Web3 Losses Decrease by 23% in Q1 2024, Potential $100 Billion at Risk from Hackers – Immunefi
The first quarter of this year has witnessed losses of $336 million due to hackers and fraud in the Web3 sector, with almost half of the stolen capital occurring in January alone. However, this figure represents a 23% decrease compared to the same period last year, according to a recent report by Immunefi, a bug bounty and security services platform.
Interestingly, the report reveals that approximately $100 billion in capital is currently locked within Web3 protocols as of March 2024. Additionally, the report highlights that $73,885,000 has been recovered from stolen Web3 capital in seven specific incidents. Notably, $62 million was recovered from the Munchables exploit, while $5.3 million was recovered from the Seneca exploit, accounting for 22% of the total losses in the first quarter.
Detailed analysis conducted by the Immunefi team examined the amount of cryptocurrency funds lost by the community due to hacks and scams in the first three months of 2024. The team specifically focused on instances where blackhat Web3 hackers exploited crypto protocols or protocols were suspected of performing rug pulls. A total of 61 incidents were identified, encompassing successful and semi-successful hacks, as well as alleged fraud.
Overall, the team discovered that $336,311,217 was lost in Q1 2024. Out of this total, $321,645,400 resulted from hacks across 46 specific incidents, while fraud accounted for $14,665,817 stolen across 15 incidents. This represents a 23.1% decrease compared to Q1 2023 when hackers and fraudsters stole $437,483,543.
It is important to note that the majority of these losses occurred in January, with over $133 million stolen during that month alone. Mitchell Amador, Founder and CEO at Immunefi, emphasized the challenges faced by DeFi, stating that it accounted for 100% of the total losses in Q1 2024. He further highlighted the critical need to secure both code and protocol infrastructure, particularly in light of the significant volume of losses due to private key compromises.
Unsurprisingly, decentralized finance (DeFi) continues to be the main target for exploits. The report reveals that DeFi accounted for 100% of the total losses, while centralized finance (CeFi) did not experience any attacks. Comparing Q1 2024 to the same period in 2023, DeFi losses decreased by 22.8%, with losses totaling $435,675,543 in the previous year. In contrast, CeFi lost $1,808,000 in Q1 2023.
Within the Web3 ecosystem, Ethereum remains the most targeted chain, surpassing BNB Chain once again in Q1 2024. Ethereum witnessed 33 individual attacks, accounting for 51% of the total losses across targeted chains. BNB Chain, on the other hand, experienced 14 incidents, representing 22% of the total losses. Together, these two chains accounted for 73% of the losses in Q1 2024. Other affected chains include Arbitrum, Solana, Optimism, Bitcoin, Blast, Polygon, Conflux Network, and Base, respectively.
Two projects suffered the most significant losses, with Orbit Bridge, the bridging service of the cross-chain protocol Orbit Chain, experiencing an $81.7 million exploit in January. In March, Munchables, an Ethereum layer 2 Blast non-fungible token (NFT) game, suffered an exploit resulting in $62.8 million in losses. Combined, these two projects lost a total of $144,480,000, representing 43% of the losses in Q1.
Hacks continue to be the leading cause of fund loss in the scamming world, accounting for 95.6% of losses in Q1 2024. In contrast, fraud only accounted for 4.4% of the losses. Hackers stole $321,645,400 across 46 incidents, a 23.1% decrease compared to Q1 2023. On the other hand, fraud resulted in losses of $14,665,817 across 15 incidents, a 22.4% decrease compared to Q3 2022.
Immunefi, which safeguards over $60 billion in Web3 user capital, offers more than $155 million in available bounty rewards. The platform has already paid out over $95 million in bounties and has saved over $25 billion in user funds, according to the team.
Follow Us on Google News
