Since 2022, security incidents caused by fraudulent scams and vulnerabilities in the Web 3.0 field have caused approximately $3.4 billion in losses, and a total of 573 attacks have been recorded this year.

In November 2022, CertiK recorded a total of 36 large-scale attacks. Although it was slightly lower than last month, the loss per attack increased significantly. The average loss of large-scale attacks in November was about 16.551 million US dollars, while 10 The average loss for the month was approximately $7.267 million.

The number of exits from scam projects has also risen sharply this month, up 375.5% compared to October. A total of 35 incidents were recorded in November with a total loss of approximately $29.877 million, compared to 26 incidents in October with a loss of approximately $7.2 million.

The number of flash loan attacks was halved from the previous month at 8, however losses increased: $5 million lost this month compared to just $1 million in October

We can also see that the number of Discord and related scam projects has decreased in recent months: 12 incidents were recorded this month, compared to 97 in August and 57 in September.

Of the 62 incidents recorded this month, 35 were exit scams, 8 were flash loan attacks and 19 were categorized as “other”.

large attack

There were 36 large-scale attacks in November, equal to the number of attacks in June. The average loss per attack was about $16.551 million, a significant increase from the average loss of $7.267 million for attacks in October.

The largest attack this month was the FTX hack, which caused a total of $477 million in damages. Shortly after FTX filed for bankruptcy on November 11, 2022, FTX's general counsel Ryne Miller tweeted that they were "investigating anomalies." The next day, Ryne Miller reported on Twitter that the company had "activated precautionary measures" and moved all of its project assets to cold storage, meaning that project asset wallets were no longer connected to the internet.

There are many theories about how the hack happened, but most reports suggest it was an insider act. FTX is the second largest attack this year, after March'sRonin Bridge($624 million) incident. The FTX incident is still under investigation, and it is expected that it will take quite a while before the truth comes to light.

The second largest attack this month was the theft of the hot wallet of the Deribit exchange on November 2, 2022. A whopping $28 million was lost due to private key leaks, making it the third largest private key breach in 2022. The Deribit exchange said the loss will be covered by company reserves, so user funds will not be affected. The Deribit exchange claims to keep “99% of user funds in cold wallets to limit the impact of these events”. Apart from that, they also stated that operations have not been affected by the incident as withdrawals are now impossible for any hackers due to the additional manual confirmation required.

The third largest loss in November 2022, occurred on November 13Flare Exit Scamresulting in total damages of $18.5 million. This project does not have any social media accounts and is not affiliated with Flare Networks. As of now, the deployers of the scam are laundering money in Tornado Cash.

exit scam

In November 2022, losses due to exit scams amounted to $29.877 million, a 375.5% increase from October. These losses come from 35 incidents confirmed by CertiK, which means that the number of exit scams has increased by 40% compared to the previous month.

Let's take a look back at the 11 months that have passed this year, 6 of which have resulted in $6-$8 million in losses to exit scams. That said, November's exit scam losses are unusual. That's because in this month's exit scam,FLAREThe resulting $18.5 million in losses accounted for the majority of exit scam losses in November.

In addition, in the data recorded by CertiK, as in previous months, money laundering of project assets is still frequent this month, but such incidents are not included in our monthly statistics.

Flash loan attack

Compared to October, there were fewer flash loan attacks this month, but losses were higher. The total number of flash loan attacks was eight, with a total loss of $6 million, compared with 16 flash loan attacks in October, with a total loss of $1 million. Additionally, the average cost per attack in November was $637,000, compared to $98,000 per attack in October.

The largest flash loan attack this month was the DFX Finance attack.

At 4 a.m. on November 11, 2022, the DFX Finance swap contract was attacked, resulting in a loss of about $5 million.

The attacker took advantage of the flawed flash loan mechanism in the swap contract to bypass the check of repaying the flash loan by depositing tokens into the contract, and then withdraw the token from the contract after completing the flash loan. This vulnerability is caused by a contract design problem, that is, the contract does not take into account that the token of the Flash Loan can be used to deposit and eventually "repay" the Flash Loan.

Discord and related scams

write at the end

write at the end

Aggregated on a monthly basis, November is the second-highest month in 2022 for the amount of money lost to hacks, bugs, and off-the-wall projects.

The main reason for the higher amount of losses is that the hack of the FTX exchange caused a loss of $477 million, and this incident alone accounted for 79% of the total funds lost for the month. Without the incident, November's total loss would have been $119.5 million, the third-worst 11-month period this year.

In addition, in each month of 2022, there will be more or less one or two extremely high loss events, which will cause the total loss amount in a single month to be too large.

Overall, November was the second-highest month this year for the amount of money lost to large-scale attacks, a result that could not be separated from the "dedication" of extreme attacks.

CertiK's auditing and end-to-end security solutions have covered most of the ecosystems currently on the market, and support almost all mainstream programming languages, providing security services for blockchain platforms, Web3.0 asset trading platforms, smart contracts and other fields. The ecological chain provides security technical support.

Securing the Web 3.0 world is now more important than ever,andandKYC project background investigation serviceIt not only helps to ensure the security of the protocol, but also leads ordinary investors to more secure and credible projects.