There has been a significant reduction in losses from exploits, hacks, and scams in December compared to previous months.
The latest report by blockchain security company CertiK recorded a total of approximately $28.6 million in losses – the lowest monthly figure in 2024.
December Crypto Losses Are 2024’s Lowest
Exploits dominated the financial impact, accounting for $26.7 million, while flash loan attacks and exit scams contributed $1.7 million and $200,000, respectively. Among the flash loan attacks, the most notable incidents included CloberDex, which suffered $501,279 in losses, followed by Clipper DEX with $450,811 and MoonMaker with $319,320.
The largest single exploit in December targeted Gempad, with damages totaling a staggering $2.14 million. Other significant exploits included FBD, which lost $1.07 million, and Vesta DAO, $401,428. CertiK’s infographic revealed that December marks a sharp decline in overall losses, a stark contrast to peak months earlier in the year, where losses reached tens of millions monthly.
The report also highlighted the growing threat of phishing, with the top victim (address 0x751e) losing $7.87 million, making it one of the costliest phishing incidents of the year. Other phishing incidents ranged between $1.4 million and $2.8 million in individual losses.
Phishing Scams Persists
Earlier last month, a cryptocurrency user revealed they lost $300,000 in a phishing scam after clicking a malicious KakaoTalk meeting link shared via direct message on X. The link, which was suspected of installing malware, compromised multiple wallets, including Ethereum and Solana addresses. The attacker allegedly transferred the funds to a wallet tied to the BingX exchange.
More recently, Animoca Brands’ co-founder Yat Siu’s X account was hacked despite two-factor authentication (2FA). The attackers resorted to promoting a fraudulent token named “MOCA.” The phishing scheme, tied to Pump.fun, targeted over 15 crypto-focused accounts, stealing nearly $500,000.
Blockchain security firm SlowMist also uncovered a phishing campaign using fake Zoom meeting links to steal cryptocurrency. The scheme mimicked Zoom’s interface, which prompted many victims to download malware disguised as a meeting installation package. The malware then harvested sensitive data, including cryptocurrency wallet details, leading to losses of more than $1 million.
Hackers who were found to be potentially linked to Russian-speaking operatives reportedly laundered stolen funds across exchanges like Binance and Gate.io.
Read the full article here
