The first quarter of 2024 proved to be a challenging period for the digital currency sector. Cybercriminals siphoned off a staggering $502.52 million through 223 onchain security incidents.
This figure represents a 54% increase compared to the same period in 2023, where losses totaled $326 million. Despite a minor decline from the $522 million lost in the final quarter of 2023, the numbers remain alarmingly high.
What Tactics Hackers Used to Steal Users’ Crypto?
According to CertiK’s “The Web3 Security Quarterly report,” in January alone, the bad actors made off with $193.1 million across 78 incidents. February and March were not far behind, with losses of $160.4 million and $149 million, respectively, spread across numerous security breaches.
The primary method of theft was private key compromises, which accounted for nearly half of the total financial losses. This occurred in only 26 incidents, highlighting the significant impact of these breaches.
Furthermore, the scammers employed various tactics such as access control breaches, exit scams, and phishing. These methods resulted in substantial losses, with exit scams also known as rug pulls, particularly damaging, costing users $68.3 million. Additionally, vulnerabilities in code and flash loan attacks led to losses of $42.6 million and $37.7 million, respectively.
“The fact that the same types of attacks are continuing to drain value from the ecosystem is proof that these vulnerabilities are not getting the attention they deserve. It’s hard to be into crypto without knowing what an exit scam or rug pull is, yet $68 million was lost to 34 blatant exit scams in Q1, not counting the innumerable soft rugs of newly launched tokens,” Ronghui Gu, the co-founder of CertiK told BeInCrypto.
Read more: Crypto Project Security: A Guide to Early Threat Detection
Types of Q1 Security Incidents. Source: CertiK
Ethereum was the most affected platform, suffering 131 incidents that led to $139 million in losses. However, there was a glimmer of hope as $77.9 million was recovered across various incidents, including Munchables.
Among the notable breaches was the January 30 incident involving Ripple’s co-founder, Chris Larsen. His XRP wallets were compromised, leading to an unauthorized transfer of approximately 213 million XRP, worth around $112 million.
This incident became the largest security breach of 2024, prompting immediate action from exchanges and law enforcement to trace and freeze the stolen assets.
Following closely was the Munchables hack in March, where hackers stole and then surprisingly returned $62.5 million. This act of returning the stolen funds sheds light on the unpredictability and complexities within the crypto ecosystem.
Read more: Top 5 Flaws in Crypto Security and How To Avoid Them
Another significant incident was the BitForex exit scam in February, with losses amounting to $56.5 million. The sudden halting of withdrawals after the disappearance of funds from hot wallets caused widespread panic and confusion among users.
Read the full article here