The Crypto Industry Sees a Decline in Hack Volumes in 2023
The crypto industry has faced challenges from hacks and protocol exploits over the years, and this trend continued into 2023. However, there was some good news: hack volumes fell by over 50% compared to the previous year. According to TRM Labs, the amount of cryptocurrency funds stolen by hackers in 2023 was estimated at $1.7 billion, less than half of the $4 billion recorded in 2022.
Despite the decrease in overall losses, individual projects still suffered significant thefts. Several high-profile hacking incidents occurred throughout the year, affecting prominent entities such as Multichain, Euler Finance, Mixin Network, and Atomic Wallet.
Mixin Network — $200 million
Mixin Network, a Hong Kong-based crypto project, experienced the largest crypto exploit of the year when hackers stole $200 million from users’ hot wallets. It is believed that the hackers gained access to users’ accounts through a database attack on Mixin’s cloud service provider.
Euler Finance — $197 million
In a vivid display of vulnerability, lending protocol Euler Finance lost $197 million worth of crypto due to an exploit. The hacker manipulated exchange rates between Euler-issued stablecoins to siphon funds from the protocol.
Multichain — $125 million
Cross-chain bridge Multichain suffered an exploitation that resulted in $125 million being stolen across different blockchains it supported. The exact cause of the hack remains unclear, but it is suspected that private keys were compromised due to code vulnerabilities.
Poloniex — $120 million
In November, hackers suspected to be part of the North Korean Lazarus Group stole $120 million from Poloniex’s hot wallets by gaining access to private keys. Trading and withdrawals were halted, and the exchange plans to reimburse affected users.
Atomic Wallet — $100 million
Crypto wallet app Atomic had its user wallet accounts emptied when hackers stole over $100 million worth of assets. The cause of the incident remains unclear, but it is suspected that code vulnerabilities flagged by security analysts may have played a role. The North Korean hacking association Lazarus Group was implicated in this attack.
Heco Bridge, HTX — $99 million
The primary cross-chain bridge on Heco suffered an exploit that resulted in the theft of over $86 million in various cryptocurrencies. The attacker manipulated the smart contract code of the bridge, allowing them to mint unauthorized tokens and transfer them out. HTX also lost $12 million from its hot wallet.
Curve — $73 million
Curve Finance, one of DeFi’s largest decentralized exchanges, fell victim to an attack that resulted in hackers stealing around $73 million in crypto assets. The attack exploited a vulnerability in the Vyper programming language used by Curve, allowing funds to be drained through a reentrancy attack. The Curve team patched the vulnerability and recovered 70% of the stolen funds.
CoinEx — $55 million
Hong Kong-based centralized cryptocurrency exchange CoinEx reported a hack where hackers stole over $55 million from its hot wallets. The incident was connected to a separate theft at the betting platform Stake.com, which was linked to the North Korean Lazarus hacking group.
KyberSwap — $54 million
Decentralized exchange aggregator KyberSwap experienced an exploit that led to the theft of around $54 million in crypto. The exploit was due to a vulnerability in the tick interval boundaries of Kyber’s concentrated liquidity pools, allowing the hacker to drain its value. The team recovered some of the funds and offered a white hat bounty to the hacker.
Stake.com — $41 million
Betting platform Stake.com suffered a likely private key exploit that resulted in the theft of $41 million worth of cryptocurrencies. The FBI attributed the attack to Lazarus based on its analysis of the addresses receiving stolen funds.
Hot Take: Crypto Industry Sees Decrease in Hacks, but Individual Projects Still Vulnerable
In 2023, the crypto industry experienced a decline in hack volumes compared to the previous year. While this is
By
By
By
By
By