⚡ Crypto Scams and Hacks Hit Record Lows: CertiK Report
posted 2 Jan 2025
December 2024 showcased significant strides in the cryptocurrency industry's fight against fraud and cybercrime. According to blockchain security firm CertiK, losses from scams, hacks, and exploits fell to their lowest level of the year, amounting to $28.6 million.
Combining all the incidents in December we’ve confirmed ~$28.6m lost to exploits, hacks and scams. December’s losses are the lowest monthly losses we recorded in 2024,CertiK reported.
Breakdown of losses by incident type:
- Exploits: ~$26.7 million
- Flash Loan Attacks: ~$1.7 million
- Exit Scams: ~$0.2 million
The most significant incident in December occurred on the decentralized finance (DeFi) platform GemPad, where attackers exploited a vulnerability in the project’s smart contracts, stealing $2.1 million.
The second-largest breach took place within the FEG DeFi project, where a hacker took advantage of a flaw in the bridge system to siphon $1 million in FEG tokens. CertiK’s analysis revealed that the vulnerability stemmed from an error in the cross-chain message validation process.
Key Attack Vectors in the Crypto Sector
CertiK's report highlights the main attack vectors observed in December:
A Positive End to the Year
CertiK's analysis for 2024 demonstrates encouraging progress in the crypto industry's efforts to enhance protocol security, as reflected by December's historically low monthly losses. However, the total yearly damage remains significant, with DeFi vulnerabilities continuing to be a primary target for malicious actors.
While the industry has made strides in improving security measures, CertiK emphasizes the importance of further strengthening safeguards to reduce the risk of future incidents.
The second-largest breach took place within the FEG DeFi project, where a hacker took advantage of a flaw in the bridge system to siphon $1 million in FEG tokens. CertiK’s analysis revealed that the vulnerability stemmed from an error in the cross-chain message validation process.
Key Attack Vectors in the Crypto Sector
CertiK's report highlights the main attack vectors observed in December:
- Flash Loan Attacks: Significant losses were recorded by CloberDex ($501,278) and Clipper DEX ($450,811).
- Phishing Scams: Phishing attacks caused major financial damage, with one of the largest victims losing $7.87 million.
- Exploits: In addition to incidents at GemPad and FEG, major losses were reported by Vestra DAO and Spectral.
A Positive End to the Year
CertiK's analysis for 2024 demonstrates encouraging progress in the crypto industry's efforts to enhance protocol security, as reflected by December's historically low monthly losses. However, the total yearly damage remains significant, with DeFi vulnerabilities continuing to be a primary target for malicious actors.
While the industry has made strides in improving security measures, CertiK emphasizes the importance of further strengthening safeguards to reduce the risk of future incidents.
