Blockchain intelligence firm TRM published a report on crypto thefts from hacks and exploits in the first half of 2024 on Friday. The report reveals a significant increase in stolen funds, with the amount doubling compared to the same period in 2023.
“The latest numbers from TRM’s threat intelligence team show twice as much money has been stolen in hacks and exploits in the first half of 2024 compared to the same period in 2023,” the firm described, adding:
By June 24, 2024, hackers stole USD 1.38 billion, compared to USD 657 million this time last year.
“Similar to 2023, a small number of large attacks made up the lion’s share of the haul: the top five hacks and exploits accounted for 70% of the total amount stolen so far this year,” the firm continued, adding: “Private key and seed phrase compromises remain a top attack vector in 2024, alongside smart contract exploits and flash loan attacks.”
The largest attack in 2024 involved the theft of over 4,500 BTC from DMM Bitcoin, a Japanese cryptocurrency exchange, worth over $300 million. The exact cause of this attack remains unknown, with potential vectors including stolen private keys or address poisoning.
Monthly thefts in 2024 have exceeded those in 2023, with the median hack being 150% larger, TRM noted. Despite the increase, thefts are still a third below the record year of 2022. The rise in theft volumes is attributed to higher average token prices rather than changes in attack vectors or security fundamentals.
To mitigate such risks, the blockchain intelligence firm advised that crypto projects should implement a multi-layered defense strategy, including regular security audits, robust encryption, multi-signature wallets, secure coding practices, and fostering a security-aware culture. An effective incident response strategy, possibly including bounties for the return of stolen funds, is also crucial. A defense-in-depth approach, involving multiple, redundant security measures, is recommended for optimal protection against breaches.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
