- Crypto losses grew quarter on quarter through last year, with the third quarter being the most harmful, with an estimated $669 million in losses.
- An initial report from Web3 security company PeckShield threw light on the crypto attacks and scams that went over 15% in the last year.
- Recovery efforts punched mixed results, with $620 million claimed in the first quarter and $562 million in the second quarter.
The State of Web3 security in 2024 report released by Cyvers states that around 51% of the stolen funds came from Ethereum-based projects, mainly because of its role as the supreme blockchain for DeFi and its broad liquidity.
The second most attacked blockchain was BNB Chain, which estimated at 24% of losses, at the same time Bitcoin, XRP, and Arbitrum estimated 5%, 4%, and 3% respectively. Access control exploits are estimated at 81% of the overall funds lost in the last year, associated with weak authentication and permission mechanisms.
The significant losses
Smart contract exposures account for 19% of the losses, using loopholes in code to siphon funds. The three leading Web3 attacks of this year included the $305 million DMM Bitcoin exploit, and the $290 million PlayDapp breach.
Every incident is initiated from exposure in the access control mechanism. Other multi-million dollar events consist of the use of Ethereum-based Muchables, which lost $97 million after a rouge developer manipulated smart contract vulnerabilities.
At the same time, address poisoning hacks are estimated at about $68 million in losses. Several Web3 projects still do not execute proper security protocols to safeguard user assets. Even a sole defect in a smart contract can be fatal, and last year was proof of that, as per the report.
Crypto losses grew quarter on quarter through last year, with the third quarter being the most harmful, with an estimated $669 million in losses. The fourth quarter witnessed the least number of incidents, with losses estimated to be $130 million.
Recovery efforts punched mixed results, with $620 million claimed in the first quarter and $562 million in the second quarter. However, recoveries slumped sharply in the latter half of the year, with just $93 million recuperated in the third quarter and $25 million in the fourth quarter.
The report further mentioned that at the same time, early mediation can help retrieve stolen assets, and delays frequently permit funds to be abandoned before authorities and security teams can act.
To counter the growing risks, Cyvers begged for the standardization of steady monitoring and real-time exposure testing and advocated for the utilization of AI-backed detection mechanisms.
An initial report from Web3 security company PeckShield threw light on the crypto attacks and scams that went over 15% in the last year. Also, the decentralized finance protocols were the main target.
