Crypto and decentralized finance (DeFi) are continuing to function as a honeypot for criminals, as October saw yet more hacks and losses.
To date, 2023 has seen losses totaling $1.4 billion year-to-date across 292 incidents according to a report released by Immunefi.
Its latest October report reveals another painful month for the industry as criminals and hackers stole over $22 million in just 31 days. However, the losses were small fry compared to September, which saw $340 million taken across the digital asset space.
Of the $22 million lost last month, $16 million is attributable to 13 hacking incidents while $5.8 million stemmed from 13 fraud cases.
North Korean hacking group Lazarus was responsible for a staggering $208 million stolen in Q3 2023 , representing 30% of total losses for the quarter. Their high-stakes cyber raids targeted prominent platforms including CoinEx, Alphapo, Stake , and CoinsPaid.
The data signals that illicit actors are ramping up attacks, with this year’s massive haul driven primarily by large crypto heists. While 2023’s Q2 saw reasonably low losses at $59 million, the following quarter told a different story.
Q3 was plagued by exploits, with September’s huge losses and over $320 million in July. According to cybersecurity experts, a significant proportion of these incidents can be attributed to state-sponsored groups.
Decentralized finance (DeFi) remained prime hunting ground, accounting for all of October’s recorded losses while centralized exchanges (CeFi) were untouched. The chains bearing the biggest blows were Binance Smart Chain and Ethereum, which combined represented over 80% of stolen funds across targeted blockchains.
Across the month, BNB Chain suffered 11 incidents, whilst Ethereum fell victim to 9. Avalanche got away with just 2, whilst Polygon and Fantom both had just 1.
While the monthly losses in October 2023 represent a major dip from Q3’s carnage, Immunefi’s two latest reports cement an already concerning trend: the increasing involvement of Lazarus Group. The US government first sanctioned the North Korean-backed hackers in 2019. Since then, they’ve been responsible for 2 billion in losses in crypto alone.
As critics call for more robust security to protect users, developers are under pressure to reinforce vulnerabilities in both protocols and applications. However, the cat and mouse game continues, crypto holders should always seek out well-tested protocols. Here‘s a a full list of 2023’s hacks and exploits.