2023 saw a total of $1.8 billion lost to Web3 hackers and scammers, according to a Dec. 28 report from blockchain security platform Immunefi. 17% of the losses i attributed to the North Korea-linked Lazarus Group, the report stated.
The biggest hack of the year in terms of losses was peer-to-peer trading platform Mixin Network, which resulted in over $200 million of losses to crypto investors. In second place was the $197-million exploit of lending platform Euler Finance, and in third was the $126-million hack of cross-chain bridge protocol Multichain.
According to the report, approximately $309 million of losses have been identified by law enforcement as being associated with the Lazarus Group, a cybercriminal organization with ties to the Democratic People’s Republic of Korea, also known as North Korea. These losses include those from the Atomic Wallet hack ($100 million), CoinEx ($70 million), Alphapo ($60 million), Stake, CoinsPaid and others.
Related: Atomic Wallet faces lawsuit over $100M crypto hack losses: Report
The vast majority of funds lost were from hacks rather than fraud. Only $103 million was lost from clearly identifiable fraud schemes, such as rug pulls, whereas over $1.6 billion was lost from hacks and exploits. The majority of losses — $1.3 billion — came from protocols claiming to be decentralized. Only $409 million was lost from centralized finance (CeFi) crypto protocols, the report stated.
The $1.8 billion in losses appears to represent a more than 52% decline from the previous year, when blockchain security platform Chainalysis reported over $3.8 billion in stolen funds.