The crypto industry clocked up $572.7 million in losses due to hacks and scams during the second quarter of this year across 72 incidents so far, according to the latest report from web3 bug bounty and security services platform Immunefi.
The losses represent a 70.3% increase on the $336.3 million worth of exploits in Q1, and a 112% increase compared to Q2 2023, when hackers and fraudsters stole $265.5 million. More than $900 million has been stolen via hacks and fraud year-to-date, up by 24% compared with the same period last year, per Immunefi data.
With nearly $100 billion of total value locked in web3 protocols, according to DeFiLlama data, decentralized finance remains a primary target for hackers, accounting for 100% of the exploits identified by Immunefi in Q1. However, in Q2, centralized finance became the main target, accounting for 70% ($401.4 million) of losses in the quarter compared to 30% ($171.3 million) for DeFi.
The majority of the losses came from two exploits alone, accounting for a combined $360 million, or 62.8%, of the total. A $305 million exploit of Japanese cryptocurrency trading platform DMM Bitcoin, represented the largest attack, with a further $55 million stolen from Turkish crypto exchange BtcTurk on June 23.
May witnessed the highest monthly losses in Q2 overall at $358.5 million. In total, $28.7 million (5%) of the stolen funds in Q2 were recovered from four of the exploits: Bloom, ALEX Lab, Gala Games and YOLO Games.
“This quarter highlights how infrastructure compromises can be the most devastating hacks in crypto, as a single compromise can lead to millions in damages,” Immunefi founder and CEO Mitchell Amador said. “This was evident during this quarter, where losses surged primarily due to hacks targeting CeFi infrastructure, surpassing DeFi, despite a smaller number of hacks in that sector. Robust measures to safeguard the entirety of the ecosystem are crucial.”
Hacks dominate fraud with Ethereum and BNB Chain the most targeted networks
Hacks dominated the losses in Q2, accounting for 98.5% ($564.2 million) of the total across 53 incidents, compared to cases of fraud, scams and rug pulls at only 1.5% ($8.5 million) over 19 specific incidents.
Ethereum and BNB Chain were again the most targeted networks, as they were in Q1. Ethereum suffered the most individual attacks with 34 incidents, representing 46.6% of the losses on chains, followed by BNB Chain with 18 incidents, representing 24.7%. Arbitrum, Blast, Optimism, Solana, Polygon, Fantom, Linea, Mantle and TON made up the remainder of the incidents.
Earlier this month, Immunefi surpassed $100 million in ethical hacker and researcher payouts. The payouts span three years and result from over 3,000 bug bounty reports.
Immunefi claims to operate the largest blockchain security community with over 45,000 researchers, saving more than $25 billion in user funds across protocols like Polygon, Optimism, Chainlink, The Graph, Synthetix and MakerDAO from being stolen.
The highest white hat hacker bounty facilitated by Immunefi was a $10 million award for a vulnerability discovered in Wormhole’s cross-chain protocol.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Credit: Source link