Immunefi, a security provider for the Web3, issued a report on crypto losses due to hacks and fraud in 2022. The company, it reads, “analyzed all cases in which a blackhat hacker exploited various crypto protocols.” In total, there were 168 incidents. That’s about one every other day.
The losses that resulted are enormous: a total of $3.948 billion. Of that, 3.773 billion is due to hacks, and just shy of 175 million is due to fraud. Hacks are by far the strongest cause of losses.
The majority of losses fall on four projects: Ronin (625 million), BNB (570 million), Wormhole (326 million), and FTX (650 million). This makes the hackers’ revenues difficult to predict, since it is not the mass of successes but few but large hacks that matter.
It is possible that losses are recovered, but rarely happens. In 12 cases, a total of 204 million was recovered, about 5 percent of total losses.
Compared to 2021, the situation has improved: that year there were losses of just over $8 billion from hacks and scammers. So the total amount has halved.
But the composition has changed: in 2021, fraud still caused $5.763 billion in losses. This field completely collapsed in 2022, perhaps because the hype died down and the inexperienced and naive, but also greedy, capital left the market.
Conversely, hackers raged harder in 2022 than in 2021, and they targeted Decentralized Finance (DeFi) more than ever. That means projects and smart contracts that map financial services onto a blockchain. While DeFi frees users from dependence on fiduciary middlemen — it exposes them to great risk from hacks. DeFi accounted for just over 80 percent of losses. Compared to 2021, absolute losses from DeFi hacks increased from just over $2 billion to nearly $3.2 billion.
The blockchains most attacked in this regard were Ethereum and BNB. This is obvious as they are the two main smart contract blockchains. They were followed by Solana, Avalanche, and Polygon. This is also obvious, as these are also smart contract blockchains.
Experts do not expect the situation to ease in 2023. According to a report available to Cointelegraph, security firm Beosin expects DeFi protocols to become more stable but continue to attract hackers. As long as the interest in crypto remains high, the number of hackers will not decrease either, it said. Many DeFi protocols continue to go through inadequate security testing before launch, and new models, such as cross-chain bridges like Ronin, increase the danger.
The company HashEx states that hackers are “getting smarter, gaining more experience, and have learned how to find bugs.” Since the entire industry is still young and growing, it is difficult to gain an edge over hackers. The high value stashed in DeFi logs makes them very attractive to hackers — and that will remain the case in 2023, he said.