Malicious actors stole more than $750 million in various crypto-related hacks and scams during the third quarter, pushing total losses for the year to over $1.9 billion, according to CertiK’s quarterly Hack3d security report.
The losses were incurred in 155 separate incidents, showing a 9.5% rise in stolen funds compared to the previous quarter. However, there were 27 fewer incidents than in the second quarter.
According to the report, three major events were responsible for most of the funds stolen during the quarter. Two of the largest incidents were a $238 million phishing attack targeting a Bitcoin whale and a $231 million hack of India-based centralized exchange WazirX. The third largest incident involved an individual investor who fell victim to a phishing scam that resulted in a $55.4 million loss.
Meanwhile, roughly $30.9 million was recovered across nine incidents, lowering the adjusted net losses to around $722 million for the quarter.
Phishing remains a concern
Phishing attacks and private key compromises were the most dominant attack methods used by malicious actors during the third quarter.
Phishing alone caused losses exceeding $343 million in 65 cases. Typically, these scams involve attackers posing as trusted entities to deceive victims into sharing sensitive information like passwords.
Private key compromise ranked second, with over $324 million lost across 10 cases. In these scenarios, attackers gain control of private keys, allowing them to transfer funds without needing further authentication.
Other notable vulnerabilities involved code flaws, reentrancy bugs, price manipulation, and fundraising-related scams, among others.
Ethereum suffered most losses
Across blockchain networks, Ethereum saw the most security breaches, with 86 hacks and scams resulting in losses of over $387 million. The Bitcoin network followed, with $238 million stolen in a single phishing incident.
CertiK explained that the two top blockchain networks were the most targeted because of their “high transaction volume, large userbase, and TVL.”
Meanwhile, multi-chain platforms also suffered significant losses of around $90 million, while other blockchain networks like Binance Smart Chain (BSC), Cosmos, Scroll, Solana, Base, Blast, and Optimism accounted for the remaining incidents.
Mentioned in this article
Read the full article here