Immunefi, the leading bug bounty and security services platform for web3, protecting over $60 billion in user funds, published its Crypto Losses Q3 2022 Report. The crypto industry lost $2,328,917,230 so far in 2022.
In Q3 2022 alone, the industry lost $428,718,083. These numbers show a decrease compared to Q2 2022, when hackers and fraudsters stole $670,698,280.
Most of last quarter’s amount was lost by two specific projects, Nomad Bridge and Wintermute, totaling $350,000,000; together, they represent 79.85% of Q3 losses alone.
In Q3 2022, hacks continue to be the predominant cause of losses as compared to fraud, scams, and rug pulls, accounting for 93% of the total amount.
DeFi continues to be the key target for exploits as compared to CeFi, representing 98.8% of the total losses.
The two most targeted chains in Q3 2022 were BNB Chain and Ethereum. BNB Chain suffered the most individual attacks with 16 incidents, representing 28.6% of the total losses across targeted chains, and Ethereum witnessed 13 incidents, representing 23.2% respectively.
In total, $93.8M of stolen funds has been recovered in 2022, which represents just 4% of the total 2022 losses so far. For Nomad, $36.4M has been recovered out of $190M stolen, and in the case of Axie Infinity, $30M has been recovered out of $625M.
“Web3 is a battlefield between blackhat hackers and whitehat hackers. With massive amounts of money at stake, everyone is watching this battle closely”, said Mitchell Amador, CEO of Immunefi. “Constantly learning about new security risks, improving security knowledge and practices, getting audited, and launching a bug bounty program are a must if projects want to survive and build trust with the community”.
Immunefi is the largest and most widely adopted bug bounty platform in web3. Immunefi boasts a massive community of whitehat hackers who review projects’ blockchain and smart contract code, find and responsibly disclose vulnerabilities, and get paid for making crypto safer. The platform now supports 300 projects across multiple crypto sectors, and collectively offers $135 million in bounties to whitehat hackers. Immunefi has also facilitated the largest bug bounty payments in the history of software, including $10 million for a vulnerability discovered in Wormhole, a generic cross-chain messaging protocol, and $6 million for a vulnerability discovered in Aurora, a bridge and a scaling solution for Ethereum.
The full report is available on Immunefi’s website. The company has been tracking crypto losses since the beginning of 2022. Earlier reports can be found here. In addition to that, Immunefi published the Bored Ape Yacht Club Report highlighting stolen Bored Ape NFTs.
Immunefi is the leading bug bounty and security services platform for web3, which features the world’s largest bounties. Immunefi guards over $60 billion in user funds across projects like Synthetix, Chainlink, SushiSwap, PancakeSwap, Bancor, MakerDAO, Compound, Alchemix, Nexus Mutual, and others. The company has paid out the most significant bug bounties in the software industry, amounting to over $60 million, and has pioneered the scaling web3 bug bounties standard. For more information, please visit https://immunefi.com/.