It is a concerning trend in the web3 space: an estimated $1.8 billion was lost to hackers and fraudsters in 2023, with a significant portion of these losses linked to the notorious North Korea-affiliated hacker group Lazarus. The global web3 space was valued at over $934 billion in 2022. That capital represents an unparalleled and attractive opportunity for blackhat hackers.
Big Numbers In Crypto Losses
In total, we have seen a loss of $1,803,050,600 across the web3 ecosystem in 2023. $1,699,632,321 was lost to hacks in 2023 across 247 specific incidents, and $103,418,279 was lost to fraud across 110 specific incidents. This number represents a 54.2% decrease compared to total losses in 2022, when hackers and fraudsters stole $3,948,856,037.
Data from the blockchain security platform Immunefi highlights that the heaviest financial blow occurred on the Mixin Network, a peer-to-peer trading platform, where crypto investors suffered over $200 million in losses.
This incident marked the largest hack of the year. Close behind was the $197 million theft from Euler Finance, a lending platform, and a $126 million breach of the cross-chain bridge protocol Multichain.
The Lazarus Impact
Lazarus Group, a cybercriminal organization with ties to North Korea, was responsible for about 17% of the total losses, amounting to approximately $309 million. This information, reported by the online magazine “Cointelegraph”, underscores the significant threat posed by this group. Notable heists by Lazarus include the Atomic Wallet hack ($100 million), CoinEx ($70 million), and Alphapo ($60 million).
Hacks vs. Fraud
Interestingly, the majority of the financial losses in the web3 sector were not due to outright fraud but to hacks. Of the total losses, only $103 million were attributed to clear fraud attempts like rug pulls. In contrast, hacks and data breaches accounted for over $1.6 billion. Most notably, protocols claiming to be decentralized were the source of the majority of the losses, totaling $1.3 billion.
A Decrease in Total Losses
Despite these staggering figures, the total loss of $1.8 billion in 2023 actually represents a decrease of more than 52% compared to the previous year. In 2022, Chainalysis, another blockchain security platform, reported a much higher figure of $3.8 billion in stolen funds.
This data not only sheds light on the evolving landscape of cyber threats in the web3 domain but also highlights the critical need for enhanced security measures and vigilant monitoring to protect investors and uphold the integrity of the burgeoning digital economy.