Author: Qadir AK

2023 has been a pivotal year for the cryptocurrency industry, witnessing various security challenges and cyber threats. This report delves into the intricate details of the hacks and security breaches that have marked the year, offering a comprehensive analysis of trends, patterns, and the evolving nature of cyber threats in the crypto world. We aim to provide valuable insights for industry stakeholders, enhancing their understanding of the security landscape and facilitating informed decision-making.

Key Findings and Inferences

Introduction

The year has been a rollercoaster for the crypto industry, marked by unprecedented challenges and notable incidents that have tested the resilience of platforms, exchanges, and decentralized ecosystems. From the year’s inception to the closing chapters that witnessed a heightened defense against evolving cyber threats, this report aims to encapsulate the nuances, trends, and responses that shaped the year’s crypto security narrative.

Reflecting on 2023, our report highlights the lessons learned, progress made, and ongoing work to ensure a safer and more secure environment for the worldwide crypto community.

The Crypto Hacks that Left Us Stunned in 2023 

In the unruly world of cryptocurrency, hacking methods have continuously evolved with advancements in the crypto landscape. Interestingly, 2023 presented a silver lining: crypto thefts decreased significantly, reducing over 40% compared to the preceding year.

By November 2023, thefts amounting to $2.38 billion had been witnessed. While December remained a wildcard, there was optimism that the year would conclude with fewer incidents than the $3.80 billion stolen in 2022. This decline prompts a crucial question: What factors contributed to this downturn?

Behind the Decline: Factors at Play

Several experts point to three pivotal reasons for the reduced hack volumes in 2023:

Monthly Highlights: A Closer Look 

H1-2023

In the initial six months, we witnessed relatively few hacks. March stood out with a notable theft of $213 million, primarily due to the Euler finance breach, which accounted for a staggering 90% of that month’s theft at $197 million.

H2-2023

The latter part of the year painted a different picture. Months like July, September, and November saw a surge in significant breaches, collectively representing around 70% of the year’s total crypto theft.

November: Termed as the ‘Month of Hackers,’ was particularly tumultuous. The month recorded ten major breaches, amounting to $332 million. Prominent incidents included hacks on the Poloniex exchange, the Heco chain and HTX, the Kyber swap elastic breach, and the Kronos research incident, which resulted in a loss of $26 million

The Target of Choice: Ethereum 

The crypto landscape in 2023 continued a trend from previous years, with Ethereum bearing the brunt of hacker attention. As the most expansive network in the blockchain ecosystem, Ethereum experienced approximately 38% of the total crypto hacks by volume.

Following Ethereum, the Mixin network suffered a massive $200 million loss in a single breach, with other notable networks like Tron, Base, Arbitrum, and Avalanche also facing challenges.

Q3: A Peak in Crypto Hacks

The third quarter of 2023 stood out as the most tumultuous, witnessing thefts amounting to $567.69 million. This spike, constituting 24% of the annual thefts, was primarily attributed to breaches in networks like Mixin, Multichain, CoinEx, and Stake.com. 

In contrast, we reported the most minor activity in the second quarter, with only $180 million in thefts. The final quarter, spearheaded by November, was responsible for nearly all Q4 hacks, with major incidents involving Poloniex, Heco, and Huobi exchange.

Decoding Modern Hacker Tactics

Infrastructure-targeted attacks dominated in 2023, making up nearly 60% of the stolen amount. Among these, the most detrimental were private key compromises, where hackers infiltrate the core infrastructure of a cryptocurrency system—be it servers, networks, or software—to access funds or manipulate trades illicitly. 

Interestingly, breaches stemming from private key compromises yielded larger hauls on average compared to protocol and code-based exploits, which collectively represented a fifth of the hack volumes.

In a year-over-year comparison, 2023 saw a shift in the distribution of thefts. While 2022’s top ten hacks constituted nearly 70% of all stolen funds, 2023 witnessed the top five breaches accounting for over 35% of the losses. Noteworthy among these were attacks on Euler Finance (March), Multichain (July), Mixin Network (September), and Poloniex (November).

Additionally, protocol logic attacks became prevalent, particularly flash loan exploits like Price Oracle, reentrancy, governance, and specific function logic breaches. Alarmingly, numerous crypto financial entities—predominantly smaller ones—engaged in rug pull, abruptly withdrawing liquidity and leaving users to bear the brunt of the consequences.

