Web3 theft hit a low point for the year so far in October, CertiK reported. Losses to hacks, exploits and scams confirmed by the blockchain security firm amounted to $32.2 million for the month across 38 incidents, with no single incident leading to a loss of over $7 million.

Compared to the 10-month total of $1.4 billion, losses in October were approximately a quarter of the running monthly average. January showed the second-lowest losses at $33.7 million. The October statistics were not the result of a steady decline in losses but rather show a lack of major incidents that month. October’s 38 incidents were a quantitative low as well.

CertiK’s third-quarter report indicated the number of incidents in July was 79, falling to 66 in August and 39 in September. Only exit scams were up in October and were four times higher than the low they reached in September. That category reached its yearly high in May, when users of a crypto project called Fintoch lost almost $32 million.

Related: Tracking stolen crypto — How blockchain analysis helps recover funds

On the other hand, exploits saw a peak in September, mainly due to the $200-million loss suffered by Mixin Network when its cloud service provider was breached. July saw the second-highest damage, most of which was attributable to losses by the Multichain MPC bridge.

Caution : Crypto Social Media Scams are on the rise. Many of the methods used have roots in history. The combination of social media's vast reach and cryptocurrency's decentralized, often opaque, nature creates an ideal environment for scammers.

Let’s delve into this topic

— CertiK (@CertiK) October 26, 2023

There are some clear trends in crypto crime. CertiK recently noted the rise of scams using social media. It cited United States Federal Trade Commission data that indicated almost half the cryptocurrency scams in the last 18 months have been tied to social media, which offers a wide variety of opportunities for wrongdoing, from pumping and dumping to pig butchering.

CertiK stated in Q3 that the North Korean Lazarus Group remained the “dominant threat actor.”

Magazine: Should crypto projects ever negotiate with hackers? Probably