Cointime

Download App
iOS & Android

Top Crypto Hacks of 2023: Analyzing the Biggest Crypto Security Breaches – Research Report

Author: Qadir AK

2023 has been a pivotal year for the cryptocurrency industry, witnessing various security challenges and cyber threats. This report delves into the intricate details of the hacks and security breaches that have marked the year, offering a comprehensive analysis of trends, patterns, and the evolving nature of cyber threats in the crypto world. We aim to provide valuable insights for industry stakeholders, enhancing their understanding of the security landscape and facilitating informed decision-making.

Key Findings and Inferences

  • The year 2023 had a total of $2.38 Billion stolen over 11 months till November
  • 2023 had less crypto stolen compared to the former by almost more than 40% but 50% less, considering all minor and major hacks
  • In 2023, the top five significant hacks represented over 35% of stolen funds
  • The month of November saw the highest volume of hacks, with 331M stolen, followed by September, July, and March
  • The last six months of the year constituted about 70 % of the overall hacks
  • By the number of hacks, July and August had the highest number of 11 significant hacks, followed by November and June with ten hacks each
  • Ethereum network was the most targeted blockchain network, with over 38% of the crypto volume
  • Q3 saw the highest crypto stolen, about $567.69 Million in hacks comprising 24% of the year followed by Q3, Q1, and Q2.
  • Private key compromise, Flash loan attacks of various types, and Price manipulation attacks were the most used techniques by hackers.
  • The top six hacks of the year are Multi chain, Euler Finance, Mixin network, Poloniex exchange, Huobi and HECO bridge, and Atomic wallet hack.

Introduction

The year has been a rollercoaster for the crypto industry, marked by unprecedented challenges and notable incidents that have tested the resilience of platforms, exchanges, and decentralized ecosystems. From the year’s inception to the closing chapters that witnessed a heightened defense against evolving cyber threats, this report aims to encapsulate the nuances, trends, and responses that shaped the year’s crypto security narrative.

Reflecting on 2023, our report highlights the lessons learned, progress made, and ongoing work to ensure a safer and more secure environment for the worldwide crypto community.

The Crypto Hacks that Left Us Stunned in 2023 

In the unruly world of cryptocurrency, hacking methods have continuously evolved with advancements in the crypto landscape. Interestingly, 2023 presented a silver lining: crypto thefts decreased significantly, reducing over 40% compared to the preceding year.

By November 2023, thefts amounting to $2.38 billion had been witnessed. While December remained a wildcard, there was optimism that the year would conclude with fewer incidents than the $3.80 billion stolen in 2022. This decline prompts a crucial question: What factors contributed to this downturn?

Behind the Decline: Factors at Play

Several experts point to three pivotal reasons for the reduced hack volumes in 2023:

  • Enhanced Security Measures: The crypto industry bolstered its defenses, making it harder for cybercriminals to breach systems.
  • Law Enforcement Vigilance: Increased action from law enforcement agencies globally was a deterrent.
  • Industry Collaboration: A more united front within the crypto community facilitated swift responses to potential threats.

Monthly Highlights: A Closer Look 

H1-2023

In the initial six months, we witnessed relatively few hacks. March stood out with a notable theft of $213 million, primarily due to the Euler finance breach, which accounted for a staggering 90% of that month’s theft at $197 million.

H2-2023

The latter part of the year painted a different picture. Months like July, September, and November saw a surge in significant breaches, collectively representing around 70% of the year’s total crypto theft.

November: Termed as the ‘Month of Hackers,’ was particularly tumultuous. The month recorded ten major breaches, amounting to $332 million. Prominent incidents included hacks on the Poloniex exchange, the Heco chain and HTX, the Kyber swap elastic breach, and the Kronos research incident, which resulted in a loss of $26 million

The Target of Choice: Ethereum 

The crypto landscape in 2023 continued a trend from previous years, with Ethereum bearing the brunt of hacker attention. As the most expansive network in the blockchain ecosystem, Ethereum experienced approximately 38% of the total crypto hacks by volume.

Following Ethereum, the Mixin network suffered a massive $200 million loss in a single breach, with other notable networks like Tron, Base, Arbitrum, and Avalanche also facing challenges.

Q3: A Peak in Crypto Hacks

The third quarter of 2023 stood out as the most tumultuous, witnessing thefts amounting to $567.69 million. This spike, constituting 24% of the annual thefts, was primarily attributed to breaches in networks like Mixin, Multichain, CoinEx, and Stake.com. 

