Web 3 security firm Beosin recently released its 2022 Q2 Web 3 Security Report, analyzing the latest attacks and exploits to impact the blockchain sphere. It found that over $718 Million were lost to related schemes during that time – most of which occurred in the defi space.
The report – produced in collaboration with Footprint Analytics – cited 48 major “attacks” as responsible for those losses. These attacks were far from equal: three alone (Beanstalk Farms, Elrond, and Harmony) each accounted for over $100 million in losses, with 28 making up between $1 million and $10 million lost.
Last quarter’s losses are technically a 40% drop from the near $1.2 million lost in Q1, 2022, but is still a 2.42 times increase from the $296.56 million lost in Q1 2021. Furthermore, losses in Q1 2022 were likely dominated by the infamous Ronin Bridge hack, which netted over $600 million for the attacker.
Data shows that April was the most active month for hacking, with “19 major security incidents” and over $374 million lost. Losses significantly decreased in May alongside Bitcoin’s price, but saw an interesting spike in June despite the market’s continued decline.
“All chains and attacked projects saw a significant decrease in TVL values in May,(…). Most projects experienced a decrease in TVL immediately after they were attacked.”
The report said
The Most Common Attacks
Decentralized finance (Defi) was the overwhelming target among web 3 hackers. Defi allows crypto users to access financial services like borrowing and lending in a decentralized manner using self-executing smart-contract programs.
About 79.2% of attacks occurred in this space last quarter, accounting for 63.3% of losses. The most common attack method was to exploit vulnerabilities in smart contract code, netting hackers $138 million in total. These comprised 45.8% of attacks, compared to 50% of attacks in Q1.
The next most common attack method involved the use of flash loans – defi loans that don’t require collateral but must be paid back in short order. Hackers often use flash loans to amass vast control of a given protocol’s governance token, allowing them to pass malicious protocol changes. Such attacks netted $233 million in Q2 – more than any other hacking method.
Another $131.15 million were lost to compromised private keys, around which security “continues to be a concern.”
52% of attacked projects had reportedly been audited. Audited projects still accounted for the vast majority (76.2%) of stolen funds.
Summary
DeFi security remained a focus of concern in Q2 2022, with approximately 79.2% of attacks occurring in the Defi space. For two consecutive quarters, DeFi has been the focus of hacker attacks. Although NFT, cross-chain bridges, and exchange security incidents are not as frequent as DeFi incidents, several incidents involved large losses. Web3 projects of all types should strengthen security.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews
Follow CoinCu Youtube Channel | Follow CoinCu Facebook page
Foxy
CoinCu News
