A recent report from Chainalysis revealed that cybercriminals made significant gains in 2024, stealing $2.2 billion from various cryptocurrency platforms.
Of this staggering amount, $1.3 billion accounting for 61% of the total illicit funds was attributed to North Korean hacking groups.
In 2024, the funds stolen increased by approximately 21.07% year-over-year (YoY), and the number of individual hacking incidents increased from 282 in 2023 to 303 in 2024. The first half of 2024 accounted for $1.58 billion in stolen funds, an 84% increase compared to the same period in 2023.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
Chainalysis highlighted that the cumulative value stolen between January and July 2024 had already reached a staggering $1.58 billion an increase of approximately 84.4% compared to the same period in 2023.
By the end of July, the ecosystem appeared to be on course for a record-breaking year, potentially matching the $3 billion+ annual losses seen in 2021 and 2022. However, this upward trajectory slowed significantly post-July, leveling off and remaining steady for the remainder of the year.
In terms of the amount stolen by victim platform type, 2024 also saw interesting patterns. In most quarters between 2021 and 2023, decentralized finance (DeFi) platforms were the primary targets of crypto hacks. The data platform suggested that DeFi platforms were more vulnerable because their developers tend to prioritize rapid growth and bringing their products to market over implementing security measures, making them prime targets for hackers.
Although DeFi still accounted for the largest share of stolen assets in the first quarter of 2024, centralized services were the most targeted in Q2 and Q3. Some of the most notable centralized service hacks include MM Bitcoin (May 2024; $305 million) and WazirX July 2024, $234.9 million).
This shift in focus from DeFi to centralized services highlights the increasing importance of securing mechanisms commonly exploited in hacks, such as private keys. Private key compromises accounted for the largest share of stolen crypto in 2024, at 43.8%. For centralized services, ensuring the security of private keys is critical, as they control access to ‘users’ assets.
Notably, hackers linked to North Korea have become notorious for their sophisticated and relentless tradecraft, often employing advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored operations and circumvent international sanctions.
North Korean hackers played a dominant role in cryptocurrency cybercrime, responsible for more than half of the stolen funds. Chainalysis suggests that a critical geopolitical event, the June 2024 meeting between Russian President Vladimir Putin and North Korean leader Kim Jong-un-may have impacted these activities.
The summit reportedly included discussions on releasing millions of dollars worth of North Korean assets frozen under UN sanctions and potential advancements in missile and submarine technology.
Following the meeting, the value of cryptocurrency stolen by North Korean hackers dropped by 54%. Experts have suggested that the decline in cyberattacks could also be linked to shifting priorities as North Korea strengthens ties with Russia and redirects resources toward its involvement in the Ukraine conflict.
The surge in stolen cryptocurrency throughout 2024 highlights the pressing need for the industry to address an increasingly complex and evolving threat landscape. Although the scale of theft has not yet reached the record levels seen in 2021 and 2022, the trends outlined in the report underscore critical vulnerabilities in current security measures and the urgent need for innovation to counter emerging exploit techniques.
To effectively combat these challenges, the report noted that collaboration between the public and private sectors is paramount.
Chainalysis recommends the following strategies:
Enhanced Data Sharing: Establishing robust data-sharing initiatives to improve threat intelligence and facilitate swift action against malicious actors.
Real-Time Security Measures: Implementing advanced, real-time security and tracing solutions to detect and mitigate threats as they emerge.
Training and Awareness: Providing targeted training to empower stakeholders with the skills to identify and address vulnerabilities proactively.
Additionally, as regulatory frameworks for cryptocurrency continue to evolve, the blockchain data platform noted that scrutiny around platform security and the protection of customer assets will intensify. It added that to stay ahead, the industry must adopt and adhere to dynamic best practices that emphasize both prevention and accountability.
By fostering stronger partnerships with law enforcement agencies and equipping teams with the necessary tools and expertise, the crypto industry can build resilience against fraud and theft. Such efforts are critical not only for safeguarding individual assets but also for maintaining trust and stability within the broader digital ecosystem.