Crypto Hacking losses reduced by 51% by 2023, the total is: CertiK

Certike's latest report In 2023, it showed a significant decrease in privacy issues.

Total losses from 751 events fell to $1.84 billion, a 51 percent decrease from 2022. Each event recorded an average loss of $2.45 million, with the ten contributing $1.11 billion. Surprisingly, the blockchain security firm found that the average loss per incident was only $101,132.

November revealed the highest amount of money lost at $363,367,327 from 45 incidents, with Q3 leading the way with $686,558,472 in losses from 183 incidents of hacking, fraud and exploitation.

Table of Contents

Toggle

Private Key: Not very private.

Private key compromise accounted for nearly 50% of the total loss, which was $880 million. Certike's report shows that these numbers come from just 47 incidents, which represent just 6.3 percent of the year's total security incidents, but more than half of the losses.

Specifically, six of the ten costliest security risks in 2023 were caused by private key agreements.

In July, the Multichain agreement resulted in a loss of 125 million dollars. Despite ensuring decentralization, the CEO of Multichain is said to have exclusive control over the multiparty computation servers and its private keys. The vulnerability, coupled with the arrest of its CEO, made $1.5 billion worth of Total Value Locked (TVL) on the multichain bridge inaccessible to users.

As such, CertiK advises users to implement certain private key management practices that include:

Employing multi-signature wallets to distribute control, reduces the risk of single-point failures. Choosing hardware wallets for secure key storage, preventing exposure in plaintext. Offline storage of private key backups in secure locations such as safety deposit boxes. Define strict access policies to restrict key access to only authorized persons. Protecting private keys with strong encryption in secure formats. Regularly audit and monitor key usage to detect unauthorized access. Using cold wallets for extended private key storage, reducing online risks. Educate relevant personnel on key management best practices, emphasizing security and confidentiality. Considering secure key sharing for multi-party computation (MPC) without exposing the entire key to one party. Utilizing professional key management services, particularly for enterprise-level operations, to ensure compliance with industry standards.

Other highlights

Meanwhile, Ethereum has emerged as a leader in losses, according to CertiK findings regarding blockchains. According to the report, Ethereum suffered a total loss of 686 million dollars, which took place in 224 events, which averaged 3 million dollars per event.

In contrast, BNB Chain, despite experiencing 387 security issues, significantly reduced its losses by $134 million, highlighting the difference with Ethereum's figure. Moreover, the cross-chain challenge continues to be a pressing issue in the crypto industry. A blockchain security firm says multiple blockchain impact security breaches have resulted in $799 million in losses.