Hack Hauls Halve From 2022

Hack volumes fell by over 50% in 2023 compared to last year, according to research by TRM Labs. While the number of attacks, at 160, remained relatively stable since 2022, the USD 1.7 billion stolen by cybercriminals through November 2023 is less than half the nearly USD 4 billion lost to hacks in 2022.

Although a few large hacks could close the gap in December 2023 is likely to finish with significantly lower totals than 2022.

Infrastructure attacks accounted for nearly 60% of the total amount stolen in 2023. The most damaging type of infrastructure attack is a private key theft or seed phrase compromise, in which hackers gain access to a cryptocurrency system's underlying infrastructure - its servers, networks, or software - to steal funds or manipulate trades. 

At nearly USD 30 million per incident, such attacks were significantly larger on average than protocol attacks and code exploits, which together accounted for a fifth of hack volumes. As in 2022, a small number of large-scale hacks was responsible for most cryptocurrency thefts, with the top ten hacks representing nearly 70% of all stolen funds. Several exceeded USD 100 million, including attacks against Euler Finance (March), Multichain (July), Mixin Network (September) and Poloniex (November).  

Three key factors may have contributed to the decline in hack volumes in 2023. Improved industry security measures, stepped up law enforcement action and closer industry coordination are likely to have fortified the cryptocurrency ecosystem and helped reduce the damage from attacks.    

• Improved Security Measures: Over the past year, the cryptocurrency industry has significantly ramped up its security protocols, including real-time transaction monitoring and anomaly detection systems. These measures, which safeguard digital wallets and exchange platforms from intrusions, can help identify and thwart potential security breaches before they materialize.

• Increased Law Enforcement Actions: Law enforcement agencies worldwide intensified their focus on cybercrime involving digital currencies. The increased collaboration between law enforcement agencies has led to quicker responses to hacking incidents. It has also been instrumental in tracing, freezing, and recovering stolen assets, deterring potential hackers with the heightened risk of detection and prosecution. 

• Greater Industry Coordination: Cryptocurrency exchanges, wallet providers and blockchain networks have ramped up information-sharing about vulnerabilities, threats, and breaches. This collective approach towards security has fostered a more unified front against cybercriminals, making it increasingly challenging for hackers to exploit systemic weaknesses.

Despite the encouraging news, the hacks landscape remains rapidly evolving and inherently uncertain: the emergence of a new sophisticated threat could quickly reverse the decline in hack volumes. Vigilance and adaptability remain crucial as the industry and law enforcement attempt to maintain this positive trajectory into 2024.