract not only sophisticated actors but also state-sponsored and organized crime groups to this domain.
Hackers tend to focus on attacking poorly secured protocols, liquidity pools, and smart contracts where the money is concentrated. However, individual users are not immune to attacks. High-value wallets, visible to anyone on the blockchain, provide hackers with a wishlist of potential targets. If they are able to connect a wallet to its owner, the opportunity for a social engineering attack arises. In recent weeks, even notable figures like Vitalik Buterin and Mark Cuban have fallen victim to such attacks. Buterin had his Twitter account hijacked via a SIM swap, leading to $700,000 being stolen from his followers. Similarly, Cuban experienced the draining of his wallet after clicking a malicious link.
Despite the risks posed by hackers, there is some positive news for crypto holders. The industry is continually improving its tools and technology, making web3 wallets more robust. Additionally, the growing frequency of hacks has raised awareness among users about the importance of practicing impeccable operational security (opsec). With market conditions expected to improve in Q1, those who have managed to retain their crypto assets can face the challenges of 2024 with greater confidence.
The surge in crypto hacks in 2023 has been alarming, with hackers relentlessly targeting the industry. However, there is cause for optimism as users become more aware of the risks and take proactive measures to protect their investments. As the crypto industry continues to evolve and strengthen security measures, it is crucial for users to stay vigilant and educate themselves on best practices for safeguarding their digital assets. By remaining alert and implementing robust security measures, individuals can navigate the challenges posed by hackers and look towards a secure and prosperous future in the crypto space.
Leave a Reply