In November 2023, the crypto industry suffered its greatest monthly losses this year as hacks and frauds targeting decentralized finance (DeFi) and centralized finance (CeFi) increased. The ecosystem suffered a 15-fold increase in damages compared to October 2023, with almost $343 million lost. The information comes from a November 2023 crypto loss report.
Approximately $316.4 million was lost due to exploits alone, $45.5 million was lost due to flash loans, and $1.1 million was lost due to other exit scams, according to CertiK in a Nov. 30 X (previously Twitter) post.
Crypto hacks soar in Nov 2023
According to Immunefi’s most recent report, 296 occurrences of crypto hacking attempts and rug-pull scams have resulted in losses over $1.75 billion since the beginning of the year.
The target of crypto attacks shifted significantly in November, in particular. The total amounts lost on Centralized Finance (CeFi) platforms topped those lost on Decentralized Finance (DeFi) platforms this month, putting them at the forefront of hackers’ attention.
Throughout November, 37 incidents on DeFi protocols accounted for $158.6 million in losses, accounting for 46.2% of the total, while four big attacks on platforms such as Poloniex, HTX, and Kronos Research accounted for 53.8% of the total with $184.4 million in damages.
This distribution ratio differs from Immunefi’s third-quarter report, which stated that DeFi assaults accounted for 72.9% of losses.
Hack assaults continued to account for a sizable share of occurrences in November, with 18 incidents resulting in damages totaling more than $335 million, exceeding losses from fraud-related crypto attacks. According to the Immunefi team, 23 fraud events amounted to an overall loss of $7.5 million.
Meanwhile, the $45 million KyberSwap attack accounted for nearly all of the month’s damage from flash loan attacks. The most recent monthly amount has eclipsed a previous high of $329 million achieved in September, owing primarily to the $200 million Mixin Network attack.
BNB chain comes under attack
The BNB Chain and Ethereum ecosystems remained the most targeted blockchain ecosystems in November, accounting for 83% of total losses.
The BNB Chain ecosystem was the most attacked, with 22 instances accounting for 53.7% of the losses. The Ethereum ecosystem had 12 attacks, accounting for 29.3% of assets lost to hacker attacks. Other blockchains in the ranking of hack occurrences were Arbitrum, Optimism, Avalanche, Fantom, and Heco Chain.
Immunefi, as a vulnerability reporting tool, has paid out over $85 million in prizes and assisted in the recovery of over $25 billion in user cash for protocols like as Chainlink, The Graph, Synthetix, and MakerDAO. In September, the Immunefi team took the first move towards decentralizing the bug bounty platform by creating a reward system program.
Top 10 Crypto Hacks 2023 – The full list
With the last wave of exploits, the crypto sector has now lost over $1.75 billion in 2023 to crypto attacks and fraud. As protocols remain vulnerable, critics contend that lax security practices are limiting widespread adoption.
A flash loan assault cost Euler Finance, a DeFi protocol, $197 million on March 13, 2023. The attacker exploited Euler’s eToken function’s liquidity vulnerability to influence token conversions, causing many cryptocurrencies to decline and EUL token value to drop 45%.
Taipei-based crypto trading firm Kronos Research reported a $26 million security compromise on November 19, 2023. Due to unauthorized API key access, the firm halted trade while investigating. The implications hurt Woo Network, a trading platform that relies on Kronos Research for liquidity.
Angle Protocol lost $17.6 million indirectly due to Euler’s attack, affecting its Total Value Locked and necessitating risk management conversations.
July 6 saw a suspected “rug pull” compromise of the Multichain cross-chain bridge protocol. Due to Fantom, Dogecoin, and Moon River bridge losses, over $125 million in crypto was withdrawn, including wETH, wBTC, USDC, Dogecoin, and Tether.
Due to solvency check weaknesses, Platypus Finance lost $9.2 million from various stablecoin hacks.
A smart contract exploit cost Safemoon $9 million in SFM coins through liquidity pool drainage.
LendHub lost $6 million owing to a failed update that left a deprecated token.
Balancer, a popular Ethereum DeFi protocol, was alerted of a security problem on September 19, 2023. Balancer hasn’t acknowledged the loss, but estimations predict a $238,000 bitcoin theft.
The Philippine crypto exchange Coins.ph was hacked in 30 minutes, allowing a hacker to swap 12.2 million XRP tokens worth $6 million.
Over 22,628 USDT was lost after KuCoin’s official Twitter account was hacked.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan