Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

2023 In Review: Hacken Security Report

2023 In Review: Hacken Security Report

Share via:

2023 was a year of significant challenges and developments in the world of crypto security. From sophisticated attack techniques to substantial financial losses, the landscape of digital asset security has faced critical tests – and our report delves into the patterns and trends that shaped the turbulent year. Importantly, the 2023 Hacken Security Report gathers key expert insights, equipping Web3 businesses with evidence-based practices and strategic measures for navigating the evolving landscape of cyber threats.

Some Key Takeaways

Total losses in 2023 reached a staggering $1.9B
Access control issues accounted for 50% of these losses
$275M drained from protocols in flash loan attacks
20% of the stolen funds were recovered

Detailed Takeaways from the Report:

Total Value Lost

$1.9 billion was the total yearly losses reached. Compared with the $52.3B loss of 2022, seems like a good dynamic. But a closer look paints a dimmer picture, with the number of attacks growing in numbers and complexity.

The most affected sector was Lending and Borrowing, primarily smart contract-based money markets, followed by bridges and exchanges.

More (Sophisticated) Attacks

2023 recorded a 14% increase in the number of attacks over 2023.

Access control issues were at the heart of 50% of all losses.

Hotspots For Hackers

Singapore and the USA emerged as significant hotspots for cyber exploits, possibly due to the highest fintech activity there – a detailed analysis is included in the full report.

Rug Pulls

The number of rug pulls was higher than all other registered exploits combined. It is expected to observe a surge of rug pulls on networks like Solana. An indicator of this trend is the creation of approximately 100,000 new tokens on Solana in just December. Investment in public security measures was a strong predictor of an exit scam risk, as notably, only 6% of all rug-pulled projects had any form of audit.

Asset Recovery

Protocols recovered 20% of stolen assets, or $400M, first in the industry.

Audits

Only 10% of exploited contracts underwent any form of audit, and merely half of these were relevant, matching the deployed blockchain code.

Bug Bounties

Only 15% of hacked companies had any bug bounty program. Among these, just 7% had an ongoing bug bounty program covering the exploited smart contracts when the hack occurred.

What to Expect in 2024 and Beyond?

Access control breaches and flash loan attacks will remain key concerns.
Rug pulls to continue as standard risk, with a surge on fast-rising networks like Solana.
Growth in token factories leading to rampant pump-and-dump schemes.
A potential rise in vulnerabilities due to neglecting audits on new networks as risk-seeking liquidity and experimentation attention shifts from Ethereum to Layer 2 solutions.

Security Recommendations

To improve security in 2024, businesses should invest in:

Comprehensive auditing and ongoing monitoring
Proactive security culture via bug bounty programs
Stringent access controls like multisig wallets
Security-rich features for wallets and extensions
Better scam education for communities

As the industry grows, proactive and resilient security measures will be essential to prevent incidents in the upcoming bull run.

Download the Full Report

For a deeper dive into the intricate details of these findings and to equip yourself with knowledge for a more secure future in the crypto space, we invite you to download our comprehensive 2023 Hacken Security Report.