It’s no secret that in 2022 the world of Web3 and decentralized finance (DeFi) experienced a large number of major vulnerabilities and attacks. From the Ronin Bridge attack to the Nomad hack, the top 10 vulnerabilities alone accounted for a loss of more than $2 billion.

In the Beosin Global Web3 2022 Security Report, it revealed that of the 167 major security incidents over the past year, those rooted in DeFi were the most vulnerable. DeFi projects were hacked 113 times, which was approx. 67.6% of registered attacks.

This is followed by attacks on exchanges, non-fungible token (NFT) projects, cross-chain bridges, and wallets in that order.

According to the report, DeFi projects ranked second in terms of monetary losses with a total of $950 million in losses. This follows the $1.89 billion lost to cross-chain bridge exploits in the last year.

In total, in 2022, $3.6 billion was lost from all attacks on all types of projects. This is a 47.4% increase over the prior year total of $2.4 billion lost in incidents involving security vulnerabilities.

Related: Magic Eden will refund users after fake NFTs were sold due to exploit

Alarm bells are already going off for DeFi projects to be wary of even more exploits in the coming year as well.

Experts say that a combination of the number of DeFi projects springing up, the lack of security testing before go-live, and the value these projects attract are the reasons hackers are turning to the space.

In addition, blockchain security companies are urging users to keep their private keys, as funds lost from private key compromises in 2023 will be due to mismanagement of private keys.

2023 has already seen incidents of exploitation. On January 3, hackers stole $3.5 million worth of digital assets from GMX Whale.

Nonetheless, 2022 ended with December seeing the lowest value of DeFi funds exploited, with $62 million in exploits.