$500m Lost in Q1 2023: Analyzing Attacks, Trends, and the Need for Proactive Measures

$500m Lost in Q1 2023: Analyzing Attacks, Trends, and the Need for Proactive Measures

With the previous year of 2022 marked by staggering losses and high-profile security breaches, Web3 security in 2023 continues to be under intense scrutiny. Major DeFi projects falling victim to attacks, scams, and exploits, the need for robust security measures has never been more apparent. 


In the rapidly evolving world of Web3, security remains a critical concern. As we delve into the first quarter of 2023, the staggering total losses of nearly $500 million from attacks, scams, and exploits serve as a wake-up call for the entire ecosystem. This article looks closer at the major attacks witnessed in the first quarter of 2023, highlighting the vulnerabilities and emphasizing the urgency for proactive security solutions to safeguard the Web3 ecosystem.

Notable Incidents and Industry Focus

The highest number of security incidents among the various blockchain networks was on Binance Smart Chain, followed by Ethereum. While the industry has shown an overall increase in its focus on security, relying primarily on audits is insufficient to combat the ever-evolving threat landscape. Real-time monitoring is a crucial component that is often overlooked, leaving projects vulnerable to attacks that audits alone may not detect.

During the first quarter of 2023, 32 major DeFi projects fell victim to various attacks. Flash loan attacks emerged as the most prevalent, exploiting vulnerabilities within smart contracts to manipulate the system and siphon funds. Surprisingly, even projects that had undergone one or several audits were not immune to these attacks, emphasizing the limitations of audits alone in ensuring security.

Smart contract vulnerabilities were the second most common attack type, exposing the inherent risks of coding errors, untested code, and improper auditing practices. Multiple hacks occurred in projects that had undergone audits, highlighting the need for a more comprehensive security approach beyond initial audits.

The third most common attack type was social engineering, where attackers successfully stole private keys.

All these factors align with the previous trend in 2022, however the main difference is flash loans leading as the main hack factor.

Major Attacks in Q1 2023:

During the first quarter of 2023, minimum 32 major DeFi projects fell victim to various attacks, resulting in significant financial losses and raising concerns about Web3 security. Among these incidents, several notable hacks stand out:

1. Euler Finance Hack: Euler Finance, a decentralized derivatives platform, experienced a devastating hack that led to the loss of $197 million. The attack exploited vulnerabilities in the platform's smart contracts, enabling the attacker to drain liquidity.

2. Bonq Dao Exploit: Bonq Dao, a decentralized autonomous organization (DAO), encountered an exploit that allowed attackers to drain funds from the platform. The exploit targeted vulnerabilities in the DAO's smart contracts, emphasizing the need for thorough security audits and proactive measures to safeguard DAOs. Read our article about it here. 

3. Merlin Hack: Merlin, a decentralized exchange (DEX) native to zksync L2, suffered a high-profile hack during its Liquidity Generation Event. The attackers exploited vulnerabilities in the smart contracts, draining the liquidity pools and raising doubts about the security of not only Merlin DEX but also other projects within the DeFi ecosystem. Read about this hack here

3. Safemoon Hack: Safemoon, a popular token in the crypto space, faced a hacking incident that resulted in the loss of user funds. The hackers exploited a basic bug in the token's smart contract, highlighting the importance of rigorous security measures in all token projects.

These incidents underscore the ever-present risks faced by Web3 projects and the urgent need for stronger security measures to protect user funds and maintain the community's trust. Even though there were most flash loan incidents among hacks in Q1 2022, the smart contract vulnerabilities caused the most damage. Proactive security measures, including real-time monitoring and comprehensive audits, are crucial in mitigating such attacks and ensuring the long-term viability of the Web3 ecosystem.

The Need for Proactive Real-Time Monitoring

In response to the prevailing security challenges, Cyvers proposes a new standard of Web3 security – proactive real-time monitoring. Real-time monitoring enables projects to promptly identify and mitigate security threats, minimizing potential losses and protecting the ecosystem. Our @CyversAlerts Twitter account regularly displays the hacks we detect with our system, some even before they start. This also highlights the power of proactive real-time monitoring. 

For Protocol Developers and Teams

If you are a protocol developer or team member seeking to enhance the security of your Web3 project, we invite you to explore our articles on real-time monitoring. Do not hesitate to reach out to us. Visit our blog at cyvers.ai/blog to gain valuable insights into proactive security measures and discover how real-time monitoring can mitigate the risks posed by flash loan attacks, smart contract vulnerabilities, and social engineering.


The first quarter of 2023 has highlighted the pressing need for stronger security measures in the Web3 space. With flash loan attacks and smart contract vulnerabilities rising, relying solely on audits is no longer and has never been sufficient. Embracing proactive real-time monitoring is crucial to prevent and mitigate attacks, ensuring the long-term success and resilience of the decentralized ecosystem.

Let us work together to forge a safer and more secure Web3 future!

Next generation threat prevention

Book a Demo

Next generation blockchain threat prevention

Identify patterns and anomalies across blockchains in real-time for proactive mitigation.

Book a Demo
Next generation blockchain threat prevention- Identifies patterns and anomalies across web3 in real-time for proactive mitigation.