November 2023 has etched its name as the grimmest chapter in the crypto industry this year, witnessing a staggering $363 million drained due to an alarming surge in hacking incidents. This record-breaking figure stands as the highest monthly loss, painting a bleak picture of the sector’s security and stability.
The disheartening statistics came from a comprehensive report released in late November 2023 outlining the grave consequences of an onslaught of exploits, flash loans, and exit scams. CertiK’s November 30 disclosure underscored that exploits alone accounted for a staggering $316.4 million, flash loans claimed $45.5 million, while other exit scams siphoned off $1.1 million.
Devastating Attacks on Poloniex, HTX, and KyberSwap Drain $286M
Among the most grievous losses, Poloniex and HTX/Heco Bridge suffered the brunt, succumbing to financial haemorrhage to the tune of $131.4 million and $113.3 million, respectively. The devastating impact of these attacks reverberated across the crypto landscape, with phishing exploits siphoning off $27 million from a hapless victim.
The gravity of the situation extended beyond mere numbers, highlighting a paradigm shift in the dynamics of crypto attacks. Immunefi’s comprehensive report revealed an alarming tally of 296 hacking attempts and rug-pull scams, resulting in losses exceeding $1.75 billion since the beginning of the year.
CeFi and DeFi Under Siege
In a stark reversal, November saw a shift in targeted attacks. For the first time, centralized finance (CeFi) platforms bore the brunt of hacker attention, surpassing losses incurred by decentralized finance decentralized finance (DeFi) platforms. This marked a pivotal moment as 37 incidents on DeFi protocols amounted to $158.6 million in losses, whereas a handful of substantial attacks on platforms like Poloniex, HTX, and Kronos Research accounted for $184.4 million, totalling 53.8% of the month’s damage.
This reconfiguration in attack targets starkly contrasts the earlier third-quarter report by Immunefi, which indicated that DeFi assaults accounted for a significantly higher 72.9% of losses.
The devastating $45 million KyberSwap attack emerged as the primary contributor to the month’s flash loan-related losses, propelling November’s cumulative losses beyond the previous peak of $329 million witnessed in September. Notably, the notorious $200 million Mixin Network attack played a pivotal role in this surge, underscoring the heightened vulnerability of the crypto ecosystem.
BNB Chain and Ethereum Hit Hardest, $302M at Stake
Amidst these vulnerabilities, the BNB Chain and Ethereum ecosystems remained the prime targets for malicious assaults, accounting for 83% of the total losses. With the BNB Chain ecosystem experiencing 22 attacks accounting for 53.7% of losses and Ethereum facing 12 attacks resulting in 29.3% of lost assets, these blockchain networks bore the brunt of the assault.
Immunefi, a pivotal vulnerability reporting tool, has been instrumental in mitigating damages, issuing over $85 million in prizes and assisting in the recovery of more than $25 billion in user funds for protocols such as Chainlink, The Graph, Synthetix, and MakerDAO. In a bid for greater decentralization, Immunefi initiated a reward system program, marking a significant step towards fortifying the bug bounty platform.
Is your Crypto Safe?
As the year draws to a close, the cumulative loss from 2023’s relentless wave of exploits and frauds in the crypto realm has now breached the daunting $1.75 billion mark. This persistent vulnerability raises concerns about security practices, casting a shadow on the industry’s aspirations for widespread adoption and stability.