Crypto industry loses $428 million in Q3 to hacks and scams

For Q3 2022, the total losses of the Web3 ecosystem from hacks and fraud amounted to $428.7 million, calculated by Immunefi’s bounty platform experts.

During the period there were 39 incidents, of which 30 were hacker attacks with a total damage of $399 million. The remaining losses of $29.8 million came from nine scams, including rug pull.

The bulk of the total came from two largest hacks: cross-chain protocol Nomad ($190 million) and market maker Wintermute ($160 million).

The main targets remain DeFi projects — they accounted for 98.8% of total losses, versus 1.2% in the CeFi sector CeFi.

Experts say this is linked to better protection on centralized platforms such as Binance and Coinbase, which also devote more resources to security. Immunefi cited the sheer number and diversity of decentralized projects, which provides more attack vectors.

In terms of blockchains, most protocols involved in the incidents are built on BNB Chain (16 attacks and 28.6% of losses) and Ethereum (13 and 23.2%, respectively).

According to Immunefi, losses in the crypto industry since the start of the year totalled about $2.33 billion. By quarter, the amount declined progressively.

Of the total, attacked projects recovered a small portion — $93.8 million or 4%. Among the largest hacks, notable recoveries were Axie Infinity ($30 million out of $325 million) and Nomad ($36.4 million out of $190 million).

Experts say progress in this area is unlikely. In some cases, as with Axie Infinity, the attackers are state-backed and enjoy a form of legal immunity. Moreover, attackers are becoming increasingly sophisticated and adept at covering their tracks, Immunefi experts say.

Earlier, Immunefi tallied 50 hacks and scams in Q2, with crypto projects lost $670.7 million.

Read ForkLog’s bitcoin news on our Telegram — cryptocurrency news, prices and analysis.