Web 3 security company Beosin recently released the second quarter 2022 Web 3 security report, analyzing the latest hacks and exploits impacting the blockchain area. Meanwhile, it turns out that more than $ 718 million was lost in the relevant scheme. Most of it happened in the decentralized space.
Breakdown of numbers
A report produced in collaboration with Footprint Analytics lists 48 major “attacks” as the cause of these losses. These attacks were never the same. Only three (Beanstalk Farms, Elrond, Harmony) lost more than $ 100 million each, and 28 lost between $ 1 million and $ 10 million.
Losses in the previous quarter are technically down 40% from nearly $ 1.2 million lost in the first quarter of 2022, but 2.42 times more than the $ 296.56 million lost in the first quarter of 2021. Is increasing. A hack that earned more than $ 600 million for attackers.
According to data, April was the most active month of hacking, with “19 critical security incidents” and more than $ 374 million lost. Losses fell sharply in May, alongside Bitcoin prices, but despite the continued decline in the market, there was an interesting surge in June.
“For all chains and projects attacked, TVL values dropped significantly in May,” read the report. “For most projects, TVL decreased shortly after being attacked.”
Most common attacks
Decentralized finance (defi) has been an overwhelming target among Web3 hackers. Defi allows crypto users to access financial services such as borrowing and lending in a decentralized way using self-executed smart contract programs.
Approximately 79.2% of attacks in this space in the previous quarter accounted for 63.3% of losses. The most common attack method was to exploit a vulnerability in smart contract code, deducting a total of $ 138 million from hackers. These accounted for 45.8% of attacks compared to 50% of attacks in the first quarter.
The following most common methods of attack included the use of flash loans – decentralized loans that do not require collateral but must be repaid in short order. Hackers can use flash loans to accumulate vast controls of governance tokens for a particular protocol and pass malicious protocol changes. Such attacks earned $ 233 million in the second quarter. This is more than any other hacking method.
An additional $ 131.15 million was lost by the compromised private key, and security around it remains a “continuing concern.”
52% of the attacked projects were reportedly audited. Audited projects still make up the majority (76.2%) of stolen funds.
BNB Chain: King of Hacks
As the king of decentralized finance for many years, Ethereum lost $ 381.35 million in the previous quarter. This is more than any other chain. According to Defi Llama, of the $ 77.11 billion ecosystem as a whole, nearly $ 48 billion is locked to Ethereum’s defi protocol.
The network has significantly recovered its decentralized market share after the collapse of Terra. Previously it was the second decentralized network. The new runner-up is Binance SmartChain (BSC; also known as BNB Chain), which has locked only $ 6.21 billion.
However, when categorized by the amount of major attacks, the BNB chain accounts for 26, more than half of that. The chain joins Ethereum, Phantom and Kronos for two consecutive quarters of major attacks. In contrast, Solana suffered a loss of $ 374 million on two exploits in the first quarter, but wasn’t hit hard in the second quarter.
Not surprisingly, more than half of the money stolen in the second quarter ($ 418.89 million) was sent to Tornado Cash, a cryptocurrency mixing service that helps thieves cover trucks on the blockchain. rice field. Of these funds, $ 131 million of assets were recovered.
Binance Free $ 100 (Exclusive): Register using this link and receive $ 100 Free and 10% Off Fees in the First Month of Binance Futures (Clause).
PrimeXBT Special Offer: Use this link to register and enter your POTATO50 code and receive a deposit of up to $ 7,000.