In August 2024 over $313 million was lost to cyber thieves in a series of high-profile cyberattacks.
According to a report on X by blockchain security firm PeckShield, these breaches raise serious concerns about digital assets’ security and wider acceptance.
The Surge in Crypto Hacks
In August, cryptocurrency hackers executed more than 10 major cyberattacks, stealing $313.86 million worth of digital assets.
#PeckShieldAlert August 2024 witnessed 10+ hacks in the crypto space, resulting in ~$313.86 million in losses. The 2 largest hacks, both involving unauthorized transfers (#Phishing), accounted for 93.5% of the total stolen funds, amounting to $293.4 million.#Top 5 Hacks in… pic.twitter.com/lIAieHdUqt
— PeckShieldAlert (@PeckShieldAlert) September 1, 2024
Most of the stolen cryptocurrency ($293.4 million, or 93.5%) was taken through phishing attacks. Among the top five hacks of the month was an incident that involved a crypto whale who lost 4,064 Bitcoin, valued at approximately $238 million, on August 19 due to a phishing attack.
The stolen Bitcoin was quickly moved to various platforms, including THORChain, KuCoin, and Railgun, making tracing and recovering the funds challenging.
Another significant attack involved the theft of over $55 million worth of DAI stablecoin from another crypto whale, also through phishing.
Similarly, on August 6, the Ronin Network experienced an unauthorized transfer of 4,000 ETH, worth about $12 million. This attack was conducted by white hat hackers who returned most of the stolen funds.
Update:
The ETH (~$10 M) has been returned and we expect that the USDC will be returned later today. We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty.
The bridge will undergo an audit before it is…
— Ronin (@Ronin_Network) August 6, 2024
However, the network still suffered a loss of $5.1 million due to unauthorized transactions.
Other notable breaches included Nexera’s $1.8 million exploit, rounding out the top five hacks of the month.
Notably, the alarming figures from August represent an 18% increase in total assets lost to cybercriminals compared to July 2024, highlighting a growing threat to the cryptocurrency industry.
Broader Implications and Ethical Hackers’ Response
The surge in crypto hacks underscores the vulnerabilities within the digital asset ecosystem and raises questions about the broader acceptance of cryptocurrencies.
According to an Immunefi report released on August 29, the industry has lost $1.21 billion to hacks and rug pulls year-to-date (YTD) as of August 2024.
The most common scams include phishing attacks, pig butchering schemes, rug pulls, and exit scams.
Phishing scams remain the most prevalent, where attackers create fake websites to trick users into divulging their login credentials.
These tactics are not unique to the crypto world; they are also widely used in broader internet fraud schemes, including Business Email Compromise (BEC) scams.
Pig butchering scams are another growing concern involving scammers building long-term relationships with victims before convincing them to invest in fraudulent schemes, ultimately leading to losing their crypto assets.
In response to the escalating threat, a group of ethical hackers has formed the Security Alliance (SEAL), a specialized team dedicated to protecting the cryptocurrency industry from financial losses caused by hacks.
🔔 Paradigm's White Hat Hacker Samczsun Leads Crypto Security Initiative: Security Alliance
➡️ The Security Alliance, also known as SEAL Org, is a new crypto security operation created by white hat hacker Samczsun. It offers a 24/7 emergency hotline for crypto users affected by… https://t.co/1kHPRBlEzg
— Psquare Daily (@pSquare_Daily) February 15, 2024
Led by white hat hacker and Paradigm researcher Samczsun, SEAL has become a critical force in the industry’s defense, receiving over 900 hack-related tickets since its launch in August 2023.
The team’s efforts aim to strengthen security measures across the industry, prevent future breaches, and mitigate the impact of cyberattacks.