Web3 cyber threats surged in 2024, with losses exceeding $2.3 billion across 165 incidents, according to Cyvers. While 40% higher than the $1.69 billion lost in 2023, this year’s total losses were still $1.42 billion lower than the $3.78 billion recorded in 2022. Still, $1.3 billion in previously stolen funds was reportedly recovered during the year.
In its report summarizing key security trends in 2024, Cyvers said access control-related incidents (67) accounted for 81% of the $2.3 billion lost. About 98 smart contract exploits caused losses totaling $456.3 million. The report noted that one address poisoning incident resulted in a loss exceeding $68 million.
The first quarter of the year led in the number of incidents with 53 — about 37 smart contract exploits and 16 access control incidents. The second quarter had the next-highest number with 46 incidents, with access control-related incidents dominating. In fact, Q2 was the only quarter where access control incidents exceeded smart contract exploits. The last quarter of the year had the fewest security incidents, according to the report data.
When breaking down losses per attack vector over the past three years, the data shows losses associated with access control violations gradually increasing from $769 million in 2022 to $1.9 billion by the end of 2024. In contrast, losses linked to the exploit of code vulnerabilities in both 2023 and 2024 were much lower than the approximately $3 billion lost in 2022.
Notable incidents during the year included the DMM Crypto ($305 million) and Warizx ($235 million) hacks. The DMM Bitcoin incident eventually forced the Japanese crypto platform to shut down. The report identifies Ethereum as the most affected blockchain, with over $1.2billion in losses.
With cyber-attacks remaining a significant threat to the Web3 ecosystem, the Cyvers report also outlined steps that platforms must take to avoid becoming targets of hackers.
“The Web3 ecosystem faces unprecedented security challenges. Cyvers’ advanced
tools provide proactive defenses, fostering trust and resilience against evolving
threats. Platforms must adopt robust monitoring and prevention strategies to
safeguard assets and maintain user confidence,” the report said.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
