According to a recent report by Certik, a leading blockchain analytics company, the cryptocurrency industry experienced significant progress including the approval of Spot Ethereum ETFs, however, it faced a significant wave of theft in the third quarter (Q3) of 2024, with over $750 million in crypto assets stolen.
In the Certik Web3 Security quarterly report, despite positive trends in the industry, security challenges remained a persistent issue, which saw $753,094,610 lost across 155 security incidents, driven primarily by phishing attacks and private key leaks.
The report highlighted that the total value stolen in Q3 increased by 9.5% compared to the previous quarter, despite a reduction in the number of security breaches with 27 incidents. This indicates that malicious actors are becoming more efficient, successfully targeting larger sums of crypto assets with fewer attempts. The report also showed that over $2 billion worth of crypto assets has been stolen by cybercriminals in 2024 so far.
Tekedia Mini-MBA edition 15 (Sept 9 – Dec 7, 2024) has started registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
Phishing was the most costly attack vector this quarter, with $343,099,650 stolen across 65 incidents. These attacks involve hackers posing as legitimate entities to deceive victims into providing sensitive information, such as login credentials. Certik commented on the rise of phishing, warning users to be vigilant against fraudulent schemes that exploit trust.
Private key compromises were the second-largest factor in the theft of crypto assets, resulting in $324.4 million in losses across just 10 incidents. Private keys act as the gateway to a user’s crypto assets, and any compromise of these keys can lead to significant financial loss. Certik emphasized the importance of safeguarding seed phrases and maintaining strict security protocols to prevent such breaches.
In addition to phishing and private key leaks, other causes of crypto theft in Q3 included code vulnerabilities, reentrancy events, and price manipulation. The report stressed the need for improved security practices in the decentralized finance (DeFi) sector to counter these threats. Ethereum remained the most targeted blockchain ecosystem, with $387.9 million stolen across 86 incidents, positioning it ahead of Bitcoin.
Cyber attackers also stole $89.8 million from other blockchain platforms outside of Ethereum and Bitcoin. Additionally, attackers stole $89,838,491.98 in hacks orchestrated across multiple chains. Despite advancements in security, hacks remain a persistent threat in the crypto space. As the industry evolves, so do the tactics of attackers, who continue to exploit vulnerabilities in both centralized and decentralized platforms.
While the decrease in the number of hacks this quarter is encouraging, the increase in the total amount stolen serves as a reminder that better user education and more sophisticated security measures are essential to protect assets and maintain trust in the ecosystem.