Phishing was the costliest attack vector on Web3 in 2024, a year when a total of $2.3 billion was lost through 760 chain security incidents, according to CertiK’s 2024 Web3 Security Report.
According to the report:
- The year (2024) saw a 31.61% increase in stolen value compared to 2023
- Year-over-year number of security incidents increased by 29
- The average amount lost through hacking in 2024 was $3.18 million
- The median amount stolen was $150,925
- Similar to the third quarter of 2023, the third quarter of 2024 saw the most losses, with $753.34 million stolen in 157 hacks, scams and exploits
- The following quarter (Q4 2024) saw a Drop of 46.65% of the amount stolen
- May 2024 was the most expensive month of the year, with $444.37 million lost through 63 incidents
- Phishing Attacks Dominate in Value Lost and Number of Incidents $1.01 billion lost through 296 incidents, and
- 3 phishing incidents of more than $100,000,000 lost,
notes CertiK’s 2024 Web3 Security Report.
“This represents almost half of all the value stolen during the year and 39.1% in the number of incidents, suggesting that on average, phishing attacks typically result in larger amounts of theft per incident than other vulnerabilities. the report said.
- Private key compromises followed, with $855.35 million flew through 65 incidents
- All four quarters of 2024 saw high levels of activity involving phishing attacks and private key thefts.
At the channel level:
- Ethereum once again experienced the highest number of security incidents, with a total of 403 hacks, scams and exploits leading to $748.66 million in losses. This gave an average of $1.87 million stolen by incident
Hackers have also heavily targeted Bitcoin and Tron, with:
- Bitcoin having $542.7 million stolen and
- TRON having $133.09 million stolen
Security vulnerabilities affecting multiple channels are taken into account $435.01 million in losses through 39 incidents, the report added.
Phishing is expected to be the dominant attack vector on Web3 in 2025, and users are on notice as the crypto economy is poised to expand further.
According to CertiK, phishing is particularly popular among criminals because it preys on human vulnerabilities rather than solely targeting technological weaknesses. By creating deceptive emails, fake websites or fraudulent messages, attackers trick users into divulging sensitive information such as passwords, private keys or wallet addresses.
See also
“In the crypto space, the irreversible nature of transactions makes phishing particularly devastating, as funds cannot be recovered once transferred – unless the attacker decides to return the funds. »
You can read the report for free here.
Follow us on X for the latest articles and updates
Join and interact with our Telegram Community
_________________________________________
_________________________________________
Related
