Over $750 Million Stolen in Crypto Last Quarter Despite Drop in Hacks: CertiK

CN
Decrypt
Follow
6 hours ago

Cyber security firm CertiK revealed Tuesday that despite declining hacks across the crypto sector in the previous quarter, the total value thieves made off with soared.


In its latest Web3 security report, CertiK said hackers managed to siphon away $750 million across 155 incidents, bringing the year's total losses to nearly $2 billion.


It marks an approximate 9.5% increase in the value lost despite 27 fewer incidents compared to the previous quarter.


The report identifies phishing and private key compromises as the most prevalent attack vectors, accounting for $668 million in losses. Phishing alone caused $343 million in damages across 65 incidents. 


A standout case involved a Bitcoin whale who suffered a $238 million loss in August, making it the single most significant phishing attack for Q3. The attack compromised the whale's wallet, and although some funds were recovered by the community, most of the stolen amount remains unaccounted for.


Private key compromises were responsible for approximately $317 million in losses across just 10 incidents. The most notable private key attack was on WazirX, one of India’s leading crypto exchanges. 


In July, hackers exploited WazirX’s private key vulnerabilities, leading to the theft of $231 million across more than 200 cryptocurrencies, including Shiba Inu (SHIB), Ethereum (ETH), and Polygon (MATIC), making it one of the most major breaches in Q3.


A target on Ethereum’s back


Ethereum continues to be the prime target for attacks, with $387.8 million stolen across 86 incidents, far surpassing any other blockchain, the cyber security firm found.


Multichain hacks were also prominent, with $89.8 million stolen across several networks, revealing the potential risks associated with cross-chain functionality.


While phishing and private key compromises led the quarter in terms of value lost, other notable attack methods included code vulnerabilities and reentrancy exploits. 


Code vulnerabilities resulted in $39.6 million in losses over 44 incidents, while reentrancy attacks—which allow hackers to repeatedly withdraw funds before the system can update balances—accounted for $30.3 million in losses across five incidents.


The Q3 CertiK report reveals only 4.1% of stolen funds were recovered this quarter, a sharp decline from the 14.4% recovered in Q2. Despite fewer incidents, the average loss per hack reached $5.93 million, with the median loss at $120,529.


Immunefi, a bug bounty and security services platform, noted a major drop in crypto-related losses in August., as previously reported by Decrypt.


The report revealed total losses amounted to just $15 million across five incidents, marking the lowest monthly total year-to-date and a 94.5% decrease from July’s figures.


Edited by Sebastian Sinclair


免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To
Download

X

Telegram

Facebook

Reddit

CopyLink