As 2023 comes to an end, the crypto market has seen a remarkable recovery for Bitcoin and other digital assets from the depths of the brutal bear market. However, the shadow of cryptocurrency hacks still looms large, with nearly $2.4 billion stolen throughout the year.
Blockchain security and analysis company Certik reported that Q3 witnessed the highest number of hacks, with almost $700 million stolen across 184 known incidents. Surprisingly, this figure surpassed the combined losses of Q1 and Q2, indicating an alarming trend.
Overview of Crypto Hacks in 2023
SlowMist identified 450 confirmed hacks in 2023, with decentralized protocols on Ethereum and BNB Smart Chain being the primary targets. Many of these platforms, built on open-source software, promote transparency but also expose potential vulnerabilities exploitable by malicious actors.
Challenges Faced
Faced with minimal legal repercussions and the prospect of retrospective bug bounty offers, individuals with technical expertise are enticed to misuse their skills. Unfortunately, this has resulted in a red target on the back of insecure cryptocurrency exchanges, platforms, protocols, and users who bear the brunt of these attacks.
Worst Hacks of 2023
Kyber Network: $54.7 Million
In November 2023, Kyber Network experienced a security incident where an attacker exploited a vulnerability related to liquidity, stealing approximately $54.7 million from KyberSwap Elastic. The hacker demanded control of Kyber Network, leading to a 90% drop in the platform’s Total Value Locked (TVL).
Curve: $73.5 Million
Curve faced another exploit in July 2023 when an attacker took advantage of a faulty recursive lock, draining $73.5 million from its Vyper 0.02.15 stablecoin pools. The hacker accepted a 10% retroactive whitehat bounty, returning a significant portion of the stolen funds.
Euler Finance: $197 Million
In a bizarre event, Euler Finance suffered a $197 million hack in March 2023. The hacker employed an intricate flash loan attack but returned all recoverable funds after the Euler team traced and communicated with them.
Mixin Network: $200 Million
Mixin Network, designed for cross-chain trading, experienced a catastrophic cloud service-based attack, resulting in a $200 million loss. Mixin plans to refund up to 50% of the stolen assets, with the rest covered by “tokenized liability claims.”
Multichain Bridge: $126 Million
Multichain, a popular cross-chain bridge protocol, fell victim to a $126 million hack on July 7, 2023. The origin of the hack remains unidentified, and suspicions suggest it might have been an inside job, given the CEO’s disappearance earlier in the year.
Atomic Wallet: $100 Million+
In June 2023, Atomic Wallet, a prominent self-custody wallet, suffered a major breach, leading to over $100 million in losses. Lazarus, a North Korean hacking group, was allegedly responsible. The exact cause remains unclear, but several potential options, including insufficient entropy and supply chain attacks, have been suggested.
Stake: $41 Million
Stake, a well-known crypto gambling platform, faced a sophisticated breach in September 2023, resulting in a $41 million loss. Unlike other attacks, this one did not affect customer funds but breached a hot wallet designated for paying out large wins.
Conclusion: Staying Safe in the Crypto Space
Given the decentralized nature of the crypto industry, users must prioritize self-custody solutions and stay informed about security practices. As the industry evolves, vigilance and proactive measures are crucial to ensure the safety of digital assets.
To enhance the security of your funds, explore resources and adopt best practices to protect yourself from potential hacks and scams.