The figures are in: October was the busiest month for crypto protocol exploits this year, with some $760 million stolen. The cumulative total for crypto hacks in 2022 is now at least $2.98 billion, already more than double the amount stolen through exploits in 2021, according to blockchain security firm Peckshield. Peckshield released those figures on Halloween night, giving credence to the term “Hacktober” some industry participants have taken to using. Not a week has gone by without some exploit in crypto making the news. Peckshield estimated there were at least 44 exploits involving some 53 protocols in October. November, too, is already off to a rocky start. Wednesday, Deribit closed customer withdrawals from the derivative exchange so it could patch a bug in its hot wallet that led to a loss of $28 million in bitcoin (BTC), ether (ETH) and stablecoin USDC. Then Solana-based decentralized finance (DeFi) protocol Solend announced a $1 million exploit. Meanwhile, a new Lightning Network bug has been discovered that can cause transactions to fail on the Bitcoin scaling and payments layer.
This year has seen really big Web3 hacks but they are not the biggest. OODA has been compiling a comprehensive Web3 incident database based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.