The number of cybercrimes in the cryptocurrency space is constantly growing. Cryptocurrencies, once seen as a secure alternative to traditional payments, free from the risks of theft, fraud, and cyberattacks, have not fulfilled this mission. How many crypto coins have already been stolen, and what is being proposed to combat hackers is discussed in an analytical article by IT-World.
According to Bloomberg, citing information from TRM Labs, a blockchain analytics company, in the first half of 2024 alone, hackers stole cryptocurrencies worth $1.38 billion on the global market through hacks and exploiting network vulnerabilities.
Although, as market experts note, the amount of stolen cryptocurrency is still below the “record” levels of the first half of 2022 (almost $2 billion), it is already twice as much as during the same period in 2023.
As in 2023, 70% of all stolen cryptocurrency resulted from five major attacks. The average size of thefts was 1.5 times larger than the previous year. Among the largest attacks was the “unauthorized leakage” from the Japanese cryptocurrency exchange DMM Bitcoin, during which bitcoins worth approximately $308 million were stolen.
According to a report by the web3 platform Immunefi, hackers carried out 149 breaches in the global crypto industry in the first half of the year. In July alone, which ranked second in terms of losses during this period, the industry’s losses from 14 specific incidents reached $269.4 million. The “leader” of the first half was May, with damage amounting to $358 million.
Most of the losses occurred due to a single exploit—the hack of WazirX (one of the world’s leading cryptocurrency exchanges, founded in India), amounting to $235 million. North Korean hackers are suspected of involvement in the incident.
According to the calculations of SHARD, reviewed by IT-World analysts, the largest damage in the first half of the year was inflicted on gaming platforms (42% of all hacker attacks, or $601 million), exchanges (38%, or $542.85 million), decentralized DeFi services (15%, or $216.47 million). Private individuals, who lost a total of $71 million, were at the bottom of this list (5%).
Moreover, the methods used by crypto criminals have changed. Previously, DeFi Llama analysts note, hackers operated in groups, but today more and more solo hackers are emerging. Access to Trojans designed to collect information from the victim’s system (info stealers) can be obtained by almost anyone with the necessary funds to purchase malicious software, which is available on specialized hacker forums in the darknet.
The low barrier to entry for amateur hackers is further reduced by the spread of open-source hacking tools, commented Omer Sadika, co-founder and CEO of blockchain security company dWallet Labs, in the media. As a result, the scale and frequency of attacks are growing.
Analysts note that the number of cybercrimes and the losses suffered by participants in the global crypto market are increasing dynamically every year.
In 2022, according to TRM Labs, hackers and fraudsters deprived cryptocurrency owners of $11.5 billion. Of this, investments in financial pyramids resulted in losses of $7.8 billion, $3.7 billion was stolen, and about $2 billion were lost due to attacks on cross-chain bridges (services for transferring funds from one blockchain to another).
In the first half of 2022 alone, VPN Atlas and Slowmist Hacked calculated that during 175 attacks, hackers stole cryptocurrencies and other crypto assets worth $1.97 billion. More than half of these losses—$1.014 billion—occurred in various Ethereum ecosystem projects, where participants lost their assets as a result of 32 attacks.
2021 still holds the record for the highest losses—$14 billion, which is 79% more than in 2020. Most crimes were related to fraud, with thefts, including after hacking blockchain projects, taking second place.
According to Chainalysis experts, this surge in losses in the global crypto market was driven by the rapidly developing decentralized finance (DeFi) sector—DeFi transaction volume increased by 912% compared to the previous year. Many of the newly launched DeFi protocols have code vulnerabilities that hackers can exploit, believes Kim Grauer, head of research at Chainalysis. In 2021, 21% of all breaches were carried out using these code exploits, with 72% of stolen funds taken from DeFi protocols. Although third-party firms audit code and publicly identify which protocols are safe, many users still prefer to work with risky platforms that offer higher returns but may neglect security standards.
Will Cryptocurrencies Become Safer?
The record increase in thefts indicates that security issues have not been resolved since the creation of cryptocurrencies. All the most popular methods used by hackers in other fields have also migrated to the crypto segment. Phishing, keylogging (using software or hardware to spy on a user’s actions, such as keystrokes on a computer keyboard, mouse movements), social engineering, unauthorized access to private keys and source codes, rug pulls—these methods are nothing new. At the same time, the anonymity of the crypto market, once touted by its advocates, only benefits cybercriminals by making their identification more difficult.
Today, the main risks include vulnerabilities in smart contract code, threats to DeFi protocols, digital wallet vulnerabilities, and the risks of fraud and deception.
Addressing these vulnerabilities requires a more mature and conscious approach. Ensuring the security of networks as a whole, rather than individual projects, and focusing on technological and human factors are important steps in this direction. A more comprehensive approach to Web3 security and the integration of AI into protection systems can significantly increase their effectiveness, believes Cyvers’ CEO Deddy Lavid.
Today, countermeasures against hacker attacks have also become more effective. Various response strategies, including promptly freezing vulnerable contracts or quickly tracking stolen funds with subsequent freezing, and the work of decentralized security teams, which some DeFi projects have successfully implemented, have been able to respond quickly to threats and minimize them.
Thus, if the number of incidents and the total amount of losses significantly increased in the first half of this year compared to the same period in 2023, the amount of funds recovered from the hands of criminals also grew by almost 42%: from $138.9 million in the second quarter of 2023 to $197 million in the second quarter of 2024.
However, experts believe that this year, hackers will shift their focus away from decentralized projects—the largest targets for hacks will be centralized finance projects and platforms with centralized management (CeFi). These account for about 70% of incidents in terms of lost funds and the number of exploits, Deddy Lavid told Cointelegraph.