Over the course of 2023, crypto users lost $1.8 billion in various hacks, exploits, scams and rug pulls, bug bounty platform Immunefi said in a report published on Thursday. While that's a 54% decrease from the $3.9 billion the industry lost in 2022, the number of single incidents increased 90% from 168 in 2022 to 319 in 2023.
The third quarter of the year proved to be the most disastrous, accounting for a third of all losses registered during the year. In terms of monthly numbers, the highest losses were seen in November ($343 million), September ($340 million) and July ($320 million).
A total of $1.6 billion was lost as a result of hacks in 247 incidents mostly connected to decentralized finance platforms, while fraud accounted for $103 million lost in 110 incidents, according to the report.
Immunefi said that 13.5% of the stolen funds, or around $231.7 million, had been recovered in 19 cases.
Most attacked blockchains
BNB Chain and Ethereum are consistently the most attacked blockchains, accounting for more than half of the total losses. According to Immunefi, 131 incidents involved BNB Chain-based projects, and 91 incidents were seen on Ethereum. They were followed by Polygon with ten incidents, and Avalanche with six.
North Korea's Lazarus Group got away with $308.6 million of funds stolen from various projects in 2023, which is 17.4% of the total losses seen during the year. The group is believed to be behind the attacks on Atomic Wallet, CoinEx, Alphapo, Stake and CoinsPaid.
Other notable incidents in 2023 included attacks on Mixin Network ($200 million), Euler Finance ($197 million), Multichain ($126 million), Poloniex ($126 million), and BonqDAO ($120 million), Immunefi said.