CertiK, the blockchain security firm, has reported a significant decrease in Web3 theft incidents in October, marking the lowest point this year. According to CertiK, there were 38 security incidents last month, resulting in losses of approximately $32.2 million from various issues such as hacking, vulnerabilities, and scams. Notably, none of these incidents resulted in losses exceeding $7 million. This reduction in losses is a stark contrast to the cumulative total of $1.4 billion recorded for the first ten months of the year. In comparison, January registered the second-lowest losses at $33.7 million.
However, it is crucial to highlight that the low statistics for October do not necessarily signify a continuous decline in losses. Instead, they indicate the absence of major security breaches during that particular month. Furthermore, the 38 incidents recorded in October represent a record low, contributing to the notable reduction in overall losses.
CertiK's quarterly report revealed that the number of security incidents decreased from 79 in July to 66 in August and further down to 39 in September. The sole category that witnessed an increase in October was exit scams, which quadrupled in volume compared to September. Exit scams had reached their yearly peak in May, involving users of the crypto project Fintoch who suffered losses amounting to nearly $32 million. Vulnerability exploits, on the other hand, peaked in September, largely due to an attack on Mixin Network's cloud service provider, resulting in losses of around $200 million. The second-highest losses were reported in July, primarily attributed to the loss of multi-chain MPC bridges.
CertiK has identified a few recurring trends in cryptocurrency-related crimes. Of note is the increasing use of social media platforms for scams, with nearly half of all cryptocurrency scams in the past 18 months found to be linked to social media, as reported by the U.S. Federal Trade Commission. Social media provides an array of opportunities for malicious actors, ranging from pumping and dumping schemes to Ponzi schemes. CertiK's third-quarter report also highlighted North Korea's Lazarus Group as a "major threat" in the blockchain security landscape.
