Certik Ranks September as the Worst Month for Crypto Exploits

• Certik reported that 2023 Q3 was the most financially damaging quarter of the year.
• The Mixin Network hack was the biggest hack case of September.
• The Lazarus Group played a role in several cases of hacks recorded in the last quarter.

Blockchain security company Certik on Monday, October 2, ranked September as the year’s worst month in terms of crypto exploits and hacks. September reportedly recorded a staggering loss of around $329.8 million.

CertiK stated that the Mixin Network incident on September 23 was the biggest of the crimes. Hong Kong-based Mixin, a decentralized cross-chain transfer protocol, suffered a $200 million loss as a result of a compromise with its cloud service provider.

#CertiKStats 🚨

Combining all the incidents in September we’ve confirmed ~$332M lost to exploits, hacks and scams.

Exit scams were ~$1.9M

Flash loans were ~$0.4M

Exploits were ~$329.8M

See more details below 👇 pic.twitter.com/DMFN9LWU8V

— CertiK (@CertiK) September 30, 2023

Other significant hacks in September include the attacks on Stake.com ($53 million) and CoinEx ($41 million). The Lazarus Group, a North Korean hacker group, has reportedly been blamed for both attacks.

The hacks increased the amount of cryptocurrency lost through exploits in a single year to $925.4 million.

The total amount lost in 2023 as a result of exploits, fraud, and hackers is now $1.34 billion. July recorded $285.8 million, making it the second-highest month for exploit losses.

CertiK claims that the month also saw losses of $1.9 million through exit scams, $400,000 from flash loan attacks, and an additional $25 million from phishing attacks.

CertiK also branded the third quarter of 2023 as the “most financially damaging” period of the year, with approximately $700 million in digital assets lost due to different security-related incidents.

The security company identified 184 security events that occurred in July, August, and September 2023. The report claimed that over $699 million in crypto assets were lost during that period, exceeding the losses from Q1 (320 million) and Q2 (313 million), respectively.

Private-key exploits were largely popular during this period. In addition, exit scams and Oracle manipulation were also common in Q3. Certik claims that there were 93 exit scam cases during the quarter, resulting in the theft of more than $55 million in digital assets. Furthermore, approximately $16 million in cryptocurrency was stolen in 38 Oracle manipulation incidents.