coinspress.com
According to a recent report by blockchain intelligence firm TRM Labs, approximately $400 million was stolen from cryptocurrency projects in a series of 40 attacks during the first quarter of 2023. This marks a significant decline of 70% compared to the same period in 2022.
TRM also notes a decrease in the average size of the hacks, with the amount decreasing from $30 million in 2022 to $10.5 million during the corresponding period in 2023.
Interestingly, hackers increasingly return the funds they steal, opting to receive a “white hat” reward from the affected projects.
TRM Labs estimates that in 2023, victims of hacks managed to recover almost half of the stolen funds.
For instance, one attacker who exploited the TenderFi protocol returned 50% of the $1.6 million obtained from the attack, receiving an $850,000 bounty in return. Similarly, the hacker behind the Euler lending protocol exploit agreed to return the entire $200 million worth of cryptocurrency taken.
In another case, the hacker responsible for draining the Safemoon protocol returned $7.1 million of the stolen crypto, keeping the remaining $9 million. Both incidents occurred in March.
TRM Labs suggests that the increasing regulatory scrutiny on crypto hacks and a series of high-profile enforcement cases may explain this trend. Crypto exchanges are tightening their Know Your Customer (KYC) and Anti-Money Laundering (AML) policies, making converting stolen coins into cash more challenging.
Furthermore, the popular Ethereum-based money laundering tool, Tornado Cash, has been under U.S. sanctions since August 2022. As a result, all Tornado-related funds are automatically blacklisted by regulated exchanges.
READ MORE: Malaysia Halts Huobi’s Operations: Cryptocurrency Powerhouse Faces Regulatory Backlash
The arrest of Avraham Eisenberg, the first person known to be apprehended for decentralized finance (DeFi) exploit, could also serve as a deterrent. Eisenberg publicly admitted to exploiting the Mango Markets protocol and exposing its vulnerability. He was arrested in Puerto Rico in December.
Malicious hackers face increasing difficulties when attempting to convert stolen funds, leading them to settle for bug bounties. The rise of “white hat” hackers, who actively contribute to strengthening cybersecurity controls in the DeFi ecosystem, is also becoming more prominent.
It is worth noting that stolen funds have been returned by DeFi hackers in the past, including cases such as Defrost Finance and Nomad Bridge in 2022, Poly Network in 2021, and dForce in 2020.
In March, Crystal Blockchain estimated the total losses from hacks and scams to be around $119 million. DeFi protocols continue to be the preferred targets for attackers due to the susceptibility of complex smart contracts to manipulation. Chainalysis reports that DeFi exploits accounted for 82% of all stolen cryptocurrency in 2022.