Despite the 2022 market crash, the crypto industry still presents a tantalizing opportunity for so-called “black hat hackers.” At the end of Q3 2022, the crypto space was worth $934.85 billion, according to CoinMarketCap.

Compared to the end of Q2, that represents an increase of 4% while only representing 43.56% of the market cap at the end of Q1. Approximately two-thirds down from the market’s peak of $3 trillion in November 2021.

As well as classic techniques like phishing, the industry’s relative novelty also makes it easier to exploit less battle-tested technologies. These include new kids on the block, like cross-chain bridge hacks.

(In contrast to “white hat” hackers who exploit for good intentions, black hat hackers break in for malicious purposes. The term “black hat” comes from 1950s gangster movies where the villains famously wore black fedoras.)

According to a new report from Immunefi, there were 168 examples of protocol exploits and alleged rug pulls. These include both alleged fraud and successful and “semi-successful” hacking attempts. According to their analysis, the web3 ecosystem saw a total loss of $3.9 billion in 2022. The vast majority of that ($3.7 billion) was lost across 134 hacks. The remaining total was 175 million in fraud across 34 incidents, according to their research.

Immunefi uses publicly available data to collate its reports. BeInCrypto has taken a look at its work and broken down some of the report’s key parts.

DeFi Is The Most Vulnerable

As in previous years, DeFi remained the most popular target for black hat hackers. The DeFi ecosystem suffered $3.1 billion in losses in 2022 across 155 separate hacks. A substantial increase from the year before. In 2021, DeFi lost $2.4 billion in 107 separate hacks, representing a rise of 56.2%. According to a separate report by crypto data aggregator Token Terminal, cross-chain bridges are the victim of 50% of DeFi exploits.

This compares unfavorably to CeFi, which saw a decrease from the year before and a fraction of DeFi’s hack-related losses last year. According to the report, CeFi projects only suffered 13 hacks, which amounted to $769 million. In 2021, CeFi lost $6 billion in 9 incidents. That represents a huge 87.3% decrease.

BNB And Ethereum Saw The Biggest Losses

BNB Chain and the layer-1 blockchain Ethereum were the two most targeted chains in 2022, representing more than half of the chain attacks at 63.3%.

Hackers preferred BNB Chain over the rest by a substantial margin, with over a third (36.1%) of the total attacks across targeted chains aimed at the Binance-initiated chain. The number of attacks on BNB Chain has increased by 51.2% when compared to 2021, which saw 43 attacks on the network.

Ethereum witnessed 49 incidents, representing 27.2% of the total incidents across targeted chains. This number represents an 8.9% increase when compared to 2021 when Ethereum witnessed 45 attacks.

With 12 hacks, Solana came in a distant third, representing 6.7% of total attacks across chains. Avalanche followed with 4.4%, Polygon with four incidents, representing 2.2%, and NEAR with two incidents, representing 1.1%. Polkadot only suffered one attack, according to the report, representing 0.6%.

According to Immunefi’s research, the “remaining chains like Gnosis, Cronos, Arbitrum, Fantom, and others together represented 21.7% of the total chain attacks.”

Exploits Losses Spiked In Q4 2022

As we know, the collapse of FTX dominated the latter part of last year. Sam Bankman-Fried’s now-defunct exchange dominated that quarter’s exploit numbers as well. In the early hours of November 12, hackers made off with hundreds of millions of dollars which were then transferred to cold storage. FTX had filed for Chapter 11 bankruptcy protection in the U.S. just days before.

Q4’s exploit numbers blew every other quarter out of the water, with $1.2 billion in total losses across 55 incidents. Representing a whopping 41% of the losses for last year. Most of the losses were from FTX and BNB chain, which together amounted to $1.2 billion in losses. Source: CoinGecko

Q1 was the second most dramatic quarter and was similarly dominated by two separate exploits, Ronin Network, and Wormhole, which were hacked for $625 million and $326 million, respectively. Ronin Network’s users were later reimbursed after a cash injection from Binance. Around $400 million of the coins stolen had been from users playing the game Axie Infinity. Wormhole is a cross-chain bridge that was accessed after hackers managed to exploit the platform’s smart contract.

Other headline-grabbing exploits included Nomad’s $190 million, BNB Chain’s $570 million, and FTX’s $650 million accounted for about 60% of all losses.

Some Funds Were Recovered

However, there is a silver lining. From the total $3.9 billion of funds taken from hacks and fraud, the report calculates that $204 million has been recovered. However, this only accounts for 5.2% of 2022’s total losses.

The most successful recovery came from the Multichain hack, one of the first exploits of the year. Initially, users complained about the bridge’s unhelpfulness and lack of communication. However, by the end of February, the protocol had recovered 50% of all funds. By the end of the year, according to the report, Multichain’s users had received $2.6 million out of the $3 million stolen.