In contrast, we reported the most minor activity in the second quarter, with only $180 million in thefts. The final quarter, spearheaded by November, was responsible for nearly all Q4 hacks, with major incidents involving Poloniex, Heco, and Huobi exchange.

Decoding Modern Hacker Tactics

Infrastructure-targeted attacks dominated in 2023, making up nearly 60% of the stolen amount. Among these, the most detrimental were private key compromises, where hackers infiltrate the core infrastructure of a cryptocurrency system—be it servers, networks, or software—to access funds or manipulate trades illicitly. 

Interestingly, breaches stemming from private key compromises yielded larger hauls on average compared to protocol and code-based exploits, which collectively represented a fifth of the hack volumes.

In a year-over-year comparison, 2023 saw a shift in the distribution of thefts. While 2022’s top ten hacks constituted nearly 70% of all stolen funds, 2023 witnessed the top five breaches accounting for over 35% of the losses. Noteworthy among these were attacks on Euler Finance (March), Multichain (July), Mixin Network (September), and Poloniex (November).

Additionally, protocol logic attacks became prevalent, particularly flash loan exploits like Price Oracle, reentrancy, governance, and specific function logic breaches. Alarmingly, numerous crypto financial entities—predominantly smaller ones—engaged in rug pull, abruptly withdrawing liquidity and leaving users to bear the brunt of the consequences.

Top Crypto Hacks of 2023: A Deep Dive

The year 2023 bore witness to several high-profile crypto breaches that shook the industry. Here’s a comprehensive look at the six most significant incidents.

1.   Multichain

  • Date: 07.07.23
  • Amount lost: $130Million
  • Attack method: Private key compromised

Description: In July 2023, customer assets worth about $130 million were sent from cross-chain protocol Multichain’s account to an unknown wallet. The Multichain team later disclosed that the CEO Zhaojun was under the custody of the Chinese police since late May 2023. According to the team, the authorities confiscated Zhaojun’s computers, phones, hardware wallets, and mnemonic phrases. Multichain stopped its services on 7 July 2023 and gave no resumption estimates.

2.   Euler Finance

  • Date: 13.03.23
  • Amount lost: $197 Million
  • Attack method: Flash Loan donate Function logic

Description: On March 13, 2023, Euler Finance, a permissionless borrowing and lending protocol on Ethereum, was the victim of a flash loan attack. Euler Finance isn’t the first DeFi hack victim this year, but it is, unfortunately, the largest. At a whopping near-$200 million loss, hackers stole funds in USDC, wrapped Bitcoin (wBTC), staked Ether (stETH), and DAI, an algorithmic stablecoin maintained by MakerDAO.

On April 4th, Euler Labs tweeted that after a successful negotiation, the attacker returned all the funds stolen from the agreement on March 13th. A hack of this magnitude illustrates the ongoing threats to widely used DeFi protocols and the potential hacking abuses opened up by flash loans.

3.   Mixin Network

  • Date: 23.09.23
  • Amount lost: $200 Million
  • Attack method: Database Attack

Description: Mixon Network, the peer-to-peer transaction provider, was hacked on the early morning of September 23 and revealed that the database of its cloud service provider was attacked, resulting in the loss of a substantial sum of assets on their main net. As per the official announcement, the amount of funds affected in the hack was 200 million dollars. The incident prompted Mixin Network to act immediately, suspending all withdrawal and deposit services.

4.   Atomic wallet

  • Date: 03.06.23
  • Amount lost: $100 Million
  • Attack method: Private Key Compromised

Description: Atomic Wallet, a centralized storage and wallet service, fell victim to the breach, resulting in the theft of $35-100 million worth of various tokens. The theft of cryptocurrencies worth at least $35 million, including bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), and polygon (MATIC) occurred.

Among the stolen assets, Tron-based USDT was reported to be the most considerable stash. Vulnerabilities like flawed cryptography, non-adherence to best practices, insufficient documentation, and incorrect use of the Electron framework all potentially led to the hack.

