Cryptocurrency Users Lost Less Money in 2023, But Still Face Risks
If you are a cryptocurrency user, you might be wondering how safe your funds are in the volatile and unpredictable world of digital assets. Well, the good news is that you are not alone and that the industry has made some progress in reducing the losses caused by scams, rug pulls, and hacks. The bad news is that you still need to be vigilant and cautious, as the industry remains vulnerable to security breaches and market fluctuations.
According to a report by De. Fi, a blockchain security firm, cryptocurrency users experienced losses of nearly $2 billion due to malicious actors in 2023. This represents a significant reduction compared to the estimated $4.2 billion losses in 2022. However, this figure does not include the $40 billion that vanished in the collapses of stablecoin issuer Terraform Labs, crypto lender Celsius, and the FTX exchange, which shook the industry and eroded investor confidence.
So, what contributed to this reduction in losses, and what are the main challenges and risks that cryptocurrency users face in 2024? Let’s take a look at some of the key factors and trends that shaped the security landscape of the cryptocurrency industry in 2023.
Improved Security Protocols
One of the main reasons for the decrease in losses was the improvement of security protocols and standards by various platforms and projects. For instance, many decentralized applications (DApps) implemented multi-signature wallets, timelocks, audits, bug bounties, and insurance policies to protect their users’ funds. Moreover, some platforms adopted layer-2 solutions, such as zkSync Era, which enhanced scalability and security by moving transactions off-chain.
Another factor that helped reduce losses was the increased awareness and education of cryptocurrency users about the potential risks and pitfalls of the industry. Many users learned from their previous mistakes or the experiences of others and became more careful and selective about the platforms and projects they interacted with. They also became more familiar with the best practices and tools for securing their wallets, such as using hardware devices, encryption, backups, and recovery phrases.
Overall Decreased Market Activity
A third factor that influenced the reduction in losses was the overall decreased market activity in 2023. The cryptocurrency industry entered a bear market after reaching new highs in early 2023. Some major alternative tokens experienced significant slumps before recovering towards the end of the year. As a result, many users became less active or exited the market altogether, reducing the opportunities and incentives for hackers and scammers to target them.
Despite the Reduction in Losses, The Cryptocurrency Industry Remains Susceptible to Security Risks
While the reduction in losses is a positive sign for the cryptocurrency industry, it does not mean that the security problems are solved or that the users are safe from harm. On the contrary, the industry still faces many challenges and threats that could jeopardize its growth and adoption.
As mentioned earlier, the $2 billion losses in 2023 do not include
the $40 billion lost in the collapses of Terraform Labs, Celsius,
and FTX. These were some of the most prominent and trusted
platforms in the industry, which had millions of users and billions
of dollars under management. Their sudden failures raised serious
questions about the reliability and stability of centralized platforms,
as well as their compliance with regulations and governance standards.
The causes and consequences of these collapses are still under investigation, but they have undoubtedly damaged the reputation and confidence of the industry.
Bear Market Impact
Another challenge that the industry faces is the impact of
the bear market on its security. The reduction in losses coincides
with a period of low prices and low activity in the market.
However, this could change if the market conditions become more bullish
and attract more users and capital. A surge in demand and activity
could also increase the exposure and vulnerability of platforms
and projects to hackers and scammers. Therefore, users need to be prepared for any scenario and not let their guard down.
The recovery rate of funds lost to hacks, scams, and exploits improved significantly in 2023, reaching around 10%, up from just 2% in 2022,
according to De.Fi. This means that some platforms and projects were able to retrieve or reimburse some of their users’ funds after suffering a security breach. However, this also means that 90% of the funds were still lost or inaccessible, which is a huge amount of money that could have been used for other purposes. Moreover, some platforms or projects did not have any recovery mechanism or policy at all, leaving their users with no recourse or compensation.
The report by De. Fi also revealed some interesting insights about the distribution of losses across different blockchains. Ethereum remained the most targeted blockchain, with $1.35 billion lost in approximately 170 incidents. This is not surprising, given that Ethereum is the most popular
and widely used blockchain for DApps and smart contracts. However, Ethereum also made some progress in reducing its losses, as it accounted for 68% of the total losses in 2022, but only 54% in 2023.
