The latest CertiK Web3 Security Report reveals that $1.19 billion has been lost to onchain security incidents in the first half of the year, prompting the need for improved security measures.
The report highlights that most of the losses were attributable to phishing attacks and private key compromises — phishing accounting for almost $498 million.
In a written Q&A with Cointelegraph, Ronghu Gu, co-founder of CertiK, articulated the need for multifactor authentication, such as 2-Factor Authentication (2FA) and “security keys.”
“All wallets with significant funds should be interacted with using a hardware wallet or similarly-secure and well-designed key management solution.”
Related: Crypto phishing attacks reached ‘alarming levels’ — CertiK co-founder
H1 hack attack
Among the security breaches this year, the DMM Bitcoin attack joined the most significant hacks in history, losing $304 million and marking the biggest hack in Q2.
The Japanese crypto exchange experienced a breach that resulted in the theft of 4,502.9 Bitcoin (BTC), leading to the platform’s enhanced security measures to prevent future thefts.
Another incident with the Turkish crypto exchange BtcTurk involved a cyberattack that targeted hot wallets, resulting in a $90 million loss.
Gu informed Cointelegraph that the latest breaches show that “attackers are still out there” aiming to test the defense of custodians of large sums of crypto.
“It’s important to put proactive measures in place, as well as a highly-reactive response team for when an incident occurs.”
Related: Trader loses $68M in address poisoning scam
FIT21 introduces regulatory hope
Amid the losses experienced through the year's first half, the regulatory framework bill FIT21 was introduced and passed in the United States (U.S.).
The FIT21 bill aims to improve consumer protections and support crypto sector innovation through its comprehensive regulatory digital asset framework.
The bill received bipartisan support and is expected to create a safer and better-regulated environment for digital asset exposure in the U.S.
Gu added that the FIT21 bill “will likely attract more institutional investors and drive greater compliance efforts and requirements across the industry.”
Related: Crypto hacks down by 54.2% in June, $176M lost in a month
Lessons learned and crime trends
Although CertiK’s report paints a concerning picture of Web3 security’s current state, Gu explains that “the trend is not pointing downward.”
Despite Gu’s perspective and crypto hacks causing the loss of nearly $385 million in May, exploits and hacks fell by 54.2% in June.
According to PeckShield data, $176.2 million was lost to crypto hacks in June, a marked reduction from May.
Gu told Cointelegraph that the magnitude of losses could be “just a part of the industry” for now but that there are also “simple measures” all users can take to protect themselves, like 2FA.
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K