The blockchain industry continued to face significant security challenges in the third quarter of 2024. According to Certik’s Q3 Security Report, there were 155 security incidents during this period, resulting in total losses of $753.09 million. Compared to Q2 2024, although the number of incidents decreased by 27, the amount of losses increased by 9.5%. These figures indicate that while the frequency of security incidents has decreased, the average loss per incident has risen, reflecting the increasing complexity and sophistication of attack methods. Large-scale phishing attacks and private key leaks, in particular, have caused substantial losses for users and businesses, raising widespread concerns within the industry regarding security issues.
Analysis of Security Incident Types and On-Chain Distribution
In the third quarter, phishing attacks were the most prevalent, involving 65 incidents and causing approximately $343.09 million in losses. These attacks often exploit user negligence, impersonating legitimate websites or wallets to steal users' private keys and sensitive information. Additionally, private key leaks represented another significant threat, resulting in $324.4 million in losses from just 10 incidents, each with considerable financial damage, highlighting their high destructive potential. Besides these primary types, other attack methods, including smart contract exploits and exchange hacks, also impacted the market during this quarter.
Among these security incidents, attacks on the Ethereum chain were the most frequent, with 86 incidents and total losses of $387.89 million, closely tied to its status as one of the most active blockchain platforms. Additionally, Bitcoin saw the largest loss in a single incident, with a whale wallet breach in August causing a massive loss of $238 million. The phenomenon of multi-chain attacks also stood out, with 7 incidents across multiple chains, resulting in nearly $90 million in losses, indicating that attackers are expanding their targets beyond a single blockchain.
The Long Road Ahead for Industry Security
The overview of blockchain security incidents in Q3 2024 highlights the diversity of attacks and the varying destructive power of different types. Compared to traditional technical vulnerabilities, phishing attacks and private key leaks occurred more frequently and caused greater financial damage. This underscores the continued weaknesses in information security education and prevention among users and businesses. Meanwhile, as blockchain infrastructure supports large-scale user engagement and capital flows, it faces heightened risks of attacks.
The overall situation this quarter also revealed an important trend: the development of multi-chain interoperability and the expansion of the Bitcoin ecosystem have provided attackers with more targets and opportunities. While the growth of on-chain activities helps to drive market and ecosystem dynamism, it also offers hackers and malicious actors a broader attack surface. This necessitates a strong focus on cybersecurity as technological innovation and application scenarios expand.