North Korea Hackers’ Illicit Gains Dwindled in 2023 Despite More Attacks – Chainalysis
Blockchain analytics and security firm Chainalysis has reported a decrease in cryptocurrency theft in 2023.
Sharing its insights in a blog post, the firm disclosed that the crypto market witnessed a collective loss of $1.7 billion. This marks a significant 54.3% reduction from the $3.7 billion pilfered by malicious actors in 2022.
Funds stolen from crypto platforms in 2023 fell 54.3% to $1.7 billion. This is mostly due to a drop in DeFi hacking, which drove the increase in stolen crypto that we saw in 2021 and 2022. However, there still were several large DeFi hacks in 2023. pic.twitter.com/s8Ix982HR2
— Chainalysis (@chainalysis) January 24, 2024
Despite the drop in fiat value, Chainalysis highlighted a surge in crypto-focused attacks, with individual hacking incidents increasing from 219 in 2022 to 231 in 2023.
However, while the overall number of cryptocurrency hacks rose in 2023, the number of decentralized finance (DeFi) attack incidents specifically dipped by 17.2%.
The report also explored the role North Korea-backed hackers like the Lazarus Group and Kimsuky played in the crypto industry. Chainalysis stated that these cyber fraud groups collectively stole $1 billion in 2023, compared to $1.7 billion in 2022.
Nonetheless, the number of crypto platform hacks stood at a significant figure of 20 – the highest number on record attributed to the anonymous team.
The cyberattack groups stole $428.8 million from DeFi platforms, $150 million from centralized crypto service operators, and $330.9 million from crypto exchanges.
Additionally, crypto wallet service providers lost $127 million to North Korea-backed hackers.
Further data disclosed by Chainalysis revealed that DeFi platform hacks fell by more than 63% in 2023, with only $1.1 billion stolen compared to $3.1 billion in the same period in 2022.
The amount of digital tokens stolen on DeFi protocols was also lower than in 2022, and the median loss per DeFi hack dropped by 7.4% over the past year.
Giving reasons for the significant drop, Chainalysis stated that the lower amount of lost funds in the DeFi space was a crucial determinant.
Lead Integration Engineer for the Halborn Security network, Mar Gimenez Aguilar, also suggested that the improved security measures of a growing number of DeFi protocols played a role.
Value lost in DeFi hacks declined by 63.7% YoY. @mgimenezaguilar at @HalbornSecurity shared potential reasons behind this decline, citing DeFi security improvements, but also the overall drop in DeFi TVL, which may have reduced funds available to steal.
— Chainalysis (@chainalysis) January 24, 2024
Nonetheless, Chainalysis noted that the lower DeFi loss might be attributable to the lower amount of assets locked in the permissionless trading ecosystem. At its height, more than $300 billion in total value locked (TVL) was focused on the DeFi ecosystem.
However, due to significant ecosystem headwinds, the current TVL available in the DeFi space is roughly $54 billion, according to DeFiLlama.
Attack Vectors Targeting On-chain and Off-chain Vulnerabilities
Following the inflow of funds into the DeFi space during the crypto bull run in 2021 and 2022, hackers turned their attention to the emerging sub-sector.
According to Chainalysis, crypto losses in the DeFi space stood at $2.5 billion and $3.1 billion in both years.
Shedding insight into the favored methods by hackers, Aguilar of Halborn Security stated that attack vectors are usually grouped into on-chain and off-chain. She noted that on-chain vulnerabilities stemmed from the online components of a DeFi protocol and not the blockchain itself, such as their smart contracts.
The off-chain attack vectors focus on vulnerabilities outside the protocol, like the off-chain storage of private keys on a faulty cloud storage solution. With these two mediums, hackers are able to penetrate any DeFi protocol.
Attack vectors affecting DeFi are sophisticated and diverse, with hackers exploiting both on-chain and off-chain vulnerabilities. In particular, the compromise of private keys, price manipulation attacks, and smart contract exploitation drove DeFi hacking losses in 2023. pic.twitter.com/7ZShsNjL8t
— Chainalysis (@chainalysis) January 24, 2024
Furthermore, Chainalysis stated that compromised private keys, price manipulation attacks, and smart contract exploitations were the leading causes of DeFi hacks in 2023.
