Crypto theft surges to over $750 million in Q3 2024 despite fewer incidents: CertiK

In the third quarter of 2024, cryptocurrency investors faced significant losses, with over $750 million stolen through phishing attacks and private key leaks, according to a report from blockchain analytics firm CertiK.

In Q3, malicious actors stole a total of $753.1 million across 155 security incidents, marking a 9.5% increase in value lost despite 27 fewer incidents compared to the previous quarter, the report said.

CertiK’s data also shows a worrying trend: the crypto industry lost nearly $2 billion to hackers in the first nine months of 2024, with Q3 accounting for the highest losses yet.

This surge in theft highlights the evolving tactics of hackers in the cryptocurrency space and the ongoing vulnerabilities in security protocols, particularly in decentralized finance (DeFi) platforms.

Phishing, private key compromises drive the majority of losses

Phishing attacks were the most damaging form of cybercrime in Q3, responsible for $343.1 million in losses across 65 incidents.

Hackers used deceptive tactics to trick victims into revealing sensitive information, such as passwords and private keys, which were then exploited to steal funds.

Private key compromises ranked second, causing $324.4 million in losses across just 10 incidents.

These attacks target the fundamental security layer of cryptocurrency, making it nearly impossible for victims to recover their funds once their private keys are exposed.

Together, phishing and private key thefts accounted for 88% of the total losses in Q3, signaling an urgent need for improved security awareness and robust safeguards.

Ethereum: The most targeted blockchain

Ethereum continues to be the most targeted blockchain for cyberattacks.

CertiK’s report shows that hackers stole $387.9 million from Ethereum-based platforms in 86 incidents during the quarter.

The combination of Ethereum’s widespread adoption and the complexity of smart contract interactions has made it an attractive target for cybercriminals.

Bitcoin, though heavily targeted, saw fewer incidents compared to Ethereum, indicating that hackers may be shifting their focus toward DeFi protocols and other blockchain networks that offer higher reward opportunities.

CertiK’s findings suggest that the cryptocurrency industry must prioritize user education and adopt more advanced security measures to prevent further losses.

Enhanced phishing detection systems, better private key management tools, and stronger encryption protocols are all critical to securing digital assets in the future.

$120M in crypto losses for September: PeckShield

In a separate report, blockchain forensic firm PeckShield revealed that over $120 million in cryptocurrency was stolen in September alone, primarily due to over 20 successful hacks.

This marks a 61.76% decline in losses from August, indicating a temporary respite in cybercrime activities for the month.

The hardest-hit entities include BingX, a Singapore-based cryptocurrency exchange, which lost over $40 million, followed by Penpie with $27 million and Indodax with $21 million in losses.

Smaller platforms like DeltaPrime and Truflation were also targeted, suffering millions in theft.

One notable phishing attack in September targeted $spWETH signatures, leading to an additional $32.4 million drain.

However, this incident was excluded from PeckShield’s overall tally for the month.

PeckShield’s report serves as a reminder that while some months may see a reduction in hacks, the underlying threat remains ever-present.

Immunefi report says over $400M lost to hacks in Q3

Complementing CertiK and PeckShield’s findings, another report from web3 bug bounty platform Immunefi revealed that the total loss from crypto hacks in Q3 reached $413 million.

The report breaks down the losses, showing that over $409.9 million was stolen through hacks across 31 incidents, while $3 million was lost to fraud in just three incidents.

Notably, two high-profile hacks contributed to the bulk of these losses: WazirX, India’s largest cryptocurrency exchange, suffered a devastating $235 million hack, while BingX lost significant funds during a cyberattack.

Immunefi’s analysis also highlights that centralized finance (CeFi) platforms were the primary targets of hackers, accounting for nearly 75% of the total losses.

In contrast, decentralized finance platforms represented 25.2% of the losses.

Ethereum was once again identified as the most attacked blockchain network, with 15 separate incidents in Q3, followed by BNB Chain and Coinbase’s Base network.

The post Crypto theft surges to over $750 million in Q3 2024 despite fewer incidents: CertiK appeared first on Invezz