Hackers managed to get away with $750 million across 155 incidents in Q3 2024, bringing the year’s total losses to nearly $2 billion according to CertiK’s Web3 Hack3d Report for the quarter.

The figure represents an approximate 9.5% increase in value lost, even though there were 27 fewer incidents compared to the previous quarter.

According to the report, phishing and private key compromises are the most common attack methods leading to losses totaling $668 million. Phishing alone was responsible for $343 million in damages across 65 incidents.

One notable incident involved a Bitcoin whale who lost $238 million in August 2024, marking the largest phishing attack in Q3 2024. The attack targeted the whale’s wallet and while the community managed to recover some of the funds, the majority of the stolen amount remains unrecovered.

Private key compromises led to approximately $317 million in losses across only 10 incidents. The most significant of these was an attack on WazirX, one of India’s top cryptocurrency exchanges.

In July 2024, hackers exploited vulnerabilities in WazirX’s private keys, resulting in the theft of $231 million across over 200 cryptocurrencies, including Shiba Inu (SHIB), Ethereum (ETH), and Polygon (MATIC). This breach stands as one of the most significant in Q3 2024.

LATEST |

WazirX, a prominent Indian cryptocurrency exchange, has reportedly been hacked, with over $234.9 million in assets moved from its Safe Multisig wallet on the Ethereum network to a new address. The transactions were funded by Tornado Cash, a cryptocurrency mixer known… pic.twitter.com/rSqMZ4eHCk

— BitKE (@BitcoinKE) July 18, 2024

According to the cybersecurity firm, Ethereum remains the primary target for attacks with $387.8 million stolen across 86 incidents, significantly outpacing any other blockchain.

Multichain hacks were also prevalent resulting in $89.8 million stolen across various networks highlighting the potential risks tied to cross-chain functionality.

Although phishing and private key compromises accounted for the highest value lost this quarter, other significant attack methods included code vulnerabilities and re-entrancy exploits.

Code vulnerabilities led to $39.6 million in losses across 44 incidents, while re-entrancy attacks – where hackers repeatedly withdraw funds before balances are updated – caused $30.3 million in losses over five incidents.

The Q3 2024 CertiK report shows that just 4.1% of stolen funds were recovered this quarter, a significant drop from the 14.4% recovered in Q2 2024. Despite fewer incidents, the average loss per hack rose to $5.93 million, with the median loss standing at $120,529.

 

 

 

Follow us on X for the latest posts and updates

Join and interact with our Telegram community

_________________________________________

_________________________________________