Blockchain security firm CertiK shared its Q3 reports, revealing that crypto hacks’ total value stolen increased by nearly 10% last quarter while phishing scams and private key compromises accounted for 91% of the total losses.
Crypto Hacks’ Value Rises In Q3
CertiK published its HACK3D Security Report for Q3 2024, revealing that crypto hacks continue to be a critical issue for the sector. The blockchain security firm underscored the “need for stronger security measures across the industry” as malicious actors continue to adapt and develop new methods to target the industry.
From July to September, hacks declined by 14%, reaching 155 incidents, 27 fewer than in the second quarter. This number has steadily declined throughout the year, with Q3’s total number of hacks representing a 30% drop from the first quarter’s 224 attacks.
However, the total value lost in Q3 increased by 9.5% from Q2, suggesting that the hacks were more substantial on average. During this quarter, the industry saw around $735 million lost to attacks.
Comparatively, CertiK identified $505.5 million and $687.4 million losses in the first two quarters, totaling nearly $2 billion in value lost year-to-date (YTD). The report noted that the return rate of stolen funds significantly decreased quarter on quarter (QOQ), going from 14.4% in Q2 to only 4.1% in Q3.
Ethereum remained the most targeted network, with $387.8 million stolen in 86 accidents. Bitcoin was the second-largest loser by amount, with $238 million, but registered on a single accident. Meanwhile, hackers took $89.83 million in attacks orchestrated across multiple chains.
Q3 incident statistics by chain. Source: CertiK
$668 Million Lost To Phishing And PKC
Phishing scams and private key compromises accounted for $668 million stolen in Q3, around 91% of the total value lost last quarter. The report revealed that phishing is still the costliest in Q3, sweeping over $343 million between 65 incidents. Two out of the three largest attacks belonged in this category.
The most notable case was the theft of 4,100 Bitcoin from a crypto investor in Washington. The scheme used “sophisticated social engineering tactics” to defraud the victim and fund the scammers’ lavish lifestyle. However, the two suspects have been arrested and charged with conspiring to steal and money laundering.
Private key compromises (PKC) were last quarter’s second-largest scamming method, taking over $324.4 million across ten incidents. Indian crypto exchange WazirX’s heist is the largest victim of this vector in Q3.
The exchange fell victim to a security breach that resulted in losing $235 million in cryptocurrencies, including SHIB, ETH, MATIC, PEPE, and USDT. Since the beginning of 2024, CertiK has registered 49 PKC incidents, recording an estimated loss of $675 million YTD.
The Blockchain security firm concluded that, despite the progress, the industry remains vulnerable and suggested that better user education on security measures is key to fighting malicious actors:
Despite advancements in security, hacks remain a persistent threat in the crypto space. As the industry evolves, so do the tactics of attackers, who continue to exploit vulnerabilities in both centralized and decentralized platforms. While the decrease in the number of hacks this quarter is encouraging, the increase in total amount stolen serves as a reminder that better user education and more sophisticated security measures are essential to protect assets and maintain trust in the ecosystem.
Total crypto market capitalization is at $2.05 Trillion in the three-day chart. Source: TOTAL on TradingView
Featured image from Unsplash.com, Chart from TradingView.com