It’s no secret that in 2022 the world of Web3 and decentralized finance (DeFi) experienced a slew of major exploits and attacks. From the Ronin bridge attack to the Nomad hack, the top 10 exploits alone saw over $2 billion lost.

In the Beosin Global Web3 Security Report 2022, it revealed that of 167 major security incidents over the last year those rooted in DeFi were the most vulnerable. DeFi projects were attacked 113 times, which accounted for approx. 67.6% of recorded attacks.

This is followed by attacks on exchanges, nonfungible token (NFT) projects, cross-chain bridges and wallets in that order.

According to the report, DeFi projects came in second in terms of monetary losses with a total of $950 million in losses. This follows the $1.89 billion lost in cross-chain bridge exploits in the last year.

In total 2022 saw $3.6 billion lost from all attacks on all project types. This is an increase of 47.4% from the previous year’s total of $2.4 billion lost in security exploit related-incidents.

Related: Magic Eden to refund users after fake NFTs sold due to exploit

Already alarm bells are going off for DeFi projects to be wary of even more exploits in this upcoming year as well.

Experts say that a combination of the amount of DeFi projects that spring up, the lack of security testing prior to going live and the value these project attract are reasons hackers are inclined towards the space.

Additionally blockchain security companies are urging users to hold on to their private keys, as funds lost to private key compromises in 2023 will be due to poor management thereof.

2023 has already seen exploit incidents. On Jan. 3, hackers stole $3.5 million worth of digital assets from GMX whale.

Nonetheless, 2022 ended with December seeing the lowest value of exploited funds from DeFi, with $62 million worth of exploits.