If you’re wondering whether Web3 is more secure than Web2, the verdict is raising its head and beginning to shout. In the first six months of 2022, more than $2 billion have been lost to hacks and exploits, more than all of last year.
The news comes courtesy of CertiK and its most recent Web3 Security Report.
The report highlights three categories of digital attacks: Two of them increased this year, while one receeded. Flash loans resulted in a total loss of $308 million in 27 hacks in the first six months of this year. The largest flash loan attack in 2022 happened in April when Beanstalk Farms fell victim to an exploit. That attack account for more than $182K, more than double than all other flash loan attacks combined this year.
Phishing attacks also increased. In Q2, there were 290 reported phishing attacks compared to just 106 in the first quarter. In many of the attacks, the Discord channel was targeted.
On a positive note, rug pulls declined. Only $37.46 million was lost to rug pulls in Q2 2022, representing a 16.5 percent decline from the previous three months. The report attributes this decline to crypto winter, which is likely driving away inexperienced investors and people new to crypto. Those investors, the report said, are most likely to fall for rug pull scams.
Web3 Subject to Same Attacks as Web2
While one of the selling points to blockchain technology is its enhanced security, not all Web3 projects are as secure as they make out to be. Threats to investor money does not always from outside of the platform either. Chainalysis recently published a report that paints a very vivid picture of NFT scams, including money laundering, wash trading, and other scams.
In their report, Chainalysis claims rug pulls in 2021 put scam revenue near all-time highs for crypto crimes. Crypto crimes in general hit an all-time high last year, according to the report.
Crypto investors should remember that even if the technology used for crypto projects is secure, there is still some level of trust one must place in the people behind the project. Nothing makes that clearer than the Terra Luna fiasco earlier this year.
Web3 scammers and hackers are preying on inexperienced investors and people new to crypto, many of whom may not be practiced at looking out for their own security. Web2 has done a poor job of training internet citizens to be diligent in their own security, and the technology is not as secure as the cryptographic security employed by blockchains. Nevertheless, many Web3 projects are not as secure as they make out to be.
The Chainalysis report highlights high-risk jurisdictions including North Korea, Russia, and Iran. North Korea, the report said, hit an all-time high in unlaundered crypto holdings. Russia and Iran are also high on number of crypto scams in 2022.