According to CertiK, the new year represents a fresh start for malicious actors in the crypto space, and scams, exploits, and hacks are unlikely to slow down in 2023.
The blockchain security firm stated its expectations for the coming year regarding bad actors in the space.
“We saw a large number of incidents last year despite the crypto bear market, so we do not anticipate a respite in exploits, flash loans or exit scams,” it said.
Concerning other nefarious incidents that the crypto community may face, the company cited the “devastating” exploits that occurred on cross-chain bridges in 2022. Six of the top ten largest exploits this year were bridge exploits, which stole approximately $1.4 billion.
CertiK predicted “further attempts from hackers targeting bridges in 2023” due to these historically high returns.
CertiK, on the other hand, predicted “fewer brute force attacks” on crypto wallets now that the Profanity tool vulnerability — which was previously used to attack several crypto wallets — is widely known.
Users can generate personalized “vanity” crypto addresses using the Profanity tool.
According to CertiK, a vulnerability in the tool was used to steal $160 million in cryptocurrency during the September hack of algorithmic crypto market maker Wintermute.
Instead, CertiK predicts that wallet compromises will occur this year due to poor user security.
“It’s possible that funds lost to private key compromises in 2023 will be due to poor management of private keys, bar any future vulnerability found in wallet generators.”
The company also stated that it would monitor phishing techniques that may increase in the coming year. It mentioned a slew of Discord group hacks in mid-2022 that duped participants into clicking phishing links, such as the June Bored Ape Yacht Club Discord hack, which resulted in the theft of 145 Ether.
According to peer security firm Immunefi, $2.1 billion in cryptocurrency was stolen in just the ten largest incidents last year, with a total of $10.2 billion stolen from Decentralized Finance (DeFi) protocols by 2021.
The Ronin bridge exploit, which netted attackers $612 million, was the biggest incident in 2022 — and of all time.
The $76 million Beanstalk Farms exploit the largest flash loan attack, and the $79.3 million stolen from Rari Capital was the largest DeFi protocol exploit.