The world of DeFi and Web3 suffered a slew of severe attacks and exploits in 2022. The biggest exploits combined, including the Nomad hack and the Ronin Bridge attack, led to losses of billions of dollars.
According to the 2022 Beosin Web3 Security Report cited by CoinTelegraph, DeFi suffered the most attacks. Of 167 major security incidents, DeFi projects were attacked 113 times, comprising more than two-thirds of recorded attacks.
Exchanges, NFT attacks follow
The next most-attacked group was cryptocurrency exchanges followed by NFT projects. Last on the list were cross-chain bridges and wallets.
DeFi projects ranked second in terms of monetary losses with total losses of just under a billion. Cross-chain bridge exploits resulted in losses of $1.89 billion in 2022.
Of all project types, $3.6 billion was lost in attacks last year, up almost 50% from the previous year.
Caution is advised in 2023
DeFi projects should be wary of even more exploits in 2023. According to experts, there are several reasons why DeFi projects are attacked so often. These include the value these projects attract, the lack of security testing prior to going live, and the sheer number of emerging DeFi projects.
What’s more, blockchain security firms encourage users to keep their private keys. In 2023, losses due to private key compromises will be a result of poor management of private keys.
Exploits this year
Although 2023 just started, we have already seen some exploits. On January 3, hackers stole 82,519 GMX tokens from a whale, which were worth $3.5 million. They exchanged the GMX for ether, then transferred the assets to the Ethereum Mainnet using Across Protocol and Hop Protocol.
In 2022, December was the month with the least losses from DeFi exploits. Only $62 million was lost.