According to news from PANews on June 30, according to the Beosin EagleEye security risk monitoring, early warning and blocking platform monitoring of the blockchain security audit company Beosin, the total loss caused by hacking, phishing and Rug Pull in the Web3 field in the first half of 2023 Reached 655.61 million US dollars. Among them, there were 108 attack incidents, with a total loss of approximately US$471.43 million; phishing fraud with a total loss of approximately US$108 million; and 110 Rug Pull incidents by project parties, with a total loss of approximately US$75.87 million. The total loss amount of hacking incidents in the Web3 field has dropped significantly compared with last year. The total attack loss in the first half of 2022 is approximately US$1.91 billion, in the second half of 2022 it is approximately US$1.69 billion, and in the first half of 2023 this value drops to US$470 million.

From the perspective of the types of projects attacked, DeFi is still the type with the highest frequency of attacks and the largest amount of losses. The total loss amount of 85 DeFi security incidents reached 292 million US dollars, accounting for 62% of the total loss amount. From the perspective of chain platform types, 75.6% of the loss came from Ethereum, about 356 million US dollars, ranking first among all chain platforms. From the perspective of attack methods (statistics based on the root cause), the most frequent attack method that causes the most losses is the exploitation of contract vulnerabilities. The 60 contract vulnerability incidents caused a loss of 264 million US dollars, accounting for 56% of all losses. Looking at the flow of funds, approximately $215 million in stolen assets was recovered, accounting for 45.5% of all stolen assets. Another roughly $113 million in stolen assets was transferred to Tornado Cash and other mixers. Judging from the audit situation, about 49% of the attacked projects have not been audited.
Contrary to the declining trend of hacking incidents compared to 2022, for ordinary users, phishing scams and project party Rug Pull incidents will occur more frequently in the first half of 2023. According to incomplete statistics, the total amount involved in these two types of incidents reached at least 184 million US dollars. Due to the lowering of phishing threshold technology (for example, through some channels, malicious toolkits can be purchased from phishing gangs, and the profits can be divided), resulting in a sharp increase in phishing fraud incidents in the first half of 2023, which has become the main reason for threatening the security of Web3 users.