Crypto hackers swiped less this year — but a ‘sophisticated threat’ risks reversing the trend

Cybercriminals’ haul from crypto heists dropped by over 50% in 2023 compared to 2022, according to new research from blockchain intelligence firm TRM Labs.

Hackers stole $1.7 billion in 2022, down from the $4 billion bagged by digital crooks last year.

“This is not good news for cybercriminals,” Ari Redbord, global head of policy and government affairs at TRM Labs, told DL News.

The news comes as the crypto market has recovered in recent months. The price of Bitcoin has surged over 140% since the start of the year.

Other researchers have previously attributed similar results to the price of popular crypto assets having fallen hard from their 2021 peaks, but TRM Labs accredited the plunging heist numbers to tough policing.

Redbord said:

“While there is no question that the price of Bitcoin and other crypto assets can play in role in hacks and other financial crime — mostly because the proceeds of hacks have more or less value — the downturn in hacks is more likely due to law enforcement action and better compliance controls than a downturn in the crypto markets.”

The number of hacks have remained stable between this year and last, with 160 incidents recorded in 2023, according to the research.

“Although a few large hacks could close the gap in December, 2023 is likely to finish with significantly lower totals than 2022,” TRM Labs researchers wrote.

However, the firm warned that “the emergence of a new sophisticated threat could quickly reverse the decline in hack volumes,” and urged the industry to remain vigilant or risk seeing the trend reverse in 2024.

“The hacks landscape remains rapidly evolving and inherently uncertain,” TRM Labs said.

What strategies did cybercriminals use?

The bulk of stolen funds in 2023 stemmed from the top ten biggest hacks, which totalled nearly 70% of the pilfered crypto.

Notable examples include Euler Finance and Multichain, which respectively lost $197 million and $126 million, according to DefiLlama.

Infrastructure attacks — such as private key theft or compromised seed phrases — accounted for almost 60% of the total stolen amount.

In such attacks hackers gain access to a crypto entity’s “servers, networks, or software” to steal assets or manipulate trades.

Crypto’s reputation is already marred by numerous scandals and critics blaming it for enabling criminals to steal and launder money — and even to fund North Korea’s nuclear programmes.

North Korean hacking group the Lazarus Group has this year been blamed for the $60 million hack against centralised crypto payment provider Alphapo and the $41 million attack against crypto casino Stake.com.

Industry observers have previously warned that the amount of crypto stolen raises questions about the sector’s security and lack of proper regulation.

“If people choose to continue to store their money in cryptocurrencies, the attraction to target these platforms that act like banks — but without higher up protection — will thrive,” Jake Moore, global cybersecurity adviser at cybersecurity firm ESET, told DL News in October.

Tyler Pearson is a researcher at DL News. He is based out of Alberta, Canada. Got a hot tip? Reach out to him at ty@dlnews.com.