Web3 Security Incidents Led to $890 Million Losses in Q3 2023: Report
In Brief
The Web3 sector grappled with a staggering total loss of approximately $890 million in Q3 of 2023.
Among these incidents, 43 cyberattacks took place, causing a combined loss of around $540 million.
In the third quarter of 2023, the Web3 sector grappled with a staggering total loss of approximately $890 million. This revelation comes from a monitoring conducted by Beosin EagleEye, a subsidiary of the blockchain security audit firm Beosin.
According to the company’s new Q3 2023 Global Web3 Security report, the losses were a result of hacker attacks, phishing scams and project side Rug Pulls, underscoring the increasing vulnerability of Web3 ventures.
Among these incidents, 43 cyberattacks took place, causing a combined loss of around $540 million. Concurrently, phishing scams drained victims of approximately $66.15 million, while 81 Rug Pull incidents on various projects culminated in losses totaling roughly $280 million.
The comprehensive breakdown of losses in the Web3 sector during Q3 2023 is as follows:
Hacker Attacks: A total of 43 hacker attacks led to staggering losses of approximately $540 million.
Phishing Scams: The sector grappled with phishing scams that drained approximately $66.15 million.
Rug Pull Incidents: A striking 81 project-related Rug Pull incidents resulted in cumulative losses of about $280 million.
Targeted Project Types: DeFi Prevails
The report data revealed that the decentralized finance (DeFi) sector remained the prime target, accounting for 29 of the reported attacks, which constituted a significant 67.4% of the total incidents.
Among the diverse project types, public chains suffered the most substantial losses. Ethereum, in particular, bore the brunt, with a staggering $227 million in losses, securing its position as the most heavily impacted chain platform. Ethereum also reported the highest number of security incidents, tallying at 16.
Funds Flow to Hacker Addresses
Examining the attack vectors, private key leaks emerged as the most damaging, resulting in losses of $223 million during the quarter. Alarmingly, a substantial portion of the pilfered funds, $360 million (equivalent to 67%), remained nestled in the hands of hackers, highlighting the challenges of fund recovery.
Moreover, only 10% of stolen assets were successfully retrieved during this period
Audit Status Remains a Concern
A pertinent issue is the audit status of these projects. Surprisingly, audited and unaudited projects featured almost evenly in the statistics, with 48.8% subjected to audits and 46.5% operating without such scrutiny. This suggests that even audited projects were not immune to the ever-evolving tactics employed by malicious actors in the Web3 landscape.
The major loss of $890 million due to security issues paint a stark picture of the challenges faced by this burgeoning sector, with DeFi as a primary target and Ethereum suffering the brunt of these attacks. Furthermore, the dearth of fund recovery and the persistent threat to audited projects underscore the pressing need for enhanced security measures in the Web3 ecosystem. The industry now faces the imperative challenge of fortifying its defenses against an evolving array of cyber threats.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Victor is a Managing Tech Editor/Writer at Metaverse Post and covers artificial intelligence, crypto, data science, metaverse and cybersecurity within the enterprise realm. He boasts half a decade of media and AI experience working at well-known media outlets such as VentureBeat, DatatechVibe and Analytics India Magazine. Being a Media Mentor at prestigious universities including the Oxford and USC and with a Master's degree in data science and analytics, Victor is deeply committed to staying abreast of emerging trends. He offers readers the latest and most insightful narratives from the Tech and Web3 landscape.
More articles
Victor is a Managing Tech Editor/Writer at Metaverse Post and covers artificial intelligence, crypto, data science, metaverse and cybersecurity within the enterprise realm. He boasts half a decade of media and AI experience working at well-known media outlets such as VentureBeat, DatatechVibe and Analytics India Magazine. Being a Media Mentor at prestigious universities including the Oxford and USC and with a Master's degree in data science and analytics, Victor is deeply committed to staying abreast of emerging trends. He offers readers the latest and most insightful narratives from the Tech and Web3 landscape.
