Lazarus Group Tied to 17% of $1.8B in 2023 Web3 Hacks

Lazarus Group Tied to 17% of $1.8B in 2023 Web3 Hacks

In 2023, the Web3 landscape experienced a setback, with $1.8 billion lost to hackers and fraudsters. A portion of these losses, about 17%, has been linked to the Lazarus Group, believed to be connected to North Korea. This information emerges from a report by Immunefi, a blockchain security platform.

The year witnessed several high-profile hacks, with the Mixin Network suffering the most significant blow, losing over $200 million. Close behind were the Euler Finance and Multichain protocols, which faced losses of $197 million and $126 million, respectively.

Lazarus Group Tied to 17% of $1.8B in 2023 Web3 Hacks

Source: Immunefi

The Lazarus Group, a cybercriminal organization with ties to North Korea, has been a persistent threat in the cybersecurity landscape. In 2023, their activities accounted for approximately $309 million of the total losses in the Web3 space. This includes high-profile hacks such as the Atomic Wallet ($100 million), CoinEx ($70 million), and Alphapo ($60 million).

A notable observation from the report is the disparity in losses between decentralized and centralized finance (CeFi) protocols. While decentralized protocols accounted for $1.3 billion of the losses, CeFi platforms saw comparatively lower losses at $409 million. This indicates a greater vulnerability in decentralized systems, which are prime targets for hackers.

Fraud vs. hacks

In the breakdown of the losses, it is evident that the majority were due to hacks rather than fraud. Of the total $1.8 billion, only $103 million was attributed to clearly identifiable fraud schemes, such as rug pulls. This suggests that the primary challenge lies in fortifying against hacks and exploits.

The $1.8 billion in losses for 2023 represents a decline from the previous year, which saw over $3.8 billion stolen, as reported by Chainalysis. This could be an improvement in security measures or a change in hacker tactics.

As per Chainalysis, throughout the year, there was a noticeable fluctuation in hacking activities, with significant surges observed in March and October. Notably, October marked a record-breaking period in the realm of cryptocurrency hacking. In this month alone, a total of $775.7 million was illicitly appropriated through 32 distinct hacking incidents. This figure positioned October as the most substantial month on record for cryptocurrency-related thefts.

The industry perspective

In a recent interview with Hackernoon, Sajjad Rehman, VP of Revenue at Immunefi, shared insights for those venturing into the Web3 space. Emphasizing the importance of a solid foundation, he advised focusing on robust security, genuine utility, and a rich user experience.

Rehman highlighted that these core aspects are critical for enduring success, irrespective of market fluctuations. He stressed the importance of gaining the trust and satisfaction of customers and the community, pointing out that while market values may fluctuate, maintaining a strong foundational offering ensures long-term viability and the potential for recovery and growth.

Rehman also urged Web3 projects and teams to adopt a long-term perspective. He cautioned against being swayed by short-term gains, underscoring the importance of building a sustainable, future-proof business.

According to Rehman, the Web3 industry is in need of leaders who are proactive and set new standards rather than those who inherit existing frameworks. He emphasized the necessity for real, driven entities capable of shaping the industry in the coming years.

Image credits: Shutterstock, CC images, Midjourney, Unsplash.