According to Foresight News, blockchain security company Halborn released a security report that analyzed the top 100 DeFi hacking incidents between 2016 and 2023, with a cumulative amount of US$7.35 billion, most of which occurred on Ethereum, BNB Chain, and Polygon. On-chain hacking attacks, including smart contract exploits, price manipulation, and governance attacks, are the most common, but off-chain attacks such as private key theft account for 29% of the total attacks and 34.6% of the stolen funds.

Halborn also warned that most on-chain attacks occur on unaudited protocols, and only 20% of hacked protocols are audited. Lack of incorrect input validation in the protocol is indeed the main reason for losses caused by smart contract exploitation. Cross-chain bridges remain a key attack vector for bad actors, and protocols should "carefully review the code" before releasing using cross-chain bridges.