Key Points
In 2024, a Web3 security company, Cyvers, reported that “pig butchering” scams posed the greatest threat to crypto users, resulting in losses of $3.6 billion.
Cyber Attacks on the Rise
The report shows a 40% yearly increase in cyber attacks in 2024 compared to 2023, with 165 incidents leading to $2.3 billion in damages.
Despite this, the total was still 37% lower than the peak of fraud in 2022.
However, there was a surge in complex schemes and breaches this year.
The majority of the damage was caused by access control breaches, with 67 incidents amounting to $1.9 billion.
Other attack vectors included smart contract vulnerabilities, which led to losses of $456.8 million across 98 incidents, and address poisoning assaults, which resulted in a single major case costing $68.7 million.
These attack methods highlight the existing loopholes in blockchain networks and decentralized applications that scammers continue to exploit.
Ethereum (ETH) was the primary blockchain network used by scammers, accounting for most of the crypto fraud losses.
According to Cyvers, the data involved approximately 150,000 addresses and 800,000 fraudulent transactions.
The ease of access to the blockchain was identified as a key factor in these fraudulent schemes, enabling scammers to send over 100,000 small inducement payments to victims as part of their grooming methods.
Deddy Lavid, CEO of Cyvers, believes that educating users about these incidents is crucial to combat access control breaches.
He also emphasized the need for greater transparency in exchange operations and increased user vigilance to lower the success rate of these frauds.
“Pig butchering” refers to a method used by scammers to groom victims through repeated contact, often starting with unsolicited messages that lure them into fraudulent crypto schemes.
Once trust is established, scammers deploy smaller amounts of cash to extract larger sums, often in Tether (USDT) through less transparent exchanges like Binance, HTX, OKX, Crypto.com, and Coinbase.
The illicit cash is typically laundered through decentralized and centralized exchanges before being cashed out.
In 2024, some of the most significant attacks included WazirX, which lost $235 million due to a vulnerability in its multi-sig wallet system, making it one of the largest hacks of the year.
DMM Exchange was also hacked, losing $305 million when attackers compromised a private key in the platform’s Bitcoin (BTC) hot wallet.
This was another high-profile breach.
Additionally, hackers compromised devices used to access the platform, resulting in a $50 million loss for Radiant Capital.
In contrast, BingX lost $52 million worth of funds when attackers gained access to the exchange’s hot wallets and transferred funds across multiple networks.
These incidents exposed the recurring vulnerabilities of many crypto exchanges.
Despite these losses, there was some progress in recovery efforts.
In 2024, approximately $1.3 billion was returned to victims, primarily through on-chain detectives like ZachXBT and bug bounty programs.
The first quarter of 2024 saw the highest number of incidents in the year, with 53 incidents.
The largest amount, approximately $760 million, was lost in Q3 2024, while Q4 had the lowest activity and losses.
