The Mixin Network cross-chain protocol was responsible for nearly two-thirds of September’s crypto exploit losses.
September has officially become the worst month (so far) in 2023 for crypto-related exploits, with $329.8 million in stolen cryptocurrency.
According to blockchain security firm CertiK, the most significant contributor to the month’s totals was the September 23 Mixin Network attack, in which the Hong Kong-based decentralized cross-chain transfer protocol lost $200 million due to a cloud provider breach.
#CertiKStatsAlert 🚨
Combining all the incidents in September we’ve confirmed ~$332M lost to exploits, hacks and scams.
Exit scams were ~$1.9M
Flash loans were ~$0.4M
Exploits were ~$329.8M
See more details below 👇 pic.twitter.com/DMFN9LWU8V
— CertiK Alert (@CertiKAlert) September 30, 2023The attacks on the CoinEx exchange and Stake.com, which caused $53 million and $41 million in losses, respectively, were also notable during the month.
The Lazarus Group, a North Korean cyber collective, has been implicated in both attacks; the most recent data from Dunn Analytics shows that the group currently owns crypto assets worth $45.6 million.
The attack has increased the annual quantity of lost cryptocurrency to $925,4 million. July was the second costliest month for exploit losses, with $ 285.8 million being taken.
The month also saw $1.9 million in losses from exit schemes, $400,000 from flash loan attacks, and $25 million from phishing attacks, according to CertiK. In 2023, the total sum lost due to exploits, scams, and breaches reached $1.34 billion.
According to blockchain security firm Beosin, total losses from breaches, phishing scams, and exit scams were just under $890 million for the third quarter of 2023.
Beosin reported late last week that Q3 losses exceeded the sum of the first two quarters, which totaled $330 million in Q1 and $333 million in Q2.
