CertiK Says Crypto Losses Neared $1 Billion in 2023 as August Damage Hit $45.8 Million

CertiK Says Crypto Losses Neared $1 Billion in 2023 as August Damage Hit $45.8 Million

N
News Editor 01
2026-07-08 13:36:13
CertiK reported that crypto scams, rug pulls, exploits, and flash loan attacks led to nearly $1 billion in losses in 2023, with August alone accounting for $45.8 million.
CertiKcrypto securityexploitsflash loan attacksexit scams

Blockchain security firm CertiK says the cryptocurrency sector lost nearly $1 billion to scams, rug pulls, exploits, and flash loan attacks in 2023, underscoring the scale of ongoing security failures across the industry. According to the firm’s analysis, total losses for the year had reached approximately $997,345,346, showing that even as the market matures, digital asset platforms remain vulnerable to both technical and operational threats.

August Added Another $45.8 Million in Damage

CertiK reported that incidents recorded in August 2023 resulted in $45.8 million in losses. The largest single case of the month was the PEPE token exit scam, which accounted for $13.2 million. The Exactly Protocol incident followed with losses of about $7.3 million, making it one of the most notable exploit events in that period.

Breaking down August by attack category, CertiK said exit scams were responsible for around $26 million in losses, flash loan attacks caused roughly $6.4 million in damage, and general exploits contributed another $13.5 million. The figures suggest that investor losses are not driven by just one threat vector. Instead, the sector continues to face a mix of smart contract vulnerabilities, manipulation strategies, insider abuse, and project failures.

Exploits Led Yearly Losses

On a year-to-date basis, exploits were the largest source of losses, reaching a cumulative $596 million. Exit scams, including rug pulls and other forms of project abandonment, accounted for approximately $137 million. Flash loan attacks, while fewer in number than some other categories, still produced an outsized impact, with total losses climbing to $261 million over the course of the year.

CertiK’s review also identified important monthly patterns. July was the worst month of 2023 for exploit-related losses, while the peak month for exit scams was May. August came close to that peak due in large part to the PEPE-related incident. Flash loan attacks remained relatively modest for much of the year, but March saw a major spike, with more than $200 million stolen through flash loan-based attacks in that single month alone.

Notable Cases Highlight Different Risk Types

The report draws attention to several incidents that illustrate the range of risks facing crypto users and protocols. In August, the PEPE event stood out as the month’s largest exit scam. The Zunami Protocol attack was identified as the most significant flash loan case for that month, while the Exactly Protocol incident ranked as August’s largest exploit. Together, these events show that losses in crypto can stem from both code-level weaknesses and failures in project governance or trust.

The contrast between these categories is particularly important. Exploits often point to vulnerabilities in smart contracts, protocol design, or technical implementation. Exit scams, by comparison, reflect human and governance risk, where users may be exposed not because the code failed, but because project insiders misused control or abandoned the platform. Flash loan attacks sit somewhere in between, often combining market structure weaknesses with protocol logic flaws.

Security Remains a Core Industry Challenge

CertiK’s findings reinforce a message that has become familiar but no less urgent: crypto security is still one of the defining issues for the sector. The near-$1 billion in losses recorded in 2023 suggests that adoption and innovation have not eliminated structural vulnerabilities. As decentralized finance and token ecosystems continue to expand, attackers and bad actors are also finding new ways to extract value.

For market participants, the numbers are a reminder that risk in crypto extends beyond price volatility. Protocol audits, contract security reviews, access control, treasury management, and transparent governance remain essential. For users, the data highlights the importance of evaluating whether a project has undergone credible security checks and whether its operational structure limits opportunities for abuse.

While the report does not suggest that all losses can be prevented, it makes clear that the industry’s exposure remains significant. With exploits alone representing the largest share of theft and fraud-related damage, and with exit scams and flash loan attacks continuing to cause major harm, the crypto market still faces a long road toward stronger resilience and trust.

This article was originally published by Bit.Fan. For more cryptocurrency news and market insights, visit www.bit.fan.
300

Disclaimer:

The market information, project data, and third-party content displayed on this platform are for industry information sharing only and do not constitute any form of investment advice or return commitment.

Cryptocurrency trading carries high risks. Users should fully assess their risk tolerance and make independent decisions. All profits, losses, and legal responsibilities are borne by the users themselves.