In a notable decrease from the previous year’s all-time high of $3.8 billion, hackers managed to compromise approximately $2 billion in cryptocurrencies during 2023. Among the significant incidents was a data breach in September that led to the theft of $200 million from the Hong Kong-based crypto company Mixin. Another incident in March saw cybercriminals pilfer around $197 million from the crypto lending platform Euler Finance.
De.FI, the Web3 security firm overseeing the REKT database, emphasised that the dispersed nature of these incidents highlights persistent vulnerabilities within the decentralized finance (DeFi) ecosystem. Despite a relatively muted interest in the crypto space during the first half of the year due to a bear market, 2023 served as a testament to both ongoing vulnerabilities and advancements made in addressing them.
Notable breaches in December included a $30 million hack at the leading crypto exchange HTX, resulting in a net outflow of $258 million. In June, Atomic Wallet, a mobile and desktop crypto wallet, experienced a security breach, leading to a loss of over $35 million in crypto assets.
Cross-chain crime, involving the illicit laundering of over $7 billion in cryptocurrencies, has become a preferred method for cybercriminals, with North Korea’s Lazarus Group linked to the theft of approximately $900 million between July 2022 and July of the current year. Blockchain analytics firm Elliptic highlights that cross-chain services are increasingly used for money laundering in various cybercrimes, including scams and crypto thefts.
The blockchain monitoring firm Chainalysis reported that cryptocurrency hackers stole $3.8 billion in the previous year, marking the worst on record for crypto investors. North Korea, according to a confidential United Nations report, stole a higher value of cryptocurrency assets in 2022 than in any other year, targeting foreign aerospace and defense companies using sophisticated cyber techniques.
Despite North Korea’s denial of hacking allegations, independent sanctions monitors reported to the UN Security Council that the country’s cyber actors utilized increasingly sophisticated techniques to gain access to digital networks involved in cyber finance and steal valuable information for its weapons programs.
South Korea estimated that North Korean-linked hackers stole virtual assets worth $630 million in 2022, while a cybersecurity firm assessed the value of cryptocurrencies obtained through North Korean cybercrime to be over $1 billion. The UN report acknowledged that the techniques employed by cyberthreat actors have become more sophisticated, making the tracking of stolen funds increasingly challenging.
