Losses from Crypto Scams, Hacks, and Exploits Increased by Approximately 21% Year-over-Year in 2024
According to cybersecurity firms, losses from crypto scams, hacks, and exploits increased by approximately 21% year-over-year in 2024. Threat actors paid particular attention to centralized services and private keys, indicating a significant shift in their tactics.
The Rise of AI-Driven Crypto Scams
While the development of artificial intelligence (AI) has brought numerous benefits, it has also enabled threat actors to create more sophisticated phishing schemes and automated attacks. This means that both CeFi platforms and DeFi protocols will have to keep upping their game in 2025 to stay ahead of these emerging threats.
The Centralized Finance (CeFi) Sector: A Target for Hackers
In 2024, the centralized finance (CeFi) sector was hit particularly hard, experiencing a nearly 1,000% year-over-year increase in incidents. This highlights the need for CeFi platforms to prioritize cybersecurity measures and protect their users’ assets.
Notable Hacks and Exploits of 2024
Some of the largest exploits of the year targeting centralized exchanges include:
- The hack on the Indian exchange WazirX in July, resulting in losses of $235 million
- The private key hack on the Japanese exchange DMM in May, resulting in losses of $305 million
- The private key leak on South Korean NFT and game development platform PlayDapp in February, resulting in losses of around $290 million
Decentralized Finance (DeFi) Network Hedgey Finance Exploited for $44 Million
In April 2024, the decentralized finance (DeFi) network Hedgey Finance was exploited for $44 million. This highlights the need for DeFi protocols to prioritize cybersecurity measures and protect their users’ assets.
Private Key Compromises: A Major Share of Stolen Crypto in 2024
Chainalysis found that private key compromises accounted for the largest share of stolen crypto in 2024, at 43.8%. This highlights the importance of secure private key management practices to prevent these types of attacks.
Lessons Learned from 2024’s Grim Cybersecurity Record
There are several lessons that can be learned from this year’s grim cybersecurity record:
- Multifactor authentication is crucial for protecting crypto assets for both individuals and companies
- Users must be extremely cautious of unsolicited communications and potential phishing attempts from entities impersonating exchange support personnel
- Cold storage and self-custody have been in the spotlight this year after MicroStrategy founder Michael Saylor sparked a debate about whether big banks should be custodying Bitcoin
Quantum Computing, AI Attack Vectors: Emerging Threats
Emerging threats like AI-driven attacks and quantum vulnerabilities highlight the need for proactive measures and stronger regulatory oversight to protect digital assets.
Attack Vectors to Expect in 2025
These would include:
- AI-powered threats such as sophisticated phishing, deepfake scams, and malware capable of evading detection
- Supply chain attacks
- Internet of Things vulnerabilities
- Cloud and API exploitation
- Quantum computing threats
The Long-Term Risk of Quantum Computing to Current Encryption Standards
Although still emerging, quantum computing poses a long-term risk to current encryption standards. This requires a proactive shift toward quantum-safe protocols.
By prioritizing cybersecurity measures and staying ahead of emerging threats, we can create a safer environment for cryptocurrency users and investors.
