In a concerning revelation for the crypto industry, cyber security firm CertiK disclosed that while the frequency of hacks decreased in the last quarter. The total value extracted by thieves dramatically increased. According to CertiK’s latest Web3 security report, hackers stole $750 million across 155 incidents. Bringing the year’s cumulative losses to nearly $2 billion.
Key Insights from the CertiK Report
Despite 27 fewer incidents compared to the previous quarter. There was an approximate 9.5% rise in the total value lost. Phishing and private key compromises were the dominant methods used by attackers, leading to the most significant losses.
- Phishing Attacks: Phishing was responsible for $343 million in damages across 65 incidents. A notable instance involved a Bitcoin whale who lost $238 million in August. Marking the largest single phishing attack of the quarter. Although the community recovered some of the stolen funds, the majority remain missing.
- Private Key Compromises: These incidents accounted for $317 million in losses through just 10 events. The most significant was a breach at WazirX, one of India’s top crypto exchanges, where hackers stole $231 million worth of various cryptocurrencies in July after exploiting private key vulnerabilities.
Ethereum as a Prime Target
Ethereum continued to be the most frequently attacked blockchain, with $387.8 million stolen in 86 incidents. The report also highlighted vulnerabilities in multichain operations. With $89.8 million lost across various networks due to cross-chain functionality risks.
Other Attack Vectors
In addition to phishing and key compromises, the report outlined losses from other attack types:
- Code Vulnerabilities: Resulted in $39.6 million in losses across 44 incidents.
- Reentrancy Attacks: These allowed hackers to withdraw funds repeatedly before balance updates. Resulting in $30.3 million lost in five incidents.
Recovery and Prevention Efforts
The report pointed out that only 4.1% of the stolen funds were recovered during the quarter. A significant decrease from 14.4% in Q2. The average loss per hack rose to $5.93 million. Highlighting the growing impact of each successful attack. The median loss was reported at $120,529.
A Slight Respite in August
Contrasting with the quarter’s grim data, August saw a significant drop in crypto-related losses, with only $15 million lost across five incidents, as per Immunefi. This marked the lowest monthly total year-to-date and a 94.5% decrease from July’s figures, suggesting potential improvements in security measures and response strategies.
The CertiK report serves as a stark reminder of the persistent and evolving threats in the crypto space. Despite the industry’s efforts to bolster security, the high value of losses underscores the need for continued vigilance and enhanced protective measures against sophisticated cyber threats.
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
TRON