CertiK has released its latest report, titled Hack3d: The Web3 Security Report for 2023.
CertiK’s Hack3d reports offer deep dives “into the exploits, vulnerabilities, and trends that define blockchain and smart contract security.”
According to CertiK, they’re an invaluable resource “for anyone seeking to understand the current landscape of Web3 security.”
Here are a few key takeaways from CertiK‘s extensive report:
- A total of $1,840,879,064 was lost across 751 security incidents in 2023.
- This represents a decline of 51% from 2022’s total of $3.7 billion, and an average of $2.45 million per incident.
However, the CertiK report clarified that just “the ten most costly incidents alone accounted for $1.11 billion, and the median loss per incident was much lower than the average, at $101,132.”
November was reportedly the most costly month of the year, “with $363,367,327 lost in 45 incidents.”
As stated in the update, Q3 saw “the most losses, at $686,558,472, from 183 hacks, scams, and exploits.”
Private key compromises were “the most costly attack vector, with $880,892,924 lost in just 47 incidents.” The report from CertiK pointed out that this “represents nearly half of all financial losses, though private key compromises accounted for just 6.3% of all security incidents.”
BNB Chain experienced “the highest number of security incidents, with a total of 387 hacks, scams, and exploits leading to $134 million in losses. This resulted in an average of $346,253 per incident.”
Ethereum saw a total of 224 incidents “but $686 million in losses, for an average of $3.0 million per incident.”
Security breaches affecting multiple chains “accounted for $799 million of losses in just 35 incidents, highlighting the persistent pain-point that is cross-chain interoperability.
Hack3d 2023 covers the stories and trends that defined the direction of Web3, the current state of the industry, and where the next twelve months may take us.”
This year’s report provides “a detailed breakdown of $1.84 billion lost across 751 incidents, reflecting a 51% decrease from the 2022’s total of $3.7 billion. We analyze the data to determine the extent to which this decline is merely reflective of broader declines in asset valuations in order to understand whether Web3 is learning its lessons and giving security the importance it deserves.”
The third quarter of 2023 stood out as the period “with the heaviest losses, totaling $686 million from 183 hacks, scams, and exploits.”
To access the complete report, click here.