Web3 protocols losses to hacks and exploits during the second quarter plunged 58% to $313.5 million from $745 million stolen around the same period last year, according to a CertiK report shared with CryptoSlate.
“The decrease in funds lost to cybersecurity breaches suggests that the Web3 industry’s technical defenses and security protocols are becoming more effective,” CertiK told CryptoSlate in a statement. “Cryptocurrency exchanges, blockchain networks, and individual developers are likely implementing more robust security measures and investing in areas like threat detection, vulnerability management, and incident response.”
Compared to the first quarter of this year, the total losses represent a slight drop from the $330 million recorded.
2023 Q2 saw 212 incidents average $1.5M loss
The CertiK report stated that there were 212 security incidents during the second quarter, leading to an average loss of $1.5 million.
According to the report, April and June were particularly busy for the bad actors, as both months recorded more than 70 incidents that led to over $100 million in losses, respectively.
Meanwhile, May saw the least number of exploits at 63 incidents, and its losses were pegged at $74.6 million.
Increase in exit scams
CertiK reported that most security incidents in the second quarter were exit scams, known as rug pulls. A rug pull is a scam in which a team unexpectedly abandons the project and sells all its liquidity after accepting investor funds.
During the period, bad actors rug-pulled 98 projects to steal $70.35 million. This represents more than double the $31 million lost to the same scam during the first quarter.
Some major exit scams of the quarter include Morgan DF Fintoch, which stole over $30 million, and Ordinals Finance and Chibi Finance, which stole roughly $1 million, respectively.
Meanwhile, flash loans/oracle manipulation accounted for 54 incidents and $23.7 million stolen. Security breaches tagged as “others” resulted in a loss of $219.5 million.
Malicious players target BNB Chain projects
Across blockchain networks, the CertiK report noted that crypto projects on the BNB Chain are increasingly becoming an attractive target for exploits. The blockchain security firm stated that 119 security incidents involving the network led to $70.7 million.
By comparison, Ethereum (ETH) recorded 55 security breaches, leading to $66 million in losses. Arbitrum saw 14 exploits with $14.1 million in losses, and the five exploits on Multichain resulted in a loss of $10.2 million. Avalanche (AVAX) and Polygon (MATIC) recorded five incidents that led to $2.4 million in losses.
However, $150.3 million was stolen from other chains and off-chain events in 19 incidents. The $100 million exploit of Atomic Wallet is responsible for most of this loss, and it is also the most significant individual exploit in the quarter.