$3.6 Billion Lost in Crypto Scams and Cyber Threats in 2024
The year 2024 was challenging for cryptocurrency investors, with scams and cyber threats resulting in $3.6 billion in losses, primarily from Ethereum-based exploits. The most prevalent tactic used by scammers was pig butchering, which involves luring victims with promises of high returns on fake crypto investments.
A report by Cyvers, a Web3 security firm, indicated that pig butchering scams comprised a significant portion of the year's crypto fraud. The analysis covered over 150,000 addresses and tracked more than 800,000 transactions. Access control breaches were also prominent, accounting for 41.6% of fraud incidents and causing 81% of financial losses, totaling $1.9 billion across 67 cases.
Smart contract vulnerabilities caused losses of $456.8 million across 98 incidents, while address poisoning resulted in a loss of $68.7 million from a single case.
Quarterly Analysis of Crypto Scams
The first quarter recorded the highest number of fraud cases, with 53 incidents reported. The second quarter included DMM Exchange’s $305 million loss due to a hack of its Bitcoin hot wallet's private key.
The third quarter experienced the largest monetary losses, at $760 million. This included July’s WazirX hack, which led to a $235 million loss from a multi-signature wallet vulnerability, and September’s BingX attack, resulting in a $52 million loss.
The fourth quarter reported the lowest scams and losses, with Radiant Capital facing a $50 million breach after compromised devices were exploited.
Need for Awareness
Cyber threats increased by 40% compared to 2023, highlighting the urgent need for enhanced security measures. Cyvers emphasized the necessity for stronger defenses and greater awareness in the crypto space. Despite the rising sophistication of cybercriminals, total losses in 2024 were 37% lower than in 2022.
Recovery efforts yielded $1.3 billion reclaimed through services and bug bounty programs, aided by on-chain sleuths like ZachXBT in identifying stolen funds. Deddy Lavid, CEO of Cyvers, noted that education could help mitigate access control breaches.
Governments worldwide have intensified awareness campaigns against pig butchering scams, advising citizens to be cautious of unsolicited investment offers and suspicious links.
In related news, SlowMist warned investors of increasing phishing scams disguised as Zoom meeting links, with one victim losing millions after installing malware from a fraudulent link.
As 2024 concludes, crypto investors anticipate a safer environment with improved security measures.