Web3 Security Losses Skyrocket to $889.26M in Q3 2023, Says Beosin Report

blockchain.news:

Key Takeaways

Web3 security losses in Q3 2023 escalate to $889.26M.

North Korean APT group Lazarus emerges as a significant threat, responsible for over $208M in thefts.

Ethereum remains the most targeted blockchain, with losses totaling $227M.

Alarming Surge in Q3 2023 Losses

According to a recent report jointly released by Beosin and SUSS NiFT on September 27, 2023, the third quarter of this year has seen a disturbing rise in Web3 security incidents. Losses have skyrocketed to $889.26M, a figure that outstrips the combined losses of the first two quarters of the year, which were $330M and $333M respectively.

The Lazarus Group: A Formidable Adversary

The report highlights the North Korean APT group Lazarus as a major security threat in Q3 2023. The group has been implicated in thefts totaling over $208M across four significant attacks. Their tactics are complex, involving a range of methods from social engineering to brute force attacks, indicating a high level of sophistication.

Types of Attacks and Vulnerabilities

Private key compromises led the way in types of attacks, causing losses of $223M. Cloud database attacks, notably the Mixin Network incident, accounted for $200M. Contract vulnerabilities were also significant, leading to about $93.27M in losses. DeFi projects were the most frequent targets, suffering 29 attacks that led to $98.23M in losses.

Blockchain and Project Types Most Affected

Ethereum continues to be the most targeted blockchain, with losses amounting to $227M and 16 major attacks. Public blockchains were the most affected among project types, primarily due to the $200M Mixin Network hack. Payment platforms were the next most affected, with two incidents causing combined losses of