Q1 Crypto Attacks Up, Money Lost Is Down: Report

Though total losses are down 64% from 2022’s first quarter, the number of attacks has risen to its highest level in past two years, Immunefi data shows


Brian A Jackson/Shutterstock modified by Blockworks


The number of crypto attacks spiked during the first quarter, though the total losses accumulated over the span are down, according to a report by Web3 security platform Immunefi.

The two major exploits during the first three months of 2023 — ones that targeted Euler Finance and BonqDAO — accounted for $317 million of the $477 million seen during the quarter. 

The $477 million of crypto losses was considerably lower than the first quarter of 2022, in which roughly $1.2 billion was lost, according to Immunefi. 

“Projects have significantly increased their security measures through audits and bug bounties, but blackhats have kept pace,” Immunefi CEO Mitchell Amador said in a statement. “Losses are currently down, but mostly because the amount of funds in crypto has decreased, making hacks less devastating.”

Despite the drop in losses, the number of incidents has risen from 25 in 2022’s first quarter to 73 in the first three months of 2023. This increase reflects the highest quarterly activity the sector has seen in the past two years, Immunefi data shows.

The nearly 200% year-over-year increase could be “a random anomaly,” Immunefi communications lead Jonah Michaels told Blockworks. Or, he added, it could be a result of lower prioritization of security during the bear market and a growing hacker community attracted to the possibility of big gains.

“In the Web2 world, blackhats fight over databases of credit cards and other information that can be difficult to monetize,” Michaels said. “In the Web3 world, blackhats can steal hundreds of millions in the blink of an eye. It’s not hard to understand why they might be attracted to Web3.” 

The most targeted chains

BNB Chain is the most targeted chain, with 33 incidents last quarter. Ethereum followed with 22 incidents.

Adrian Hetman, Immunefi’s tech lead triager, said BNB Chain “lacks a security-first approach and attracts many users looking for a quick way to earn money.”

Attackers exploited BNB Chain last October for $100 million. While decentralized chains are not designed to be stopped, according to a BNB Chain statement at the time, it sought to limit the damage by contacting community validators one by one to halt transactions. The blockchain added it was seeking to expand the validators to boost further decentralization.

A BNB Chain spokesperson did not immediately return a request for comment Tuesday. 

Arbitrum, which had no incidents in last year’s first quarter, endured eight incidents in the months leading up to the launch of its ARB token, followed by Polygon and Optimism with five and three incidents, respectively.

“This quarter should reinforce the importance of security,” Michaels told Blockworks. “To projects, we would recommend they hire someone to focus on security full-time. To whitehat hackers, we would recommend that they double down on their efforts to responsibly disclose bugs before blackhats get their first.”

A rise in recovery

Euler was hit with a flash loan attack last month in what amounted to a $200 million exploit. 

The recovery of $177 million by Euler Finance and about $250,000 by SperaxUSD represent roughly 40% of the total losses endured during the first quarter. 

The recovery level is nearly equal to how much was recovered in all of 2022, making up about 5% of the nearly $4 billion lost last year. 

Euler notified its community Tuesday that additional funds had been returned, bringing the recovery totals up to about $200 million. 

“A plan for the restoration of user assets will be laid out in the coming days for review and consideration by the Euler community,” according to a company statement.

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

Mon - Wed, March 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience: Attend expert-led panel discussions and fireside chats Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts.

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Top Icon.png


Osmosis thrived in H2 2023 on the back of increased DeFi activity deriving from recently launched Cosmos-related projects and better market conditions. With new value accrual mechanisms for the native token, Osmosis is well-positioned to continue its strong performance in 2024.



Though the opposing flow trend is likely to slow over time, industry watchers note, bitcoin fund assets could one day eclipse the $90 billion gold ETF space


Celestia had the first mover advantage. EigenDA has staked ether. What sets Avail apart?


Bitcoin moved 1% higher Monday morning in New York, Matrixport analysts say $62,000 could happen next month


It’s hard to believe right now that crypto — even with all of its flexibility and massive capabilities — could ever be like cash on the internet


Michael Saylor announced Monday morning that MicroStrategy bought 3k more bitcoin after the X account was compromised over the weekend


Plus, Pudgy Penguins grows its brand and a group of Autoglyphs sell for $14.5 million