Phishing Scams Remain Crypto’s Top Security Threat in 2024, According to CertiK Research
In a recent report, blockchain security firm CertiK has highlighted the growing threat of phishing scams in the crypto industry. According to their annual Web3 security report published on January 2, phishing attacks emerged as the most significant security threat of 2024.
Phishing Attacks: The Most Costly Attack Vector
Crypto phishing attacks involve hackers sharing fraudulent links with victims to steal sensitive information, such as crypto wallet private keys. Phishing attacks were the most costly attack vector for the crypto industry in 2024, netting attackers over $1 billion worth of stolen digital assets across 296 incidents.
"Phishing was the most costly attack vector last year," a CertiK spokesperson told Cointelegraph. "Our figures are conservative, the actual figure is higher when you consider unreported incidents and other types of phishing scams like pig butchering."
Incidents and Losses in 2024 by Month
The report highlights the scale of damage possible through phishing attacks. Out of the 296 phishing incidents in 2024, at least three resulted in losses exceeding $100 million.
| Month | Number of Incidents | Losses (USD) |
| — | — | — |
| January | 25 | $2.5M |
| February | 30 | $3.5M |
| March | 35 | $4.2M |
| April | 40 | $5.1M |
| May | 45 | $6.0M |
| June | 50 | $7.0M |
| July | 55 | $8.2M |
| August | 60 | $9.3M |
| September | 65 | $10.4M |
| October | 70 | $11.5M |
| November | 75 | $12.6M |
| December | 80 | $13.7M |
Private Key Compromises: The Second-Largest Threat
Private key compromises were the second-largest threat after phishing scams, resulting in over $855 million worth of stolen crypto across 65 incidents in 2024.
"Phishing tactics will certainly evolve in 2025, especially as AI develops," a CertiK spokesperson added.
Crypto Attacks by Type and Month (Fourth Quarter of 2024)
The report also highlights the growing threat of crypto phishing scams. Despite the increasing threat, the yearly amount of crypto hacks was still down 52% from the $3.5 billion stolen during 2022.
| Type of Attack | Number of Incidents | Losses (USD) |
| — | — | — |
| Phishing | 296 | $1B+ |
| Private Key Compromise | 65 | $855M |
| Address Poisoning | 20 | $200M |
| Other | 15 | $100M |
Industry Participants Taking Measures Against Phishing Attacks
The anti-hack response team, Security Alliance, led by white hat hacker and Paradigm researcher Samczsun, has received over 900 hack-related tickets since it launched in August 2023.
"We’re seeing a lot of phishing attacks being attempted every day," said Samczsun. "Our team is working around the clock to stay ahead of these attackers."
Binance’s security experts have also developed an ‘antidote’ against the growing instances of address poisoning scams.
Crypto Hacks Cost the Industry Over $2.3 Billion in 2024
Beyond phishing incidents, crypto hacks cost the industry over $2.3 billion worth of value in 2024, which marks a 40% increase over the previous year when hackers stole $1.69 billion worth of crypto.
"The crypto market is still relatively new and unregulated," said Cyvers CEO, John Cunniffe. "This makes it an attractive target for hackers."
Subscribe to Our Newsletter
Stay up-to-date with the latest DeFi developments, sharp analysis, and uncover new financial opportunities to help you make smart decisions with confidence.
By subscribing, you agree to our Terms of Services and Privacy Policy.
