crypto.news
2025-01-17 10:33:52

Ethereum accounted for over 50% of $2.3b lost to hacks and exploits in 2024

Bad actors stole roughly $2.3 billion from web3 projects, with Ethereum accounting for more than half of the total losses. According to the State of Web3 Security in 2024 report from Cyvers, 51% of the stolen funds came from Ethereum-based projects, largely due to its role as the leading blockchain for DeFi and its extensive liquidity. BNB Chain was the second most targeted blockchain, accounting for 24% of losses, while Bitcoin, XRP, and Arbitrum accounted for 5%, 4%, and 3%, respectively. Access control failures accounted for 81% of the total funds lost in 2024, linked to weak authentication and permission mechanisms. Smart contract vulnerabilities, while responsible for 19% of the losses, exploited loopholes in code to siphon funds. The top three biggest Web3 hacks of 2024 included the $305 million DMM Bitcoin exploit , the $290 million PlayDapp breach , and the $235 million WazirX attack . Each of these incidents stemmed from vulnerabilities in access control mechanisms. Other multi-million dollar incidents include the exploit of Ethereum-based Muchables, which lost $97 million after a rouge developer exploited smart contract vulnerabilities. Meanwhile, address poising attacks accounted for $68 million in losses. “Many Web3 projects still aren’t implementing proper security protocols to protect user assets. Even a single flaw in a smart contract can be catastrophic, and 2024 was proof of that,” the report stated. You might also like: Burwick law founder blasts Pump.fun for exploitation, lawsuit looms Crypto losses grew quarter on quarter through 2024, with Q3 being the most damaging, accounting for $669 million in losses. Q4 saw the least number of incidents, with losses amounting to $130 million. Recovery efforts bore mixed results, with $620 million reclaimed in Q1 and $562 million in Q2. However, recoveries dropped sharply in the latter half of the year, with just $93 million recovered in Q3 and $25 million in Q4. “While early intervention can help recover stolen assets, delays often allow funds to disappear before authorities and security teams can act,” the report added. To combat the growing threats, Cyvers urged for the standardization of continuous monitoring and real-time vulnerability testing and advocated for the use of AI-powered detection mechanisms. An earlier report from Web3 security firm PeckSheild highlighted that crypto hacks and scams surged over 15% in 2024, and decentralized finance protocols were the biggest targets. Read more: Hacken: Access control exploits account for nearly 80% of all crypto hacks in 2024

获取加密通讯
阅读免责声明 : 此处提供的所有内容我们的网站,超链接网站,相关应用程序,论坛,博客,社交媒体帐户和其他平台(“网站”)仅供您提供一般信息,从第三方采购。 我们不对与我们的内容有任何形式的保证,包括但不限于准确性和更新性。 我们提供的内容中没有任何内容构成财务建议,法律建议或任何其他形式的建议,以满足您对任何目的的特定依赖。 任何使用或依赖我们的内容完全由您自行承担风险和自由裁量权。 在依赖它们之前,您应该进行自己的研究,审查,分析和验证我们的内容。 交易是一项高风险的活动,可能导致重大损失,因此请在做出任何决定之前咨询您的财务顾问。 我们网站上的任何内容均不构成招揽或要约