In 2023, the Web3 sector experienced a significant loss of $1.8 billion due to hackers and scammers, as reported by blockchain security firm Immunefi on December 28. The report highlighted that the Lazarus Group, linked to North Korea, was responsible for 17% of these losses.
The most substantial heist of the year was against the Mixin Network, a peer-to-peer trading platform, leading to a staggering loss of over $200 million for crypto investors. Following closely was the $197 million breach of Euler Finance, a lending platform, and a $126 million attack on Multichain, a cross-chain bridge protocol.
Law enforcement agencies have linked the Lazarus Group, a notorious cybercrime group from North Korea, to approximately $309 million of the total losses. This figure includes significant hacks such as the Atomic Wallet ($100 million), CoinEx ($70 million), and Alphapo ($60 million), among others. Most of the financial damage was due to hacking activities rather than direct fraud. Specifically, only $103 million was attributed to clear fraud cases like rug pulls, while a much larger sum of over $1.6 billion resulted from hacking and security exploits. Out of the total losses, $1.3 billion originated from protocols claiming decentralization. In comparison, centralized finance (CeFi) crypto protocols accounted for a loss of about $409 million.
Interestingly, the $1.8 billion figure represents a decrease of over 52% from the previous year, when blockchain security service Chainalysis reported a loss exceeding $3.8 billion.
