Blockchain security firm CertiK has released its Q3 report, indicating that the total value stolen from crypto hacks increased by nearly 10% last quarter, with phishing scams and private key compromises making up 91% of the overall losses.
Increase in Value of Crypto Hacks in Q3
CertiK released its HACK3D Security Report for Q3 2024, highlighting that crypto hacks remain a significant concern for the sector. The blockchain security firm emphasized the “urgent need for enhanced security measures across the industry” as cybercriminals continually evolve their tactics to target this space.
Between July and September, the number of hacks fell by 14%, totaling 155 incidents, which is 27 fewer than the previous quarter. This ongoing decline reflects a 30% reduction in hack incidents compared to the first quarter’s total of 224.
Notably, the total value lost in Q3 rose by 9.5% compared to Q2, indicating that the average value of each hack was higher. In this quarter alone, approximately $735 million was lost to various attacks.
In contrast, CertiK noted losses of $505.5 million and $687.4 million in the first two quarters, bringing the total value lost year-to-date (YTD) to nearly $2 billion. The report also pointed out a significant drop in the recovery rate of stolen funds from 14.4% in Q2 to just 4.1% in Q3.
Ethereum topped the list of targeted networks, with $387.8 million taken across 86 incidents. Bitcoin followed as the second-largest target, with $238 million stolen in a single incident. Additionally, hackers siphoned off $89.83 million in attacks spanning multiple chains.
Q3 incident statistics by chain. Source: CertiK
Phishing and PKC Lead to $668 Million Loss
Phishing scams and private key compromises accounted for $668 million in losses during Q3, making up around 91% of all value lost last quarter. The report indicated that phishing scams continued to be the most costly, with over $343 million lost from 65 incidents. Notably, two of the three largest attacks fell within this category.
The most significant case involved the theft of 4,100 Bitcoin from a crypto investor based in Washington. The perpetrators utilized “highly sophisticated social engineering tactics” to deceive the victim and fund their extravagant lifestyle. Fortunately, the two suspects have been apprehended and charged with conspiracy to commit theft and money laundering.
Private key compromises (PKC) emerged as the second major scamming method for the quarter, leading to losses of over $324.4 million across ten incidents. The largest breach in this category occurred at Indian crypto exchange WazirX, where a security incident resulted in a loss of $235 million in various cryptocurrencies, including SHIB, ETH, MATIC, PEPE, and USDT. Since the start of 2024, CertiK has reported 49 PKC incidents, amounting to an estimated loss of $675 million YTD.
The blockchain security firm concluded that despite notable advancements, the industry remains susceptible to attacks, advocating for improved user education on security practices to combat malicious actors:
Despite improvements in security, hacks continue to pose a significant threat in the crypto realm. As the industry progresses, so do the tactics employed by attackers, who exploit weaknesses in both centralized and decentralized platforms. While the reduction in hack incidents this quarter is a positive development, the rise in total losses serves as a reminder that enhanced user education and more advanced security measures are crucial in safeguarding assets and sustaining trust within the ecosystem.
Total crypto market capitalization is at $2.05 Trillion in the three-day chart. Source: TOTAL on TradingView
Featured image from Unsplash.com, Chart from TradingView.com
Dutch
English
French
German
Greek
Italian
Portuguese
Russian
Spanish