Beosin Alert monitoring and early warning shows that as of September 25, the total losses in the Web3 field in Q3 2024 due to hacker attacks, phishing scams and project party Rug Pull reached US$730 million. Among them, there were 23 major attack incidents with a total loss of approximately US$430 million; 3 project party Rug Pull incidents with a total loss of approximately US$4.24 million; and the total loss of phishing scams was approximately US$295 million.

In terms of the types of projects attacked, CEX suffered the highest losses. The three attacks on CEX caused a total loss of approximately US$297 million, accounting for approximately 40.6% of the total loss amount from all attacks.

In terms of the amount of losses on each chain, Ethereum is still the chain with the highest amount of losses and the most attacks. 21 attacks and phishing incidents on Ethereum caused a loss of $348 million, accounting for about 47.6% of the total losses.

In terms of attack methods, there were 5 private key leakage incidents in Q3, causing losses of US$305 million, accounting for about 41.7% of the total attack losses, which is the highest proportion of attack types.

In terms of fund flows, only about $16.9 million of stolen funds have been frozen or recovered. The vast majority (about 78.9%) of the stolen funds are still stored in the attacker's on-chain address.

Compared with the same period in 2023, the total losses caused by hacker attacks, phishing scams, and project party Rug Pull in Q3 2024 decreased slightly to US$730 million (the figure was US$889 million in Q3 2023). Factors such as the decline in coin prices in Q3 2024 have a certain impact on the reduction in the total amount, but overall, the situation in the field of Web3 security is still not optimistic. Among the more than 20 attacks in Q3, 18 still came from contract vulnerability exploits. #BTC