In a concerning trend for the industry’s mainstream acceptance, cryptocurrency hackers in 2024 surpassed the previous year’s achievements by stealing more than $2.3 billion worth of crypto from the Web3 ecosystem.
Sharp Uptick in Crypto Hacks Driven by Increasing Valuations
Crypto hacks saw a sharp uptick in 2024, driven by the appeal of increasing cryptocurrency valuations after Bitcoin (BTC) surpassed the $100,000 mark for the first time on December 6. This surge in value made cryptocurrencies more attractive to hackers, who targeted Web3 platforms and exchanges.
Record-Breaking Hacks: A 40% Increase from 2023
According to a report shared by on-chain security firm Cyvers, crypto hackers stole over $2.3 billion worth of assets across 165 incidents in 2024. This represents a 40% increase compared to 2023, when hackers stole $1.69 billion worth of crypto.
Access Control Breaches: The Main Reason for the Increase
The 40% increase was mainly attributed to the rise of access control breaches, particularly in centralized exchanges (CEXs) and crypto custodians. Deddy Lavid, co-founder and CEO of Cyvers, told Cointelegraph that these incidents were often facilitated by compromised private keys and weak key management systems.
High-Profile Hacks: A Wake-Up Call for the Industry
Lavid highlighted high-profile hacks such as multi-signature wallets as examples of weak key management systems. Despite the increase in hacks, the $2.36 billion lost in 2024 was still 37% below the record $3.78 billion stolen in 2022.
Access Control Vulnerabilities: A Major Concern for the Industry
Access control vulnerabilities accounted for $1.9 billion worth of value stolen in 2024, or over 81% of the total amount lost to crypto hacks, across 67 cybersecurity incidents. This highlights a major concern for the industry and underscores the need for more robust security practices.
Smart-Contract Exploits: The Second-Largest Attack Vector
Smart-contract exploits resulted in $456 million stolen across 98 incidents, as the second-largest attack vector responsible for 19% of the value lost in 2024. This highlights the importance of secure smart contract development and testing.
Prioritizing Security: A Necessary Step for the Industry’s Growth
To avoid another multi-billion hacking year in 2025, the industry needs to prioritize more robust security practices, such as private key management with offline storage and real-time threat monitoring systems. Lavid emphasized that by prioritizing education, collaboration, and security innovation, we can significantly reduce vulnerabilities and foster a safer Web3 ecosystem.
North Korean Hackers: A New Threat to the Industry
The industry must remain vigilant, as North Korean hackers may begin targeting larger objectives, such as the United States spot Bitcoin exchange-traded funds (ETFs), according to Michael Pearl, vice president of GTM strategy at on-chain security company Cyvers. The FBI has issued a warning that North Korean hackers are going to try to infiltrate and steal money from ETFs.
Consequences of Inaction: A Multi-Billion Dollar Problem
The consequences of inaction are clear: if the industry fails to prioritize security, we can expect more devastating hacks in 2025. As Lavid noted, "By prioritizing education, collaboration, and security innovation, we can significantly reduce these vulnerabilities and foster a safer Web3 ecosystem."
A Call to Action for the Industry
The industry must come together to address this pressing issue. By working together and prioritizing security, we can prevent devastating hacks and create a more secure future for the Web3 ecosystem.
Subscribe to the Finance Redefined Newsletter
Stay up-to-date with the latest DeFi developments, sharp analysis, and new financial opportunities with our weekly newsletter. Subscribe now and make informed decisions with confidence.
