The final months of 2024 saw a significant decline in crypto losses due to hacks, exploits, and scams, with December registering the smallest amount stolen.
Blockchain Security Firm Reports Decrease in Crypto Losses
According to a recent post on X by blockchain security firm CertiK, there were $28.6 million known losses to exploits, hacks, and scams in December. This is compared to $63.8 million in November and $115.8 million in October.
Breakdown of Losses by Type
- Exploits: Comprised the bulk of the losses, with $26.7 million stolen by attackers in December.
- Hacks: The second-most significant type of loss, with $1.9 million stolen in December.
Significant Incidents Recorded in December
- GemPad Exploit: A decentralized finance (DeFi) platform was exploited, resulting in the theft of $2.1 million worth of assets. An attacker took advantage of a vulnerability in the project’s smart contracts.
- FEG Token Bridge Hack: A hacker exploited the token bridge of DeFi project FEG, withdrawing FEG tokens from the bridge contract without depositing them in the source chain. This resulted in the loss of $1 million.
Root Cause of Vulnerability
According to a Dec. 31 analysis by CertiK, the root cause of the vulnerability was an error in the FEG cross-chain message verification process.
Similar Data from PeckShield
Blockchain security firm PeckShield shared similar data in a Jan. 1 post on X. It recorded $24.7 million in hack losses in December, which is a 71% decrease from November.
Most Significant Incident Recorded by PeckShield
- The most significant incident was the Dec. 16 and 17 exploit suffered by Password management service LastPass users, which saw $12.3 million drained.
- LastPass was also the victim of a data breach in December 2022, when hackers copied a backup of customer vault data from encrypted storage.
Other Notable Incidents Recorded by PeckShield
- A Dec. 2 security breach suffered by DeFi market protocol Yei Finance was the second-largest December incident recorded by PeckShield, with around $2.2 million taken.
Annual Crypto Losses in 2024
According to Cyvers’ 2024 Web3 Security Report, which was shared with Cointelegraph on Dec. 24, there were $2.3 billion worth of crypto stolen across 165 incidents in 2024.
Comparison to Previous Years
- This marked a 40% increase compared to 2023, when hackers stole $1.69 billion worth of crypto.
- However, it’s 37% less than the $3.78 billion stolen in 2022.
Reason for Increase in 2024
Deddy Lavid, co-founder and CEO of Cyvers, told Cointelegraph that the increase in 2024 was probably due to access control breaches, particularly in centralized exchanges (CEXs) and crypto custodians.
