Web3 security incidents in 2024 resulted in over $2.3bn worth of cryptocurrency in losses, marking a 31.6% increase compared to the previous year, according to recent data from Certik, a blockchain security firm. Despite a decrease in the number of incidents to 760, the average amount stolen per hack rose to $3.1m, a 23% increase from 2023.
The rise in crypto theft on Web3 platforms can be attributed to the fluctuating value of cryptocurrency. Certik noted a substantial increase in the total value locked across blockchain networks in 2024, driven by the resurgence of decentralized finance (DeFi). The approval of Spot Bitcoin and Ethereum exchange-traded funds (ETFs) by the US Securities and Exchange Commission (SEC) also contributed to this growth.
Ethereum emerged as the most targeted cryptocurrency in 2024, with 403 security incidents leading to $748.6m in losses. Bitcoin and Tron were also heavily impacted, with $542.7m and $133m stolen, respectively.
Phishing attacks proved to be the most costly attack vector in 2024, accounting for $1.05bn of losses across 296 incidents. This represents nearly half of the total value stolen and 39.1% of the incidents. The researchers highlighted that phishing attacks tend to result in higher amounts stolen per incident compared to other techniques.
One notable phishing incident in August involved a sophisticated social engineering attack that led to the theft of $243m in crypto from a Genesis creditor in Washington D.C. The attackers posed as Google and Gemini support employees to deceive the victim into resetting their two-factor authentication (2FA) and transferring funds to a compromised wallet.
In contrast to 2023, where private key compromise was the dominant attack vector, phishing took the lead in 2024. Private key compromise ranked second, causing $855.4m in losses across 65 incidents. Certik suggested that the shift to phishing indicates an improvement in technical security controls within the Web3 ecosystem, rendering other attack techniques less effective.
Overall, the increase in crypto theft on Web3 platforms underscores the importance of robust security measures to protect user funds in the rapidly evolving blockchain space. Stay informed about the latest developments in cryptocurrency security to safeguard your assets in the digital realm.