Hackers stole over $2.3 billion in cryptocurrency in 2024, a 40% increase from 2023, primarily due to access management vulnerabilities at exchanges.
2024 witnessed a significant increase in cyberattacks in the cryptocurrency sector, raising concerns about the security and widespread acceptance of the industry.
According to a report from the on-chain security company Cyvers, the total value of stolen assets has reached over $2.3 billion, far exceeding the $1.69 billion figure from 2023, equivalent to a growth rate of 40%. This increase occurs against the backdrop of a significant rise in the overall value of cryptocurrencies, especially Bitcoin, which first surpassed the $100,000 mark on December 6.
Total annual loss amount. Source: Cyvers
This staggering figure, while alarming, is still 37% lower than the record $3.78 billion stolen in 2022. However, the trend of increased attacks remains a serious issue that needs to be addressed. According to Cyvers' analysis, a total of 165 attacks have been reported in 2024.
Access management vulnerabilities: Top threat
Mr. Deddy Lavid, co-founder and CEO of Cyvers, pointed out that the main cause of the increase in damage is due to vulnerabilities in access management, especially at centralized exchanges (CEX) and cryptocurrency custodians.
Incidents often involve compromised private keys and weak key management systems, notably hacks related to multi-signature wallets. Access management vulnerabilities account for an overwhelming share of the total stolen amount, with $1.9 billion (over 81%) stolen through 67 attacks.
Money loss per attack method. Source: Cyvers
In addition, vulnerabilities in smart contracts also contribute to the damage, with $456 million stolen through 98 attacks, accounting for 19% of the total value. This indicates that besides enhancing security for access management systems, auditing and fixing vulnerabilities in smart contracts is also a crucial factor in ensuring the security of the cryptocurrency ecosystem.
The amount lost for each attack method. Source: Cyvers
To prevent 2025 from experiencing similar damages, Mr. Lavid recommends that the cryptocurrency industry prioritize stronger security measures. Specifically, managing private keys with offline storage and a real-time threat monitoring system are solutions that need to be implemented. Additionally, enhancing education, collaboration, and innovation in the field of security also plays an important role in building a safer Web3 ecosystem.
Furthermore, the industry must remain vigilant against new threats. Mr. Michael Pearl, Vice President of GTM Strategy at Cyvers, warns of the possibility of North Korean hackers shifting their targets to Bitcoin spot ETFs in the U.S.
According to Mr. Pearl, these ETFs hold a large amount of Bitcoin and will undoubtedly become targets for hacker groups. This warning further emphasizes the importance of enhancing cybersecurity in the context of the increasingly developing cryptocurrency market that is attracting the attention of criminal organizations.
The FBI has also issued warnings about this threat, urging financial institutions to enhance vigilance and implement necessary security measures to protect customers' assets.