5.   Poloniex Exchange

  • Date: 10.12.23
  • Amount lost: $100 Million
  • Attack method: Private key compromised

Description: On November 10, an unknown hacker targeted the cryptocurrency exchange Poloniex and stole a substantial amount in various altcoins, spreading the funds across different wallets. The exchange wallet was disabled for maintenance, and it has been revealed that assets worth over $100 million were stolen. The hackers transferred large amounts of USDT, BTC, USDD, and USDC to other addresses before the wallet was disabled.

6.   Heco Bridge and HTX

  • Date: 22.11.23
  • Amount lost: $ 97 Million
  • Attack method: Private Key Compromised

Description: The DeFi world was shaken by a sophisticated exploit targeting the Heco chain bridge, resulting in a loss of $87 million. The attack didn’t stop there; HTX’s (formerly Huobi) hot wallets were also compromised, leading to a $12 million theft. The attack was carried out by transferring assets to externally owned accounts (EOAs) and swapping them for Ethereum (ETH).

Prioritizing Security in DeFi

The DeFi landscape, with its promise of decentralization and financial inclusivity, hinges on one crucial factor: trust. Security, therefore, isn’t just an operational necessity—it’s the bedrock upon which confidence is built. Here’s why:

1. Advanced Encryption and Multi-factor Authentication:

  • Encryption: Cutting-edge encryption techniques act as a shield, ensuring that sensitive data remains shielded from prying eyes and unauthorized access.
  • Two-Factor Authentication (2FA): Requiring dual identification forms before granting access significantly bolsters security. The added step deters potential breaches and instills user confidence in the platform’s commitment to safety.

2. Proactive Security Audits:

Regular audits aren’t just a regulatory checkbox—they’re proactive steps to root out vulnerabilities. Identifying and patching potential weak spots before they’re exploited is pivotal in maintaining trust.

Best Practices for Individual Security

For users navigating the vast realm of cryptocurrencies, here are some golden rules:

  • Strengthen Password Protocols: Craft intricate, unique passwords for each account, ensuring they’re at least 16 characters long. If managing multiple such passwords seems daunting, consider employing trusted password managers.
  • Embrace Robust 2FA: Hardware security keys, like Yubikey, offer unparalleled security. However, in their absence, authentication apps like Google Authenticator provide a superior alternative to SMS-based 2FA.
  • Stay Wary of Phishing Attempts: The digital realm is rife with replicas of legitimate sites. Always double-check URLs and never enter credentials unless you know a site’s authenticity.
  • Public Discretion: Treat your cryptocurrency holdings with the same discretion as a substantial inheritance. While sharing is caring, some information is best kept private.

Wrapping Up

As we conclude this year’s hack report, the landscape of cyber threats remains dynamic and ever-evolving. The documented incidents emphasize the critical importance of cybersecurity measures for individuals and organizations. With the continuous advancements in hacking techniques, it is evident that vigilance, proactive security protocols, and user education are vital in safeguarding against cyber threats. 

As we progress, a collective commitment to fortifying digital defenses, staying informed about emerging threats, and fostering a cybersecurity-conscious culture will be instrumental in mitigating the risks posed by an increasingly sophisticated and persistent cyber threat landscape.

Comments

All Comments

Recommended for you

  • Whale Transfers 1,133 BTC to Coinbase Prime, Valued at $71.48 Million

    According to Onchain Lens monitoring, a whale transferred 1,133 BTC from Coinbase to Coinbase Prime through an intermediary wallet, valued at $71.48 million.

  • U.S. AI Chip Stocks Decline Before Market Open, Intel Falls Over 3%

    On July 7, U.S. AI chip stocks experienced widespread declines before the market opened. Intel dropped over 3%, while AMD, Qualcomm, and NXP fell more than 2%. TSMC, Broadcom, and Tesla decreased by over 1%, and NVIDIA declined by 0.7%.

  • China's Central Bank Increases Gold Reserves for the 20th Consecutive Month

    As of the end of June, China's gold reserves stood at 75.44 million ounces (approximately 2,346.446 tons), an increase of 480,000 ounces (about 14.93 tons) from the end of May, which reported 74.96 million ounces (approximately 2,331.52 tons). This marks the 20th consecutive month of gold accumulation.

  • China's Foreign Exchange Reserves in June at $341.6262 Billion

    On July 7, China's foreign exchange reserves for June stood at $341.6262 billion, a decrease of $26 billion from the end of May, representing a decline of 0.75%, with expectations set at $343.2 billion.

