Amount in crypto stolen via hacking fell in 2023 but number of cases on the rise

Global funds stolen via crypto hacking plunged by about 54.3 per cent to US$1.7 billion (S$2.2 billion) in 2023. PHOTO: ST FILE
Claire Huang
Senior Business Correspondent
Updated
Jan 25, 2024, 09:41 AM
Published
Jan 24, 2024, 10:00 PM

SINGAPORE - The amount of stolen cryptocurrency from hacking may have fallen globally in 2023, but the number of incidents has risen, a report by blockchain research firm Chainalysis said.

The firm on Jan 24 said global funds stolen via crypto hacking plunged by about 54.3 per cent to US$1.7 billion (S$2.3 billion) in 2023 compared with the year before.

However, the number of individual hacking incidents grew 5.5 per cent the same year to 231, from 219 in 2022.

Hacking refers to the unauthorised access, manipulation or exploitation of computer systems, networks or information.

The report said cryptocurrency hacking has become a pervasive and formidable threat that has led to billions of dollars stolen from crypto platforms and exposed vulnerabilities across the ecosystem.

The drop in the amount stolen via crypto hacking in 2023 is largely because of a fall in decentralised finance, or DeFi, hacking. DeFi refers to a new financial system where transactions are made peer to peer on public blockchains.

“Hacks of DeFi protocols largely drove the huge increase in stolen crypto that we saw in 2021 and 2022, with cyber criminals stealing US$3.1 billion in DeFi hacks in 2022. But in 2023, hackers stole just US$1.1 billion from DeFi protocols. This amounts to a 63.7 per cent drop in the total value stolen from DeFi platforms year over year,” said Chainalysis.

The fall in the value and number of DeFi hacks come as DeFi operators become better at smart contract security, the report said.

Smart contracts are self-executing contracts on the blockchain, with the terms of the agreement directly written into code.

Ms Mar Gimenez-Aguilar, lead security architect and researcher at Web3 and blockchain security firm Halborn, said in the report that the rise in security measures in DeFi protocols is a key factor in lowering the number of hacks linked to smart contract vulnerabilities.

“If we compare the top 50 hacks by value lost from 2023 with those from previous years, there is a reduction in losses from 47 per cent of the total to 18.2 per cent,” she said.

Ms Gimenez-Aguilar said price manipulation attacks remained almost constant, with around 20 per cent of the total value lost. Price manipulation hacks take place when an attacker exploits a smart contract vulnerability to reflect inaccurate asset prices, thereby manipulating a token’s price.

These trends, when combined, indicate that protocols have to take into account how they interact with the whole DeFi ecosystem when performing audits, she added.

More On This Topic
Global crypto criminal gains down in 2023, says Chainalysis report
Most key global crypto markets tightening consumer protection rules, says report

Despite the drop in amount stolen from DeFi hacks, there were still some incidents that stood out.

In March 2023, Euler Finance, a borrowing and lending protocol on the Ethereum blockchain, experienced a flash loan attack. This led to roughly US$197 million in losses.

In 2023, July recorded the highest number of hacks at 33. These included US$73.5 million stolen from decentralised exchange and automated market maker Curve Finance.

Chainalysis noted that there were several large exploits that occurred in September and November, on both decentralised and centralised platforms, including Mixin Network (US$200 million), CoinEx (US$43 million), Poloniex Exchange (US$130 million), crypto entrepreneur Justin Sun’s exchange HTX (US$113.3 million) and Kyber Network (US$54.7 million).

The report also found that North Korea hacked more crypto platforms than ever in 2023, but stole less in total value than in 2022.

It noted that North Korea-linked hacks have been on the rise over the past few years, with cyber-espionage groups such as Kimsuky and Lazarus Group using various malicious tactics to acquire large amounts of crypto assets.

In 2023, the estimated total amount stolen in hacks linked to North Korea came up to just over US$1 billion, down from US$1.7 billion in 2022.

However, Chainalysis said the number of hacks rose to 20 in 2023 – the highest number on record – in a crypto bear market. This was up from 15 hacks in 2022.

The report added that while it is clear that attackers are becoming increasingly sophisticated and diverse in their attacks, crypto platforms are also beefing up their security and responses to these incidents.

“When crypto platforms act promptly after exploits, law enforcement agencies will be better equipped to contact exchanges where frozen funds are located, to initiate seizure and contact services through which the funds flowed to gather relevant information about accounts and users,” Chainalysis said.

It added that over time, it is likely that funds stolen from crypto hacks will continue to decline as these processes improve. 

More On This Topic
Crypto exchange HTX hit by $346 million outflow in wake of hack
Millions of crypto investors’ wallets at risk due to security flaws: Study

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top