YEREVAN (CoinChapter.com) — Phishing scams emerged as the most significant security threat to the cryptocurrency industry in 2024, according to blockchain security firm CertiK. Attackers stole over $1 billion across 296 incidents, as outlined in CertiK’s annual Web3 security report published on Jan. 2.
These scams involve fraudulent links designed to trick victims into sharing sensitive information, such as private keys. CertiK highlighted that the actual financial impact could be higher, considering unreported incidents and variations of phishing attacks, such as “pig butchering.”
Among the incidents, at least three phishing scams led to losses exceeding $100 million each. For instance, in May, a trader lost $68 million through an address-poisoning scam, where attackers used deceptive wallet addresses. The stolen funds were later returned after 10 days, likely due to pressure from security firms monitoring the situation.
Private Key Theft: A Persistent Issue
Private key compromises ranked as the second most damaging threat in 2024. Hackers exploited vulnerabilities to steal over $855 million in 65 incidents, according to CertiK. Private keys, essential for accessing cryptocurrency holdings, remain a primary target for cybercriminals.
CertiK’s report underscored the potential for phishing techniques to evolve further in 2025, potentially leveraging advancements in artificial intelligence. These developments pose challenges for security measures as attackers refine their methods.
Despite the rising complexity of attacks, CertiK noted a 52% decline in the total value of crypto stolen compared to 2022, when $3.5 billion was lost to hackers.
Industry Efforts to Combat Crypto Scams
Efforts to address phishing and other crypto scams are ongoing. The Security Alliance, a team led by Paradigm researcher Samczsun, handled over 900 hack-related cases since its launch in August 2023.
Additionally, major crypto exchanges, such as Binance, introduced measures to prevent address-poisoning scams. These proactive steps aim to reduce vulnerabilities and protect user funds.
Hacking Losses Reach $2.3 Billion in 2024
Beyond phishing, broader crypto hacks caused over $2.3 billion in losses in 2024, marking a 40% increase from the $1.69 billion stolen in 2023. These figures, reported by onchain security firm Cyvers, highlight the growing need for robust security solutions in the crypto space.
CertiK’s data reflects the evolving nature of crypto security threats. As phishing scams and private key compromises persist, industry players are intensifying efforts to mitigate risks and safeguard digital assets.
