Web3 Attacks Cause $2.3Bn Cryptocurrency Losses

Web3 security incidents caused over $2.3 billion in cryptocurrency losses in 2024, showing a 31.6% increase from the previous year, according to data from Certik, a blockchain security firm.

In 2024, there were 760 incidents resulting in these losses, which is slightly fewer than in 2023. On average, $3.1 million was stolen per hack, representing a 23% increase from 2023.

Although the losses in 2024 were significant, they were lower than the losses in 2021 and 2022, which were $5.2 billion and $3.5 billion, respectively.

Web3 is a decentralized blockchain-based internet service that aims to empower users by giving them more control.

The rise in crypto theft on Web3 was influenced by the changing value of cryptocurrency. Certik observed a significant increase in the total value locked across blockchain networks in 2024, driven by the growing adoption of decentralized finance (DeFi).

Last year, the US Securities and Exchange Commission (SEC) approved Spot Bitcoin and Ethereum exchange-traded funds (ETFs), contributing to this expansion.

On the contrary, the value of DeFi had dropped by 46% in 2023 compared to the previous year.

Ethereum experienced the highest number of security incidents in 2024, with 403 hacks, scams, and exploits leading to $748.6 million in losses. Bitcoin and Tron were also popular targets, with $542.7 million and $133 million stolen, respectively.

Phishing emerged as the most costly attack vector in 2024, causing $1.05 billion in losses across 296 incidents. This accounts for nearly half of the total stolen amount in the year and 39.1% of the incidents.

The increase in phishing attacks compared to 2023, where private key compromise was more prevalent, indicates that technical security controls in the Web3 ecosystem are improving and making other attack techniques less effective.