Blockchain projects have taken damages totalling $1.976 billion as of June 30 2022, coming from 187 security incidents in the first half of 2022, a new report has revealed.
The report by blockchain security firm, SlowMist, said:
“Approximately 77% (144 cases) of these security incidents resulted from the project’s own vulnerabilities being exploited by attackers, with a loss of approximately $1.84 billion, accounting for 93% of the total loss from security incidents.”
Approximately 21% (39 cases) resulted from scams, including phishing & rug pull attacks, with a loss totalling approximately $130 million. This accounted for 7% of the total loss from security incidents.
According to SlowMist Hacked, an ongoing tracker of blockchain security incidents, there were around 100 DeFi security incidents as of June 30 2022, with damages exceeding $1.63 billion. This sector is proving to be one of the more vulnerable with incidents across various chains as we have illustrated below:
No. of Incidents
Binance Smart Chain
Statistics on Dune Analytics, indicate that the total locked-in value (TVL) of Ethereum’s 15 biggest cross-chain bridges was about $8.39 billion dollars.
The TVL on Ethereum bridges is as follows:
Polygon Bridge – $3.5 billion dollars
Arbitrum Bridge – $1.893 billion dollars
Avalanche Bridge – $1.241 billion dollars
Cross-bridge incidents account for 64% of DeFi’s total losses and 53% of total losses overall in the first half of the year, according to the report.
“Cross-chain bridges, as a crucial infrastructure of the multi-chain ecosystem, bear a large amount of capital flow and provide considerable ease to consumers.
However, it poses numerous security and decentralization challenges, necessitating projects to increase its security, risk management, and other capabilities.”
Here are more H1 2022 stats from the report:
May and June 2022 had the highest number of safety incidents
Binance Smart Chain (BSC) accounted for the majority of security incidents
Cross-chain bridges incurred the most losses (53% of total losses)
NFT project losses were $62.81 million – majority were phishing attacks
92% of all attacks were caused by projects design defects and contract vulnerabilities
4% of total losses as was a result of compromised private keys (about $270 million)
From the 187 security incidents that were discovered in the first six months of 2022, the report divided attack types into 4 categories which represented 95% of all incidents:
A project’s own design flaws
Rug-pull and phishing scams
Private key exposure
The introduction of front-end malicious code
When it comes to exchanges such as Binance and Crypto.com, the report reveals that ‘there were four trading platform security incidents worldwide in the first half of the year, with losses exceeding $77.7 million.’