BNB Chain was the second-most targeted blockchain, with $110.12 million lost across 213 incidents. This is also expected, as BNB Chain is the native blockchain of Binance, the largest cryptocurrency exchange in the world.
However, BNB Chain also improved its security performance, as it accounted for 13% of the total losses in 2022, but only 4% in 2023.
zkSync Era was the third-most targeted blockchain, with $5.2 million lost in two incidents. This is somewhat surprising, as zkSync Era is a relatively new and experimental blockchain that uses zero-knowledge proofs to achieve high scalability and security. However, zkSync Era also demonstrated its resilience and innovation, as it was able to recover all of the funds lost in one of the incidents, and partially recover the funds lost in the other incident.
Solana was the fourth-most targeted blockchain, with a loss of $1 million in a single attack. This is also unexpected, as Solana is one of the fastest-growing and most promising blockchains in the industry,
with a high-performance and low-cost design. However, Solana also showed its strength and potential, as it was able to prevent further losses and restore its normal operations after the attack.
Losses on Centralized Platforms
The report by De. Fi also highlighted the losses that occurred on centralized platforms, such as exchanges, wallets, and custodians. These platforms accounted for approximately $256 million across seven cases. The largest incident was the November attack on Poloniex, which netted $122 million. The second-largest incident was the August hack of KuCoin, which resulted in $87 million lost. The third-largest incident was the July breach of BitMart, which led to $23.5 million stolen.
These incidents show that centralized platforms are still vulnerable to security risks, despite their advantages of convenience and liquidity.
They also show that users should not rely on these platforms to store or manage their funds, but rather use them only for trading or exchanging purposes.
Popular Exploitation Methods
The report by De. Fi also analyzed the most popular and profitable
exploitation methods used by hackers and scammers in 2023. Access Control Exploits were the most damaging method, resulting in losses of over $852 million in 29 instances. These exploits involve bypassing or compromising the access control mechanisms of platforms or projects, such as passwords, keys, signatures, or permissions. For example, one of the most notorious access control exploits was the May attack on PancakeBunny, a yield farming platform on BNB Chain, which resulted in $200 million lost.
Flash-loan attacks were the second-most cash-generative method,
leading to $275 million lost over 36 cases. These attacks involve borrowing
large amounts of funds from decentralized lending platforms and using them to manipulate the prices or liquidity of other platforms or projects,
before repaying the loans within a single transaction. For example, one of the most infamous flash-loan attacks was the April attack on EasyFi, a lending platform on Polygon, which resulted in $80 million stolen.
Exit Scams were the third-most common method, accounting for $136 million over 263 cases. These scams involve launching a platform or project with a fraudulent or deceptive intention, and then disappearing with the funds collected from users or investors. For example, one of the most brazen exit scams was the March scam by Meerkat Finance, a yield farming platform on BNB Chain, which claimed to have been hacked and ran away with $31 million.
The cryptocurrency industry has made some progress in reducing
the losses caused by scams, rug pulls, and hacks in 2023.
However, this does not mean that the industry is secure or that
the users are safe from harm. On the contrary, the industry still faces
many challenges and threats that could jeopardize its growth and adoption.
Therefore, it is important for users to be vigilant and cautious,
and to follow the best practices and tools for securing their funds
and avoiding potential risks. Remember, your security is your responsibility!
CryptoComplaint offers a solution to the challenges associated with tracing funds lost to crypto scams through its specialized Crypto Trace Services. The process begins with a no-fee consultation, during which the team works with clients to develop a tailored strategy for tracking down funds held in anonymous Bitcoin wallets. The unique Contracting Services include in-depth Crypto Forensics Investigations and user-friendly Crypto Investigation Reports, unraveling the seemingly complex and anonymous nature of Bitcoin transactions. Crypto Complaint’s expertise lies in breaking the codes associated with blockchain activities, exposing the individuals behind crypto scams.
The investigative process involves advanced techniques, utilizing resources such as blockchain explorer technology, extensive case databases, and highly qualified crypto investigators. After each investigation, clients receive comprehensive reports that include a detailed summary, names of suspects, and crucial documentation for law enforcement. The team at CryptoComplaint is committed to aiding clients in reclaiming their funds by collaborating with law enforcement and financial authorities, ensuring a successful resolution to their claims against fraudulent brokers and crypto scams.