Crypto hacks surge by 42% in early 2024, with $542.7M stolen as hackers adapt tactics.
In 2024, cryptocurrency hackers and exploiters may be on the brink of a more prosperous year, potentially surpassing their accomplishments from 2023.
Hackers stole digital assets valued at $542.7 million in the first quarter of 2024, a 42% increase from the same period in 2023.
According to Mriganka Pattnaik, co-founder and CEO of Merkle Science, a crypto risk and intelligence platform, the primary cause of this is the constant evolution of hackers’ attack vectors and their pursuit of simpler targets.
Pattnaik explained:
“While smart contract vulnerabilities remain a concern, hackers increasingly target areas outside smart contracts, like private key leaks. These leaks, often due to phishing attacks or insecure storage practices, have led to significant losses.”
Hackers employ phishing attacks to obtain sensitive information, such as private keys for crypto wallets. Address poisoning scams, which are other types of phishing assaults, are designed to deceive investors into sending funds to a fraudulent address that resembles an address with which they have previously interacted.
In the most high-profile phishing attack of the year, a trader lost $71 million in cryptocurrency in May. The trader was deceived by the assailant into transferring 99% of their funds to the attacker’s address.
However, in an unusual turn of events, the unidentified criminal returned the $71 million to the victim over a week later, when the incident caught the attention of blockchain investigation firms. The attacker’s location was ultimately determined.
Smart contract vulnerabilities were previously among the most frequently targeted infrastructures by hackers.
Nevertheless, the 2024 HackHub report from Merkle Science indicates that the amount of money that was compromised due to smart contract vulnerabilities decreased by 92% to $179 million in 2023, a significant decrease from the $2.6 billion that was lost in 2022.
Private key leaks are presently the most pressing issue, as per Pattnaik:
“While smart contract vulnerabilities remain a security concern, a significant portion of financial losses are now attributable to attack vectors outside the realm of smart contracts. The biggest security concern right now is the rapid increase in losses due to private key leaks.”
Private key breaches resulted in the loss of more than 55% of the digital assets that were hacked in 2023.
