The dramatic fall in overall thefts is attributed to a drop in attacks against Decentralized Finance (DeFi) tools, which cut out regulated institutions, such as the banking industry, from financial transactions. Cryptocurrencies, blockchains, and other such software are well known tools of the DeFi ecosystem.
That’s not to say that DeFi hacking isn’t still a serious threat. Of the $1.7 billion stolen in 2023, almost two-thirds stemmed from hacks that targeted DeFi protocols.
These protocols, Chainalysis said, are grouped into two categories: on-chain and off-chain.
An example of an on-chain attack would be when a hacker targets vulnerabilities in a blockchain’s validator node, such as its crypto mining layer; an off-chain attack, meanwhile, would be when a hacker obtains a user’s private key, which could be acquired through a leak or a failure in the blockchain’s security software.
One explanation behind the drop in money lost to crypto attacks, is that DeFi security protocols are becoming more adept at plugging holes in their system that have been exploited by hackers for years.
For instance, cases of DeFi hacking shot up in 2021 and 2022, which was around the same time decentralized finance became a key sector of the crypto economy. Attackers made off with $2.5 billion and $3.1 billion, respectively, during those time periods.
“I do think that the increase of security measures in DeFi protocols is a key factor in the reduction in the quantity of hacks related to smart contracts vulnerabilities,” said Mar Gimenez-Aguilar, Lead Security Architect and Researcher at Halborn, a security company specializing in blockchain solutions.
“If we compare the top 50 hacks by value lost from this year with those from previous ones, there is a reduction in percentage of losses from 47.0% of the total to 18.2%,” he said.
This is reflected in the data provided by Chainalysis, which show that, on a hack-by-hack basis, median losses fell from $1.4 million in 2022 to roughly $1 million the following year.
Those figures still show, however, that the battle for DeFi security is far from won, as Gimenez-Aguilar notes that both on-chain and off-chain vulnerabilities can still be highly destructive.
The most infamous instigators of crypto attacks for several years now, are the North Korean government and its state-sponsored cyber espionage groups, such as Kimsuky and Lazarus Group.
Kimsuky has spearheaded phishing campaigns all over the world, with the goal of illicitly obtaining intelligence and funding for North Korea’s national defense and intercontinental missile development programs.
Lazarus, meanwhile, is the culprit behind sophisticated crypto heists that have deprived digital platforms of hundreds of millions of dollars, such as the $100 million and $650 million attacks Horizon Bridge and Axie Infinity, respectively. Lazarus’ affinity for covert infiltration meant that it took investigators several months to even establish its members as the perpetrators.
Hackers believed to be sponsored by the North Korea government stole almost $1 billion across a mere 20 attacks in 2023, the blockchain analysis firm found.