In 2024, the cybersecurity firm Cyvers released a Security, Fraud, and Compliance Report detailing the impact of cybercriminals on the crypto industry. According to the report, the industry lost over $2.361 billion to cyber threats in 165 incidents, representing a 40% increase from 2023. Access control incidents accounted for 81% of losses, leading to the theft of $1.9 billion across 67 incidents. Code vulnerabilities also enabled the loss of approximately $456.3 million across 98 incidents.
Despite the increase in fraud trends in 2024, the losses are 37% lower than the 2022 record of $3.78 billion. Ethereum emerged as the network most affected by the attacks, with over $1.2 billion in losses. Quarterly highlights from Cyvers show that smart contract vulnerabilities dominated incidents in Q1 2024, while the third quarter saw the highest losses totaling $790 million. Q4, on the other hand, recorded the lowest activity and losses with a 56% decline compared to the same quarter in 2023.
Some notable theft incidents in 2024 include a $305 million hack on the Japanese cryptocurrency exchange DMM Bitcoin, a $235 million hack on the Indian crypto exchange WazirX, and a $50 million loss by the DeFi project Radiant Capital. The Singaporean crypto exchange BingX was also exploited for $52 million in digital assets. Interestingly, over $1.3 billion was returned to affected projects in 2024, partially due to bug bounty programs.
Looking ahead to 2025, the industry may see a rise in new cyber threat trends such as quantum and artificial intelligence attacks as these technologies continue to advance. Additionally, there may be more cases targeting centralized finance (CeFi) entities, which remain vulnerable to heightened risks. Pig butchering scams, accounting for $3.6 billion in victim funds across over 150,000 addresses and 800,000 transactions, also pose a growing threat in the coming year.
In conclusion, the crypto industry faced significant losses due to cyber threats in 2024, with access control incidents and code vulnerabilities leading to the majority of losses. While fraud trends increased compared to the previous year, they were lower than the record set in 2022. With the rise of new cyber threat trends and the continued vulnerability of CeFi entities, the industry must remain vigilant in implementing robust security measures to protect against potential attacks. Additionally, the success of bug bounty programs in recovering lost funds highlights the importance of collaboration between security firms and cryptocurrency projects in combating cybercrime.