  • U.S. Storage Stocks Drop Pre-Market, SanDisk and Micron Down Over 4%

    On July 7, U.S. storage concept stocks collectively fell in pre-market trading. Western Digital dropped over 5%, SanDisk and Micron Technology fell over 4%, Seagate Technology declined over 3%, Rambus fell over 2%, and SMI fell over 1%.

  • U.S. Stocks in Optical Communication Sector Drop Pre-Market

    On July 7, stocks in the optical communication sector of the U.S. market collectively fell pre-market. Astera Labs dropped over 4%, while Marvell Technology, Credo Technology, and AXT Inc. fell more than 3%. Tower Semiconductor, MaxLinear, Corning, Applied Optoelectronics, GlobalFoundries, Lumentum, and Qorvo all declined by more than 2%. Coherent, Nokia, Amphenol, and Broadcom dropped over 1%.

  • Pre-market Decline in U.S. Storage Stocks

    In pre-market trading, U.S. storage concept stocks experienced a widespread decline, with Micron Technology falling by 4.8%, SanDisk dropping over 4%, Corning down more than 2%, and Intel decreasing by over 3%.

  • Two Departments: Support for Reinsurance Institutions to Increase Capital and Issue Supplementary Capital Tools

    On July 7, the National Financial Supervision and Administration Bureau and the Shanghai Municipal Government released several measures to accelerate the construction of the Shanghai International Reinsurance Center. Among these measures, they proposed to enhance the quality and efficiency of the reinsurance industry, support reinsurance institutions in increasing capital and expanding shares, and issuing supplementary capital tools to improve the capacity for internal capital accumulation and external capital supplementation, thereby strengthening the reinsurance industry's capabilities. The initiative aims to guide the insurance industry to focus on major national projects, strategic emerging industries, and livelihood security, consolidating insurance and reinsurance underwriting capabilities to enhance risk protection levels. It also supports reinsurance institutions in leveraging their professional technical advantages to assist the insurance industry in reducing risk.

  • Sources: Saudi Arabia Plans to Expand Oil Pipeline to Red Sea, Increasing Capacity by 2 Million Barrels Daily to Bypass Strait of Hormuz

    On July 7, five informed sources revealed that Saudi Arabia is considering expanding the crude oil pipeline capacity to its western coast on the Red Sea, allowing Saudi Arabia and its neighbors to transport more oil without passing through the Strait of Hormuz. This east-west pipeline, built in the early 1980s, has gained strategic importance since the outbreak of the Iran war in February and the disruption of shipping in the Strait of Hormuz. The pipeline can deliver up to 7 million barrels of crude oil per day to the Red Sea port. The CEO of Saudi Aramco stated in May that approximately 2 million barrels are supplied to west coast refineries, while about 5 million barrels are for export. Sources indicate that Saudi Arabia is in preliminary discussions with some neighboring countries regarding the pipeline expansion, aiming to add about 2 million barrels of pipeline capacity per day. It remains unclear whether Aramco's planned expansion involves upgrading existing infrastructure or constructing new pipelines. One source mentioned that the expansion plan also includes a smaller refined oil pipeline. Two sources indicated that the expansion scale could range from 1 million to 2 million barrels per day, with refined oil also being considered. Another source stated that the project would take several years and cost billions of dollars, requiring adjustments to Saudi crude pricing mechanisms.

  • Citi: Tencent's WorkBuddy Gains Momentum, Maintains 'Buy' Rating

    On July 7, Citi released a research report stating that, according to the latest industry data, Tencent's AI agent product WorkBuddy has reached 20 million monthly active users (MAU) and over 13 million daily active users (DAU), with a DAU/MAU ratio between 65% and 75%. Considering the product has only been launched for a few months, user stickiness and daily engagement are performing strongly. Citi quoted Tencent's management as saying that in terms of daily active users, Tencent is leading its Chinese peers in the deployment of AI agents. Early user data reflects strong natural growth for both CodeBuddy and WorkBuddy, with high retention rates. Early users are interacting with the AI agents for long durations and with high frequency, creating a positive feedback loop. It is expected that AI products will become a key revenue source for Tencent Cloud. The firm believes that WorkBuddy's success demonstrates the strength of Tencent's ecosystem, the synergy between various productivity tools, and users' trust in Tencent's products and security. Citi maintains a 'Buy' rating on Tencent with a target price of HKD 763 unchanged.