Crypto projects lost nearly $889 million to hacks, phishing scams, and rug pulls during the third quarter, blockchain security firm Beosin revealed in its Global Web3 Security Report.
According to the report, crypto investors lost $282.96 million to rug pulls across 81 incidents, while phishing schemes generated $66.15 million in ill-gotten gains during the same quarter.
The biggest hit came from hacks where 43 crypto projects suffered security breaches that led to the loss of $540.16 million. During the period, CryptoSlate reported notable hacks of different crypto projects, including the $200 million hack of Mixin Network, the $73 million exploit of Curve Finance, and the $8 million HTX lost to a hot wallet compromise.
This marks a significant upsurge compared to the cumulative losses of the first half of the year, totaling $330 million during the first quarter and a slight increase to $333 million by the year’s second quarter.
The report was published in collaboration with other members of the blockchain alliance, including Footprint Analytics and SUSS NiFT.
Malicious players keep targeting DeFi projects.
Beosin revealed that decentralized finance (DeFi) projects suffered the most hacks during the period, with around 67% of the breaches targeting platforms in the sector. However, it’s essential to note that other sectors, such as blockchains, payment platforms, exchanges, casinos, and infrastructure, also suffered hacking incidents during the period.
Despite malicious players’ penchant for targeting DeFi projects, public blockchains recorded the highest monetary loss because of the $200 million breach of Mixin Network. This single breach accounts for 37% of the total losses for the quarter and is the most significant crypto loss of this year.
Meanwhile, Beosin wrote that the Ethereum blockchain suffered the most losses and incidents during the period. It said:
“Ranked by number of attacks, the top 5 chains with the most security incidents were: Ethereum (16 times), BNB Chain (10 times), Arbitrum (3 times), BTC (2 times), and Base (2 times).”
Most exploits were preventable
Interestingly, nearly half of the attacked projects (46.5%) had not undergone any security audits. Beosin added that 14 (63.6%) of the 22 projects attacked due to contract vulnerabilities had never been audited.
This highlights that many of these exploits could have been prevented had projects taken the necessary precautions to conduct audits and address vulnerabilities.
Regrettably, only 10% of the stolen funds were successfully recovered, leaving a substantial sum of approximately $800 million unaccounted for, underscoring the challenges of retrieving stolen crypto assets.
Credit: Source link