According to Odaily Planet Daily, Beosin Alert monitoring and early warning show that as of September 25, the total losses in the Web3 field in Q3 2024 due to hacker attacks, phishing scams and project party Rug Pull reached US$730 million.
Among them, there were 23 major attack incidents with a total loss of approximately US$430 million; there were 3 project party Rug Pull incidents with a total loss of approximately US$4.24 million; and the total loss of phishing scams was approximately US$295 million.
The project type with the highest loss was CEX. The three attacks on CEX caused a total loss of approximately US$297 million, accounting for 40.6% of the total loss amount of all attacks.
Ethereum remains the chain with the highest amount of losses and the most attacks, with 21 attacks and phishing incidents causing losses of US$348 million, accounting for 47.6% of the total losses.
In Q3, there were 5 private key leakage incidents, causing losses of US$305 million, accounting for 41.7% of the total attack losses, which was the highest proportion of attack types.
Only approximately $16.9 million in stolen funds have been frozen or recovered, and the vast majority (approximately 78.9%) of the stolen funds are still stored in the attacker's on-chain address.
Compared with the same period in 2023, the total losses caused by hacker attacks, phishing scams, and project party Rug Pulls in Q3 2024 decreased slightly to US$730 million (US$889 million in Q3 2023). Factors such as the decline in currency prices have a certain impact on the reduction in the total amount, but overall, the situation in the field of Web3 security is still not optimistic. Among the more than 20 attacks in Q3, 18 were still from contract vulnerability exploits.
