The third quarter of 2023 has exposed significant security vulnerabilities in the cryptocurrency sector, with a staggering 117 hacks leading to a cumulative loss of $720 million.
Hacken's comprehensive review of De.Fi's REKT database for the third quarter of 2023 highlighted that while the number of incidents decreased from the second quarter, the financial implications were significantly higher.
The quarter's most substantial breach involved a $231 million exploit of the Multichain bridge, marking its third security lapse.
Another significant incident was a bug in the Vyper compiler, which led to $70 million in losses for major projects. Despite this, swift interventions enabled the recovery of 90% of the stolen funds.
Access control breaches emerged as the most financially damaging, accounting for $449 million in losses from just eight incidents.
These breaches emphasized the human vulnerabilities in the crypto sector, often more than code vulnerabilities.
Rug pulls, characterized by sudden liquidity withdrawals, were the most frequent attack vectors.
The ease of their creation, often through token factories, made them a prevalent threat.
Notably, two-thirds of all incidents involved projects that hadn't undergone an audit, highlighting the importance, yet limitations, of this security measure.
Reentrancy and flash loan attacks, more technical in nature, resulted in significant losses of $85 million and $5.8 million, respectively.
These attacks exploit vulnerabilities in deployed smart contracts.
Also Read: SEC Fines BlackRock $2.5M For Alleged Misrepresentation Of Entertainment Sector Investments
Tokens were the primary targets, with 80 attacks this quarter.
Centralized control remained a core issue, leading to potential scams. Bridges also faced significant challenges, with two projects accounting for $241 million in stolen assets.
Audits, while essential, weren't a guaranteed safeguard. Of the 117 hacks analyzed, 39 projects claimed they had undergone audits.
Outdated reviews, post-audit code alterations, incomplete audits and overlooked vulnerabilities were among the reasons why some audited projects still faced breaches.
The third quarter analysis emphasized the need for continuous vigilance, multi-auditor approaches and enhanced security awareness among users, projects, and auditors in the crypto industry.
In light of these revelations, the upcoming Benzinga's Future of Digital Assets conference on Nov. 14 is planning to address security challenges, offering insights and potential solutions to fortify the digital asset space.
Read Next: World Bank Issues First Blockchain Bond: An 'Important Moment' For Digital Asset Class
Join Benzinga's Fintech Deal Day & Awards on Nov. 13 and Future of Digital Assets on Nov. 14 in New York City to stay updated on trends like AI, regulations, SEC actions and institutional adoption in the crypto space. Secure early bird discounted tickets now!
Photo: Shutterstock
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
