According to Cointelegraph, Web3 theft reached its lowest point for the year in October, with blockchain security firm CertiK reporting losses of $32.2 million across 38 incidents. No single incident resulted in a loss of over $7 million. Compared to the ten-month total of $1.4 billion, October's losses were approximately a quarter of the running monthly average. January saw the second-lowest losses at $33.7 million. The October statistics were not due to a steady decline in losses but rather a lack of major incidents that month.
CertiK's third-quarter report showed that the number of incidents in July was 79, falling to 66 in August and 39 in September. Exit scams were the only category to increase in October, reaching four times higher than the low in September. The yearly high for exit scams occurred in May when users of a crypto project called Fintoch lost almost $32 million.
Exploits saw a peak in September, mainly due to the $200 million loss suffered by the Mixin Network when its cloud service provider was breached. July experienced the second-highest damage, largely attributable to losses by the Multichain MPC bridge. CertiK recently noted the rise of scams using social media, citing United States Federal Trade Commission data that indicated almost half the cryptocurrency scams in the last 18 months have been tied to social media. The North Korean Lazarus Group remained the 'dominant threat actor,' according to CertiK's Q3 report.