The last few months of 2024 witnessed a significant decline in losses due to crypto scams, exploits, and hacks. According to blockchain security firm CertiK, the smallest amount stolen was recorded in December, marking a notable decrease compared to previous months.
CertiK’s Data Reveals Steep Decline in Crypto Losses
On December 31, CertiK published a post on X sharing their analysis of crypto losses for the month. The data revealed that $28.6 million was lost due to exploits, hacks, and scams in December, marking a significant decrease from November’s $63.8 million and October’s $115.8 million.
Exploits Account for the Bulk of Losses
According to CertiK, exploits were responsible for the majority of losses, with attackers stealing $26.7 million in December. The most notable incident was a $2.1 million exploit of decentralized finance (DeFi) platform GemPad, where an attacker stole assets by exploiting a vulnerability in the project’s smart contracts.
Decentralized Finance (DeFi) Platform GemPad Hit for $2.1 Million
The exploit on GemPad occurred when an attacker took advantage of a vulnerability in the project’s smart contracts to steal assets. This incident highlights the importance of ensuring the security and integrity of DeFi platforms, which have become increasingly popular in recent years.
FEG Token Bridge Exploited for $1 Million
Another significant incident recorded by CertiK was the exploitation of FEG’s token bridge by a hacker. The attacker withdrew FEG tokens from the bridge contract without depositing them in the source chain, resulting in a loss of $1 million.
Root Cause of Vulnerability: Error in Cross-Chain Message Verification Process
CertiK’s analysis revealed that the root cause of the vulnerability was an error in the cross-chain message verification process. This highlights the importance of thorough testing and validation to prevent such vulnerabilities from occurring.
PeckShield Shares Similar Data, Highlights Decrease in Hack Losses
Blockchain security firm PeckShield shared similar data on January 1, stating that they recorded $24.7 million in hack losses in December, marking a 71% decrease from November.
PeckShield’s Analysis: Most Significant Hack Incident was LastPass Exploit
According to PeckShield, the most significant hack incident was the Dec. 16 and 17 exploit suffered by Password management service LastPass users, which saw $12.3 million drained.
LastPass Data Breach in December 2022: Up to $35 Million Worth of Crypto Stolen
It’s worth noting that LastPass suffered a data breach in December 2022, where hackers copied a backup of customer vault data from encrypted storage, resulting in users having their crypto stolen. By September 2023, an estimated $35 million worth of crypto had been stolen from about 150 victims.
Yei Finance Suffered $2.2 Million Security Breach
PeckShield also recorded another significant incident, with DeFi market protocol Yei Finance suffering a security breach on December 2, resulting in around $2.2 million being taken.
Cyvers 2024 Web3 Security Report Reveals $2.3 Billion Worth of Crypto Stolen
In the Cyvers 2024 Web3 Security Report shared with Cointelegraph on December 24, the on-chain security firm stated that $2.3 billion worth of crypto was stolen across 165 incidents in 2024.
Increase in 2024 Compared to Previous Years: 40% Increase from 2023 and 37% Decrease from 2022
According to Cyvers, this marked a 40% increase compared to 2023, when hackers stole $1.69 billion worth of crypto. However, it’s worth noting that this is still 37% less than the $3.78 billion stolen in 2022.
Deddy Lavid on Increase in 2024: Access Control Breaches, Particularly in Centralized Exchanges (CEXs) and Crypto Custodians
In an interview with Cointelegraph, Deddy Lavid, co-founder and CEO of Cyvers, attributed the increase in 2024 to access control breaches, particularly in centralized exchanges (CEXs) and crypto custodians.
Conclusion
The decline in losses due to crypto scams, exploits, and hacks in December 2024 is a positive trend for the industry. However, it’s essential to remain vigilant and continue to prioritize security measures to prevent such incidents from occurring in the future. As the industry continues to evolve, it’s crucial to stay informed about the latest trends and threats to ensure the long-term success of Web3 projects.
Related Articles
- Winners and Losers of 2024: A Year of All-Time Highs, Hacks, and Hodling
- Magazine: I Became an Ordinals RBF Sniper to Get Rich… but I Lost Most of My Bitcoin
Explore more articles like this by subscribing to our Crypto Biz newsletter. Weekly snapshot of key business trends in blockchain and crypto, from startup buzz to regulatory shifts. Gain valuable insights to navigate the market and spot financial opportunities. Delivered every Thursday.
Subscribe by agreeing to our Terms of Services and Privacy Policy.
