According to Cyvers Alerts system monitoring, BNB ecological DeFi protocol Channels Finance has a large number of suspicious transactions, and suspicious addresses have deployed multiple malicious contracts and depleted user funds.

Orbit Chain, a cross-chain bridge project, suffered a cyberattack resulting in the theft of over $80 million from its bridge. The project reported that the stolen funds, which include ETH and DAI, remain unmoved and that it is working with law enforcement agencies and blockchain security firms to recover them. Orbit Chain has yet to release a full account of the exploit, but it has requested that crypto exchanges freeze the stolen assets and is utilizing all available methods to track down the hackers. There is speculation that North Korean hackers could be behind the attack, and U.S. Senator Elizabeth Warren has called for the Bank Secrecy Act to be updated to address the threat posed by crypto.

SlowMist founder Yu Xian tweeted that Orbit Bridge suffered a loss of at least $81.5 million. Preliminary analysis suggests that it was not a direct theft of private keys (although this possibility cannot be completely ruled out), but rather a vulnerability in the bridge or related centralized server that allowed attackers to deceive these private keys (7/10) to withdraw. Yu Xian also stated that the hacker's address can be viewed and pointed out that the hacker was preparing two days ago.

OKLink's 2023 Security Incident Report shows that there were more than 520 publicly reported security incidents in the blockchain ecosystem in 2023, resulting in losses of over 1.7 billion USD, a decrease of about 54% from 2022's 3.728 billion USD. This decrease is due to the improvement of the global regulatory system and breakthroughs in on-chain security technology. Of these incidents, 485 were related to DApps, DeFi, NFTs, and other security incidents, while 8 were related to exchanges, 10 were related to public chains, 9 were related to wallets, and 14 were related to other types of incidents.Some of the larger security incidents resulting in losses included: Euler Finance, an Ethereum lending protocol, was hacked in March, resulting in losses of approximately 197 million USD; Atomic Wallet was hacked in June, resulting in losses of over 100 million USD; Mixin Network was attacked in September, resulting in losses of 200 million USD; and Poloniex, a trading platform, had approximately 125 million USD stolen due to private key leaks in November.In addition, social media platforms such as Twitter and Discord became hotspots for scams and phishing incidents, with a total of 519 such incidents occurring in 2023. For example, in September, Ethereum founder Vitalik's Twitter account was hacked, resulting in the theft of over 690,000 USD in assets.

According to Pai Shield monitoring, the attacker address starting with 0xd82e will sell the stolen INSC (ins-20) NFT and exchange it for 2 ETH. Earlier, multiple X users claimed that the INSC (ins-20) contract may have vulnerabilities and their INSC was stolen. The GoPlus Chinese community reminded that there are vulnerabilities in the INSC NFT contract, and multiple hackers used them to steal NFTs and transfer them to Blur and OpenSea for sale. Users should immediately stop interacting with the project contract.

According to the latest data compiled by Immunefi, cryptocurrency users lost a total of $1.8 billion in 2023 due to hacker attacks and scams.

Levana Protocol, a sustainable trading platform in the Cosmos ecosystem, was hacked and lost over $1.1 million. A post-incident report provided by the team showed that the attacker was able to withdraw 10% of Levana's liquidity pool between December 13th and December 26th.

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.

According to a report by security app De.Fi, cryptocurrency users lost nearly $2 billion to scams, rug pulls, and hacks in 2023, which is roughly half of the amount lost in the previous year. The reduction is largely attributed to improved security protocols, increased awareness within the community, and decreased activity in the market. However, the industry remains susceptible to security risks, as evidenced by the losses incurred by Ethereum, BNB Chain, zkSync Era, and Solana, among others. The most damaging attacks were access control exploits, followed by flash-loan attacks and exit scams.

According to crypto security firms, hackers have stolen around $2 billion in crypto this year, which is a decrease from previous years. The thefts occurred across dozens of cyberattacks and thefts, with the largest incident being the breach of the Ronin network in 2022, where hackers stole more than $600 million in crypto. Despite the decrease in thefts, the persistent vulnerabilities and challenges within the DeFi ecosystem are still evident. With poor security implemented by many crypto and web3 projects, it is expected that hackers will continue to target the growing industry.