Phishing attacks and private key leaks led to $753 million in crypto theft in the Q3 report

According to a report from Certik, phishing attacks and private key exposure led to the theft of over $750 million in the third quarter of the year.

Certik is one of the industry's most trusted blockchain analytics companies and its quarterly report revealed that the industry lost $753,094,610 worth of crypto assets stolen by malicious actors through 155 security incidents.

Phishing attacks and private key leaks were the main causes of this loss. The total value of money lost by malicious actors increased 9.5% in the third quarter, despite fewer security breaches in the quarter.

This means that criminals in the industry are much better at targeting large caches of crypto assets and stealing more assets with fewer attempts.

Certik's Q3 data pushes the total value of crypto assets stolen by malicious actors in 2024 to over $2 billion, with the data showing a loss of $505.5 million across 224 attacks in the first quarter and 687, Showing $5 million in the second quarter.

According to Certik's data, phishing attacks caused the most damage in the third quarter of 2024, causing a whopping $343.1 million in losses across 65 incidents.

Certik commented on the threat of phishing and how it is used to trick victims into disclosing their sensitive information.

“These attacks typically involve malicious actors posing as legitimate entities to trick users into revealing sensitive information such as login credentials.” Certik explained.

Next to phishing, private key compromise was the second leading cause of high crypto asset theft in the third quarter. Private key compromises resulted in $324.4 million in losses across 10 incidents.

Other additional sources of security threats in the third quarter included code vulnerabilities, re-entry events and price manipulation, highlighting the urgent need for improved security protocols in the decentralized finance sector.

Ethereum remains the most targeted blockchain

Certik’s report found that Ethereum remained the most attacked blockchain ecosystem with $387.9 million stolen in 86 incidents. This puts Ethereum ahead of Bitcoin, which was also heavily targeted by hackers over the course of the year.

Criminals and cyber attackers stole $89,838,491.98 through hacks on other chains that are not Bitcoin or Ethereum.

What you should know

Private key compromise was the second largest vector in crypto hacks in the third quarter, underscoring the importance of responsible seed phrase practices to avoid losses. Your private key is the password for your crypto assets and only allows you to access your assets. Careless use of social engineering tricks or exposure to social engineering tricks can lead to significant wealth losses, as this Certik report shows.
Certik is a blockchain analytics company focused on on-chain security and documenting exploits in the industry.