The final months of 2024 saw a significant decline in losses attributed to crypto scams, exploits, and hacks. According to blockchain security firm CertiK, the smallest amount stolen in December was $28.6 million.
December’s Notable Incidents
CertiK reported that exploits comprised the bulk of these losses, with attackers stealing $26.7 million in December. The most significant incident was a $2.1 million exploit of decentralized finance (DeFi) platform GemPad. An attacker exploited a vulnerability in the project’s smart contracts to steal assets.
The second-most serious incident recorded by CertiK involved a hacker exploiting the token bridge of DeFi project FEG, withdrawing FEG tokens from the bridge contract without depositing them in the source chain. This drained $1 million and was attributed to an error in the FEG cross-chain message verification process.
Further Analysis by PeckShield
Blockchain security firm PeckShield shared similar data in a Jan. 1 post on X, recording $24.7 million in hack losses in December. This represented a 71% decrease from November. The most significant incident recorded by PeckShield was the Dec. 16 and 17 exploit suffered by Password management service LastPass users, which saw $12.3 million drained.
This was not an isolated incident, as LastPass had previously been targeted in a data breach in December 2022, resulting in hackers copying a backup of customer vault data from encrypted storage. This led to the theft of crypto, with cybersecurity reporter Brian Krebs estimating that up to $35 million worth of crypto had been stolen from about 150 victims by September 2023.
Year-End Review by Cyvers
Cyvers’ 2024 Web3 Security Report, shared with Cointelegraph on Dec. 24, revealed that $2.3 billion worth of crypto was stolen across 165 incidents in 2024. This marked a 40% increase compared to 2023, when hackers stole $1.69 billion worth of crypto.
However, this figure is 37% less than the $3.78 billion stolen in 2022. Deddy Lavid, co-founder and CEO of Cyvers, attributed the increase in 2024 to access control breaches, particularly in centralized exchanges (CEXs) and crypto custodians.
Historical Context
The decline in losses due to hacks, exploits, and scams marks a significant shift from previous years. While the $2.3 billion stolen in 2024 is higher than the $1.69 billion in 2023, it is lower than the $3.78 billion lost in 2022.
This trend suggests that efforts by blockchain security firms to improve protocol security and educate users may be paying off. However, there is still much work to be done to prevent such incidents and protect users’ assets.
Looking Ahead
As the crypto landscape continues to evolve, it is essential for users, developers, and security firms to stay vigilant and proactive in addressing potential vulnerabilities. By working together, we can create a safer environment for everyone involved in the cryptocurrency ecosystem.
Conclusion
The decline in losses due to hacks, exploits, and scams in December 2024 marks a positive trend in the crypto space. However, there is still much work to be done to prevent such incidents and protect users’ assets. As we look ahead to 2025 and beyond, it will be essential for stakeholders to remain vigilant and proactive in addressing potential vulnerabilities.
Additional Statistics
- $2.3 billion: total value of crypto stolen across 165 incidents in 2024
- 40% increase: compared to 2023 when hackers stole $1.69 billion worth of crypto
- 37% decrease: compared to 2022 when hackers stole $3.78 billion worth of crypto
Sources
CertiK, PeckShield, Cyvers
