Report: Off-chain hacks account for 57.5% of stolen funds in 2023
A report by blockchain security firm Halborn shows that, despite a decrease in the amount stolen in 2023, decentralized finance (DeFi) hacks remain a major threat to the industry.
The report summarizes the 100 largest DeFi hacks that occurred between 2016 and 2023, with a cumulative total of $7.40 billion, with the majority of attacks occurring on Ethereum, Binance Smart Chain, and Polygon. While on-chain hacks (including smart contract exploitation, price manipulation, and governance attacks) are the most prevalent, off-chain attacks such as private key theft account for 29% of total attacks and 34.6% of stolen funds. In 2023, off-chain attacks accounted for 56.5% of total attacks and 57.5% of stolen funds.
The report adds that only 21% of the hacked protocols used multi-signature wallets. Most on-chain attacks occur on unaudited protocols, and the lack of faulty input verification or confirmation of protocols is the main cause of smart contract utilization losses. Cross-chain bridges remain a major attack vector for malicious actors.