Crypto losses due to hacks and scams have fallen to $413 million in Q3 2023, as reported by Immunefi. This marks a 28% decrease from the $573 million lost in Q2 and a 40% reduction compared to the same quarter last year when losses reached $686 million. Year-to-date, the total stolen exceeds $1.3 billion, reflecting a 4% decline from the previous year.
Despite nearly $90 billion locked in web3 protocols, decentralized finance (DeFi) remains a primary target for hackers, with 31 out of 34 incidents occurring in this space. However, centralized finance (CeFi) experienced greater losses, accounting for 74.8% ($309 million) of the total losses compared to DeFi's 25.2% ($104 million).
Mitchell Amador, founder and CEO of Immunefi, stated, "We're seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences." He emphasized the need for rigorous key management practices in CeFi to safeguard crypto assets.
Two significant exploits accounted for 69.5% of the total losses, with $235 million stolen from Indian exchange WazirX and $52 million from Singapore's BingX. July was the most affected month, recording losses of $282 million, while August saw a sharp decline to just $15 million. In total, $14.9 million (3.6%) of the stolen funds were recovered, primarily from Ronin Network and ShezmuTech.
In Q3, hacks dominated the losses, accounting for 99.3% ($409.9 million) across 31 incidents, while fraud cases represented only 0.7% ($3.1 million). Ethereum and BNB Chain were the most targeted networks, with Ethereum suffering the most attacks.
To date, Immunefi has paid out over $100 million in bounties to ethical hackers, highlighting the importance of security in the crypto space. The ongoing challenges in the industry stress the need for improved security measures to protect against future exploits.