According to a report by TRM Labs, hackers affiliated with North Korea were responsible for a third of all crypto thefts and exploits in 2023, resulting in a total of $600 million in stolen funds. This brings North Korea's total earnings from crypto projects to nearly $3 billion over the past six years. However, this figure is about 30% lower than in 2022, with most of the stolen funds being taken in the last few months of 2023. The attacks continue to use social engineering to acquire private keys for projects, and the proceeds go towards the development of weapons of mass destruction, raising national security concerns.

SlowMist released a blockchain and anti-money laundering report for 2023. According to blockchain event records, a total of 464 security incidents occurred in 2023, resulting in a loss of up to 2.486 billion US dollars. Compared with 2022, the losses decreased by 34.31%. In 2022, there were 303 accidents with losses of about 3.777 billion US dollars. In 2023, DeFi became the most vulnerable area in the blockchain security field. In 282 incidents, DeFi accounted for 60.77% of the total violations, but the losses decreased to 773 million US dollars, a decrease of 62.73% compared to the 2.075 billion US dollars in losses in 183 incidents in 2022. 117 Rug Pulls cases have been reported, with losses exceeding 83 million US dollars. The Base ecosystem suffered the most severe blow, losing 32.5 million US dollars, followed by BSC, which lost 23.05 million US dollars.

On Jan-03–2024 UTC+8:00, the Radiant protocol on Arbitrum was under the flashloan attack. The hacker attacked the #Radiant protocol 3 times, resulting in a total loss of 1.9K $ETH(worth $4.5m). The root cause is the mathematical rounding issue in the `burn` function that is amplified and used, on a new $USDC market, which makes the hacker withdraw an extra $USDC. MetaTrust Labs conducted in-depth research and analysis on the exploit, revealing how the hacker exploits vulnerability.

According to Cyvers Alerts system monitoring, BNB ecological DeFi protocol Channels Finance has a large number of suspicious transactions, and suspicious addresses have deployed multiple malicious contracts and depleted user funds.

Orbit Chain, a cross-chain bridge project, suffered a cyberattack resulting in the theft of over $80 million from its bridge. The project reported that the stolen funds, which include ETH and DAI, remain unmoved and that it is working with law enforcement agencies and blockchain security firms to recover them. Orbit Chain has yet to release a full account of the exploit, but it has requested that crypto exchanges freeze the stolen assets and is utilizing all available methods to track down the hackers. There is speculation that North Korean hackers could be behind the attack, and U.S. Senator Elizabeth Warren has called for the Bank Secrecy Act to be updated to address the threat posed by crypto.

SlowMist founder Yu Xian tweeted that Orbit Bridge suffered a loss of at least $81.5 million. Preliminary analysis suggests that it was not a direct theft of private keys (although this possibility cannot be completely ruled out), but rather a vulnerability in the bridge or related centralized server that allowed attackers to deceive these private keys (7/10) to withdraw. Yu Xian also stated that the hacker's address can be viewed and pointed out that the hacker was preparing two days ago.

OKLink's 2023 Security Incident Report shows that there were more than 520 publicly reported security incidents in the blockchain ecosystem in 2023, resulting in losses of over 1.7 billion USD, a decrease of about 54% from 2022's 3.728 billion USD. This decrease is due to the improvement of the global regulatory system and breakthroughs in on-chain security technology. Of these incidents, 485 were related to DApps, DeFi, NFTs, and other security incidents, while 8 were related to exchanges, 10 were related to public chains, 9 were related to wallets, and 14 were related to other types of incidents.Some of the larger security incidents resulting in losses included: Euler Finance, an Ethereum lending protocol, was hacked in March, resulting in losses of approximately 197 million USD; Atomic Wallet was hacked in June, resulting in losses of over 100 million USD; Mixin Network was attacked in September, resulting in losses of 200 million USD; and Poloniex, a trading platform, had approximately 125 million USD stolen due to private key leaks in November.In addition, social media platforms such as Twitter and Discord became hotspots for scams and phishing incidents, with a total of 519 such incidents occurring in 2023. For example, in September, Ethereum founder Vitalik's Twitter account was hacked, resulting in the theft of over 690,000 USD in assets.

According to Pai Shield monitoring, the attacker address starting with 0xd82e will sell the stolen INSC (ins-20) NFT and exchange it for 2 ETH. Earlier, multiple X users claimed that the INSC (ins-20) contract may have vulnerabilities and their INSC was stolen. The GoPlus Chinese community reminded that there are vulnerabilities in the INSC NFT contract, and multiple hackers used them to steal NFTs and transfer them to Blur and OpenSea for sale. Users should immediately stop interacting with the project contract.

According to the latest data compiled by Immunefi, cryptocurrency users lost a total of $1.8 billion in 2023 due to hacker attacks and scams.

Levana Protocol, a sustainable trading platform in the Cosmos ecosystem, was hacked and lost over $1.1 million. A post-incident report provided by the team showed that the attacker was able to withdraw 10% of Levana's liquidity pool between December 13th and December 26th.