Web3 protocol losses due to hacks and exploits fell 58% to $313.5 million in the second quarter, compared to $745 million stolen around the same period last year, according to a CertiK report shared with CryptoSlate.
“The decrease in money lost to cybersecurity breaches suggests that the Web3 industry’s technical defenses and security protocols are becoming more effective,” CertiK told us. CryptoSlate in a statement. “Cryptocurrency exchanges, blockchain networks and individual developers are likely to implement more robust security measures and invest in areas such as threat detection, vulnerability management and incident response.”
Compared to the first quarter of this year, total losses represent a slight decrease from the $330 million recorded.
In the second quarter of 2023, there were 212 incidents with an average loss of $1.5 million
The CertiK report stated that 212 security incidents occurred in the second quarter, resulting in an average loss of $1.5 million.
According to the report, April and June were particularly busy for bad actors, as both months saw more than 70 incidents resulting in more than $100 million in losses respectively.
Meanwhile, May saw the fewest number of exploits: 63 incidents, and losses were estimated at $74.6 million.
Increase in exit scams
CertiK reported that most security incidents in the second quarter were exit scams known as ‘back pulls’. A rug pull is a scam in which a team unexpectedly leaves the project and sells all its liquidity after accepting investor funds.
During the period, bad actors landed 98 projects to steal $70.35 million. This represents more than double the $31 million lost to the same scam in the first quarter.
Some major exit scams of the quarter include Morgan DF Fintoch, which stole more than $30 million respectively, and Ordinals Finance and Chibi Finance, which stole around $1 million respectively.
Meanwhile, flash lending and oracle manipulation were responsible for 54 incidents and $23.7 million was stolen. Security breaches tagged as “others” resulted in a loss of $219.5 million.
Malicious players target BNB Keten projects
Within blockchain networks, the CertiK report noted that crypto projects on the BNB chain are increasingly becoming an attractive target for exploits. The blockchain security company stated that 119 security incidents involving the network resulted in a loss of $70.7 million.
By comparison, Ethereum (ETH) recorded 55 security breaches, leading to $66 million in losses. Arbitrum saw 14 exploits with $14.1 million in losses, and the five exploits on Multichain resulted in a loss of $10.2 million. Avalanche (AVAX) and Polygon (MATIC) recorded five incidents that led to $2.4 million in losses.
However, in 19 incidents, $150.3 million was stolen from other chains and off-chain events. The $100 million Atomic Wallet exploit is responsible for the majority of this loss, and it is also the top individual exploit in the quarter.