In the third quarter of 2022, the cumulative losses of the Web3 ecosystem from hacking and fraud amounted to $428.7 million, experts of the Immunefi bounty platform estimated.
During the period, 39 incidents occurred, of which 30 were hacker attacks with a total damage of $399 million. The remaining losses of $29.8 million came from nine scam cases, including rug pull schemes.
Most of the total amount was accounted for by the two largest hacks:
Nomad cross-chain protocol ($190 million) and Wintermute market maker ($160 million).
DeFi projects remain the key targets of hackers and scammers – they accounted for 98.8% of total losses against 1.2% for the CeFi sphere.
According to experts, this is due to the better level of protection of centralized platforms like Binance and Coinbase, which also allocate more resources to security. Another factor in Immunefi was the multiplicity and diversity of decentralized projects, which provides more vectors for attack.
In the context of blockchains, most of the protocols involved in the incidents are based on BNB Chain (16 attacks and 28.6% of the damage amount) and Ethereum (13 and 23.2%, respectively).