Q1 Crypto Attacks Up, Money Lost Is Down: Report
Though total losses are down 64% from 2022’s first quarter, the number of attacks has risen to its highest level in past two years, Immunefi data shows
Brian A Jackson/Shutterstock modified by Blockworks
The number of crypto attacks spiked during the first quarter, though the total losses accumulated over the span are down, according to a report by Web3 security platform Immunefi.
The two major exploits during the first three months of 2023 — ones that targeted Euler Finance and BonqDAO — accounted for $317 million of the $477 million seen during the quarter.
The $477 million of crypto losses was considerably lower than the first quarter of 2022, in which roughly $1.2 billion was lost, according to Immunefi.
“Projects have significantly increased their security measures through audits and bug bounties, but blackhats have kept pace,” Immunefi CEO Mitchell Amador said in a statement. “Losses are currently down, but mostly because the amount of funds in crypto has decreased, making hacks less devastating.”
Despite the drop in losses, the number of incidents has risen from 25 in 2022’s first quarter to 73 in the first three months of 2023. This increase reflects the highest quarterly activity the sector has seen in the past two years, Immunefi data shows.
The nearly 200% year-over-year increase could be “a random anomaly,” Immunefi communications lead Jonah Michaels told Blockworks. Or, he added, it could be a result of lower prioritization of security during the bear market and a growing hacker community attracted to the possibility of big gains.
“In the Web2 world, blackhats fight over databases of credit cards and other information that can be difficult to monetize,” Michaels said. “In the Web3 world, blackhats can steal hundreds of millions in the blink of an eye. It’s not hard to understand why they might be attracted to Web3.”
The most targeted chains
BNB Chain is the most targeted chain, with 33 incidents last quarter. Ethereum followed with 22 incidents.
Adrian Hetman, Immunefi’s tech lead triager, said BNB Chain “lacks a security-first approach and attracts many users looking for a quick way to earn money.”
Attackers exploited BNB Chain last October for $100 million. While decentralized chains are not designed to be stopped, according to a BNB Chain statement at the time, it sought to limit the damage by contacting community validators one by one to halt transactions. The blockchain added it was seeking to expand the validators to boost further decentralization.
A BNB Chain spokesperson did not immediately return a request for comment Tuesday.
Arbitrum, which had no incidents in last year’s first quarter, endured eight incidents in the months leading up to the launch of its ARB token, followed by Polygon and Optimism with five and three incidents, respectively.
“This quarter should reinforce the importance of security,” Michaels told Blockworks. “To projects, we would recommend they hire someone to focus on security full-time. To whitehat hackers, we would recommend that they double down on their efforts to responsibly disclose bugs before blackhats get their first.”
A rise in recovery
Euler was hit with a flash loan attack last month in what amounted to a $200 million exploit.
The recovery of $177 million by Euler Finance and about $250,000 by SperaxUSD represent roughly 40% of the total losses endured during the first quarter.
The recovery level is nearly equal to how much was recovered in all of 2022, making up about 5% of the nearly $4 billion lost last year.
Euler notified its community Tuesday that additional funds had been returned, bringing the recovery totals up to about $200 million.
“A plan for the restoration of user assets will be laid out in the coming days for review and consideration by the Euler community,” according to a company statement.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: Unpacking crypto and the markets.
- Empire: Crypto news and analysis to start your day.
- Forward Guidance: The intersection of crypto, macro and policy.
- 0xResearch: Alpha directly in your inbox.
- Lightspeed: All things Solana.
- The Drop: Apps, games, memes and more.
- Supply Shock: Bitcoin, bitcoin, bitcoin.
