2023 in Review: The State of Web3 Security

2023 saw billions of dollars in liquidity extracted from web3 ecosystem by crypto thieves. Although the losses were less than the year before, this is largely due to the drastic reduction in available liquidity flow on-chain.

In essence, crypto theft did not slow down. If anything, it became worse. Enterprises in web3 lost a whopping $1.95 billion, while individual users suffered losses totaling $295 million.

Let’s examine some key trends and statistics that depict the state of Web3 security last year.

Key Trends

• Phishing scams grew more sophisticated.
• Wallet-drainers became widespread, leading to a rise in scam incidents.
• Large-scale phishing scams targeted crypto users on social media (especially 𝕏).

The Rise of Wallet Drainers

Malicious smart contracts are routinely customized to compromise and steal assets from wallets.

These contracts, known as wallet-drainers, are often hosted on bogus websites and hijacked web pages. They are then proliferated through bots and stolen social media accounts.

This combination of social engineering and automated crypto theft proved to be wildly successful. In 2023, 307,000 users fell victim to phishing scams. Most of these involved wallet-drainers.

Wallet drainers are commonly offered on the black market to scammers for a premium or commission paid to the original developer. As wallet security tools evolved, so did wallet-drainers. In 2023, at least seven unique versions of wallet-drainers gained notoriety for facilitating crypto theft.

• VENOM DRAINER: Launched in January 2023. Stole $27 million.

• PUSSY DRAINER: Launched in January 2023. Stole $15 million.

• INFERNO DRAINER: Launched in March 2023. Stole $81 million.

• MS DRAINER: Launched in March 2023. Stole $59 million.

• ANGEL DRAINER: Launched in March 2023. Stole $20 million.

• PINK DRAINER: Launched in March 2023. Stole $18 million.

• MS DRAINER: Launched in August 2023. Stole $16 million.

On-chain Distribution of Crypto Theft

Web3 enterprises were the biggest victims of crypto theft in 2023, with $1.95 billion in losses. These cyberattacks targeted projects with liquid treasuries or reserves of tokens. Protocols with frequent on-chain user activity were also targeted by malicious actors.

Incidents of crypto theft varied in severity and frequency across various blockchains. This indicates the presence of risk factors that must be mitigated at the project development stage.

#5: ARBITRUM

23 security incidents. $30.9 million stolen.

#4: BINANCE SMART CHAIN

213 security incidents. $110.1 million stolen.

#3: CENTRALIZED EXCHANGES

4 security incidents. $118.2 million stolen.

#2: POLYGON

8 security incidents. $123.2 million stolen.

#1: ETHEREUM

170 security incidents. $1.35 billion stolen.

Our 2024 Mission: Turning the Tide

FailSafe’s commitment to building safer blockchain ecosystems remains unwavering. We’re excited to ship even more features and upgrades to our wallet security suite.

We have built the ultimate layer of protection that stops crypto theft with a 99% accuracy rate. FailSafe is live on Ethereum, Binance Smart Chain, and Polygon.

Get proactive with wallet security. Get FailSafe. Secure your digital assets today.