More Than $718M Was Lost To Web3 Hacks In The Second Quarter Of 2022

More than $718M was lost to web3 hacks during the second quarter of this year and half of these projects were attacked despite undergoing audits so let’s read more today in our cryptocurrency news.

The Web3 security company Beosin released its 2022 Q2 web 3 security report that analyzed the latest hacks and exploits and the impacts of the blockchain sphere. It found that over $718 million were lost to related schemes at the same time and most of them occurred in the defi space. The report shows that more than $718M was lost to hacks and these attacks were far from equal. Three alone accounted for over $100 million in losses and 28 made up between $ 1 million and $10 million lost.

The last quarter’s losses show a 40% drop from the $1.2 million lost in Q1 but it is still 2x higher than the $296 million lost during the first quarter of 2021. Furthermore, the losses in the first quarter were dominated by the infamous Ronin Bridge hack which drained $600 million for the attacker. The data shows that the most active month for hacking was April with 19 security incidents happening and over $374 million lost. The losses decreased in May alongside the crashing Bitcoin price but then saw a spike in June despite the market decline. The report shows:

“All chains and attacked projects saw a significant decrease in TVL values in May. Most projects experienced a decrease in TVL immediately after they were attacked.”

The Defi space was an overwhelming target for web3 hackers and it allows crypto users to access financial services such as lending or borrowing in a decentralized manner by using self executing smart contracts. About 79% of the attacks happened in space the last quarter which accounted for 63.3% of the losses. The most common attack method was exploring vulnerabilities in the smart contract code and netted hackers $138 million in total which comprised 45% of the attacks compared to the 50% of the attacks in the first quarter.

The next most used attack method involved the use of flash loans which don’t require collateral but have to be paid back in short order. The hackers often use flash loans to amass vast control of the protocol’s governance token which allows them to pass malicious protocol changes and these attacks netted $233 million in the second quarter. Another $131 million were lost to compromised private keys which is still a major concern.