Hold onto your digital wallets, folks, because 2024 was a rollercoaster ride for the crypto world! Nearly half a billion dollars in stolen crypto assets made their way back home, despite a year filled with jaw-dropping security breaches.
According to the sharp-eyed analysts at PeckShield, 2024 saw a boom in crypto-related security breaches, coinciding with a bullish market that had everyone buzzing. But don't let those grim stats get you down; recovery efforts swooped in to save the day, reclaiming a whopping hundreds of millions in stolen assets.
PeckShield's 2024 Crypto Security Annual Report pulled back the curtain on a year riddled with crypto breaches, totaling losses over a staggering $3.01 billion. Hacks were the main culprits, snatching away $2.15 billion, while scams chipped in with $834.5 million, marking a 15% spike in losses from the previous year.
While the number of incidents may have cooled over the past three years, the financial blows still packed a punch, especially in the DeFi sector, which bore the brunt of the damage. May was the worst offender, with losses skyrocketing to $662.2 million, followed by January's $440.8 million.
The headline-stealers were the DMM Bitcoin breach, which saw $305 million vanish, and the PlayDapp exploit, with a loss of $290 million. But there's a silver lining! Thanks to relentless recovery efforts, a cool $488.5 million of stolen loot was clawed back.
Meanwhile, the watchdogs at CertiK reported some good news in December, with losses dipping to a record low for the year at $28.6 million. Although exploits bagged $26.7 million, Gempad suffered the biggest single hit at $2.14 million. But beware, phishing scams are still lurking in the shadows, with one unfortunate victim losing $7.87 million.
For example, hackers took control of Animoca Brands CEO Yat Siu’s social media account to peddle a bogus token, tricking crypto users out of $500,000. Another phishing plot uncovered by SlowMist used bogus Zoom links to sneak malware into crypto wallets, racking up over $1 million in losses. The stolen cash was then traced back to exchanges like Binance and Gate.io, with whispers of Russian-speaking groups in the mix.
And just when you thought it was safe, cybersecurity firm CrowdStrike spotted a sneaky phishing campaign where scammers impersonated the company, sending out fake job offer emails to spread the Monero cryptocurrency miner XMRig.
These phishing emails lured job seekers into downloading a fake “employee CRM application” from a phony CrowdStrike portal. Once installed, the sneaky software ran checks to dodge detection and quietly unleashed the XMRig miner, nibbling at system resources without raising eyebrows.
Stay savvy, crypto enthusiasts, because in the world of digital currency, adventure is always just a click away!
