More than $2.5 billion stolen in 2024 | PandaLY Web3 Security Annual Report

This year, hacker attacks and phishing scams increased significantly, with phishing losses soaring 140.66% year-on-year, with total losses reaching $2.513 billion. North Korean hackers stole $1.34 billion in 2024, up 102.88% year-on-year, accounting for 61% of the total stolen money for the year. The number of incidents increased from 20 in 2023 to 47, accounting for 20% of the total number of incidents.
Hash (SHA1):e27d3a91876168f2bee3c65d719eba4d48544131

No.: Lianyuan Security Knowledge No.148

In 2024, the global cryptocurrency ecosystem is still developing amid security risks. This year, hacker attacks and phishing scams increased significantly, with phishing losses surging 140.66% year-on-year, with total losses reaching $2.513 billion . Although the industry has strengthened its protection of blockchain security, fund thefts are still common, reflecting the urgency of strengthening technology and defense systems. [The following data is from Chainalysis and Beosin]

Overview of hacker attack trends in 2024

  1. The amount of theft hits a new high
    1. The amount of cryptocurrency stolen in 2024 reached US$2.513 billion, an increase of 21.07% year-on-year, making it the fifth year with a total amount of stolen funds exceeding US$1 billion.
    2. Hacker attacks: $1.792 billion (131 incidents)
    3. Rug Pull: $148 million (68 incidents)
    4. Phishing scams: $574 million
  2. The number of attacks increased from 282 in 2023 to 303, indicating that hacker activity continues to be high.
More than $2.5 billion stolen in 2024 | PandaLY Web3 Security Annual Report
Attack type distribution :
  • DeFi projects were attacked the most, accounting for 50.7%.
  • CEX suffered the largest loss, totaling $724 million .
  • The largest losses were caused by private key leaks, with 35 incidents resulting in losses of $1.306 billion .
  1. Significant changes in the medium term
    1. The amount of money stolen from January to July reached $1.58 billion, an increase of 84.4% year-on-year.
    2. After July, the growth in attack intensity and amount stagnated, which may be related to geopolitical events.

Review of major attacks

1. DMM Bitcoin was stolen

  • Date : May 31, 2024
  • Cost : $304 million
  • Attack method : private key leakage
  • Analysis : Attackers targeted vulnerabilities in the infrastructure used by DMM to conduct unauthorized withdrawal transactions

2. PlayDapp Attack

  • Date : February 9, 2024
  • Cost : $290 million
  • Attack method : private key leakage
  • Analysis : The hacker made profits by minting PLA tokens multiple times and tried to launder the assets through multiple exchanges.

3. WazirX phishing attack

  • Date : July 18, 2024
  • Cost : $235 million
  • Attack method : Multi-signature phishing attack to induce contract upgrade.

4. Gala Games Privileged Access Control Vulnerability

  • Date : May 20, 2024
  • Cost : $216 million
  • Attack method : Use the privileged addresses obtained by hackers to mint tokens.

5. Chris Larsen Wallet Attack

  • Date : January 31, 2024
  • Cost : $112 million
  • Attack method : private key leakage.
More than $2.5 billion stolen in 2024 | PandaLY Web3 Security Annual Report

Attack patterns by platform and method

  1. The changing roles of DeFi and centralized services
    1. DeFi platforms remained the main target in the first quarter, but after the second quarter, centralized services such as DMM Bitcoin and WazirX became the main targets of hackers.
    2. Private key theft is the main method, accounting for 43.8% of the total stolen amount.
  2. Funds Laundering Model
    Hackers tend to disperse funds through cross-chain bridges, DEX, and coin mixers. The use of traditional coin mixing tools has decreased, and the dispersed path of funds has increased the difficulty of investigation.
  3. Global anti-money laundering measures have been upgraded. The success rate of tracking and freezing stolen funds has increased to 21.13% , demonstrating the effectiveness of anti-money laundering tools and cross-institutional cooperation.
More than $2.5 billion stolen in 2024 | PandaLY Web3 Security Annual Report

Characteristics of North Korean hacker activity

  1. Both the amount and number of incidents increased. North Korea-related hackers stole $1.34 billion in 2024, up 102.88% year-on-year, accounting for 61% of the total stolen money for the year. The number of incidents increased from 20 in 2023 to 47, accounting for 20% of the total number of incidents.
  2. Evolution of attack scale: North Korean hackers frequently carry out large-scale attacks ranging from US$50 million to US$100 million and exceeding US$100 million, and small-scale attacks below US$50 million have also increased.
  3. Key case: DMM Bitcoin In May 2024, North Korean hackers stole $305 million worth of bitcoins from DMM Bitcoin through a private key management vulnerability. This incident revealed the inadequacy of centralized platform security protection.

The North Korea-Russia alliance and the changing pattern of attack

  1. Trend changes after the June 2024 summit
    1. After the summit, the average daily amount of money stolen by North Korean hackers dropped by 53.73%, while the amount stolen by non-North Korean hackers increased by 5%.
    2. It is speculated that this is related to North Korea's diversion of resources to the Ukrainian conflict, but further evidence is needed.
  2. Infiltration Strategies of IT Workers North Korea has infiltrated Web3 companies through remote work positions, using sophisticated tactics to steal assets and data, further expanding its reach.
More than $2.5 billion stolen in 2024 | PandaLY Web3 Security Annual Report

Summary and suggestions

  1. The industry needs stronger protection measures
    1. Strengthen private key management and identity authentication.
    2. Public-private collaboration to build more comprehensive security mechanisms.
  2. Monitoring North Korea and geopolitical developments
    1. Focus on tracking the impact that the North Korea-Russia alliance may have on future attack patterns.
    2. Be vigilant during the holidays and guard against high-risk attacks.

Future Outlook

As the blockchain ecosystem continues to expand, security will continue to face challenges. However, technological innovation and international cooperation are driving the construction of a stronger defense system. By improving tool capabilities, improving the regulatory environment, and raising awareness among practitioners, we have reason to look forward to a safer blockchain future.
Share to:

Author: 链源科技PandaLY

This article represents the views of PANews columnist and does not represent PANews' position or legal liability.

The article and opinions do not constitute investment advice

Image source: 链源科技PandaLY. Please contact the author for removal if there is infringement.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
5 hour ago
6 hour ago
7 hour ago
9 hour ago
9 hour ago
14 hour ago

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe

Curated Series

App内阅读