cryptojournalist
The Web3 ecosystem faced a significant blow in 2024, with hackers stealing $2.3 billion across 165 incidents. This marks a 40% increase from 2023, fueled by vulnerabilities in centralized exchanges (CEXs) and custodians.
Key Drivers of the Surge
Access Control Breaches: These accounted for $1.9 billion (81% of total losses) across 67 incidents. Weak private key management and compromised multi-signature wallets were major contributors.
Smart-Contract Exploits: Responsible for $456 million (19% of losses) across 98 cases, these remain a critical attack vector.
Bitcoin’s Record Valuation: The surge in cryptocurrency prices, with Bitcoin surpassing $100,000 in December, made the sector an attractive target for hackers.
Historical Context
While the $2.3 billion lost in 2024 is alarming, it remains 37% below the record $3.78 billion stolen in 2022. However, the rising trend underscores the urgent need for better security measures.
Expert Insights
Deddy Lavid, CEO of Cyvers, emphasized the role of poor private key management and inadequate security systems in enabling these breaches. He urged the industry to adopt:
Offline Key Storage: Reduces the risk of online theft.
Real-Time Threat Monitoring: Helps detect and mitigate attacks early.
Education and Collaboration: Encourages widespread adoption of best practices.
Emerging Threats in 2025
North Korean hackers are expected to target U.S. Bitcoin ETFs (exchange-traded funds), according to Michael Pearl, VP of GTM Strategy at Cyvers. These ETFs, which store large amounts of Bitcoin, are likely to attract sophisticated attacks.