Top Crypto Hacks of 2023: A Deep Dive

The year 2023 bore witness to several high-profile crypto breaches that shook the industry. Here’s a comprehensive look at the six most significant incidents.

1.   Multichain

Description: In July 2023, customer assets worth about $130 million were sent from cross-chain protocol Multichain’s account to an unknown wallet. The Multichain team later disclosed that the CEO Zhaojun was under the custody of the Chinese police since late May 2023. According to the team, the authorities confiscated Zhaojun’s computers, phones, hardware wallets, and mnemonic phrases. Multichain stopped its services on 7 July 2023 and gave no resumption estimates.

2.   Euler Finance

Description: On March 13, 2023, Euler Finance, a permissionless borrowing and lending protocol on Ethereum, was the victim of a flash loan attack. Euler Finance isn’t the first DeFi hack victim this year, but it is, unfortunately, the largest. At a whopping near-$200 million loss, hackers stole funds in USDC, wrapped Bitcoin (wBTC), staked Ether (stETH), and DAI, an algorithmic stablecoin maintained by MakerDAO.

On April 4th, Euler Labs tweeted that after a successful negotiation, the attacker returned all the funds stolen from the agreement on March 13th. A hack of this magnitude illustrates the ongoing threats to widely used DeFi protocols and the potential hacking abuses opened up by flash loans.

3.   Mixin Network

Description: Mixon Network, the peer-to-peer transaction provider, was hacked on the early morning of September 23 and revealed that the database of its cloud service provider was attacked, resulting in the loss of a substantial sum of assets on their main net. As per the official announcement, the amount of funds affected in the hack was 200 million dollars. The incident prompted Mixin Network to act immediately, suspending all withdrawal and deposit services.

4.   Atomic wallet

Description: Atomic Wallet, a centralized storage and wallet service, fell victim to the breach, resulting in the theft of $35-100 million worth of various tokens. The theft of cryptocurrencies worth at least $35 million, including bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), and polygon (MATIC) occurred.

Among the stolen assets, Tron-based USDT was reported to be the most considerable stash. Vulnerabilities like flawed cryptography, non-adherence to best practices, insufficient documentation, and incorrect use of the Electron framework all potentially led to the hack.

5.   Poloniex Exchange

Description: On November 10, an unknown hacker targeted the cryptocurrency exchange Poloniex and stole a substantial amount in various altcoins, spreading the funds across different wallets. The exchange wallet was disabled for maintenance, and it has been revealed that assets worth over $100 million were stolen. The hackers transferred large amounts of USDT, BTC, USDD, and USDC to other addresses before the wallet was disabled.

6.   Heco Bridge and HTX

Description: The DeFi world was shaken by a sophisticated exploit targeting the Heco chain bridge, resulting in a loss of $87 million. The attack didn’t stop there; HTX’s (formerly Huobi) hot wallets were also compromised, leading to a $12 million theft. The attack was carried out by transferring assets to externally owned accounts (EOAs) and swapping them for Ethereum (ETH).

Prioritizing Security in DeFi

The DeFi landscape, with its promise of decentralization and financial inclusivity, hinges on one crucial factor: trust. Security, therefore, isn’t just an operational necessity—it’s the bedrock upon which confidence is built. Here’s why:

1. Advanced Encryption and Multi-factor Authentication:

2. Proactive Security Audits:

Regular audits aren’t just a regulatory checkbox—they’re proactive steps to root out vulnerabilities. Identifying and patching potential weak spots before they’re exploited is pivotal in maintaining trust.

Best Practices for Individual Security

For users navigating the vast realm of cryptocurrencies, here are some golden rules:

Wrapping Up

As we conclude this year’s hack report, the landscape of cyber threats remains dynamic and ever-evolving. The documented incidents emphasize the critical importance of cybersecurity measures for individuals and organizations. With the continuous advancements in hacking techniques, it is evident that vigilance, proactive security protocols, and user education are vital in safeguarding against cyber threats. 

As we progress, a collective commitment to fortifying digital defenses, staying informed about emerging threats, and fostering a cybersecurity-conscious culture will be instrumental in mitigating the risks posed by an increasingly sophisticated and persistent cyber threat landscape.