Cryptocurrency hackers and exploiters might be poised for a more successful year in 2024, potentially surpassing their achievements in 2023.
In the first quarter of 2024, hackers stole digital assets valued at $542.7 million, a 42% increase compared to the same period in 2023.
The primary reason for this is hackers continually shifting their attack vectors and looking for easier targets, according to Mriganka Pattnaik, co-founder and CEO of crypto risk and intelligence platform Merkle Science.
Pattnaik told Cointelegraph:
“While smart contract vulnerabilities remain a concern, hackers increasingly target areas outside smart contracts, like private key leaks. These leaks, often due to phishing attacks or insecure storage practices, have led to significant losses.”
Phishing attacks involve hackers aiming to steal sensitive information like crypto wallet private keys. Other types of phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fraudulent address that looks similar to addresses they previously interacted with.
In May, a trader lost $71 million worth of crypto in the year's most high-profile phishing attack. The attacker tricked the trader into sending 99% of their funds to the attacker's address.
But in a curious turn of events, the unknown thief returned the $71 million to the victim over a week later when the incident attracted the attention of blockchain investigation firms and .he attacker's location was eventually established.
Related: Memecoin trader loses over $1M following Normie exploit
Smart contracts are becoming more secure, but hackers are looking for easier targets
Smart contract vulnerabilities used to be among the most targeted infrastructures by hackers.
However, according to Merkle Science's 2024 HackHub report, hacked funds lost to smart contract vulnerabilities fell 92% to $179 million in 2023, down from a staggering $2.6 billion in 2022.
Private key leaks are currently the biggest concern, according to Pattnaik:
“While smart contract vulnerabilities remain a security concern, a significant portion of financial losses are now attributable to attack vectors outside the realm of smart contracts. The biggest security concern right now is the rapid increase in losses due to private key leaks.”
Over 55% of the hacked digital assets were lost to private key leaks during 2023.
The reason behind the decrease in smart contract exploits is more advanced security tools combined with hackers vying for easier targets, said Pattnaik:
“New security tools are helping to identify and fix weaknesses in smart contracts before they can be exploited. Finally, hackers may be looking for easier targets that require less technical knowledge to exploit, such as stealing private keys.”
Related: Tether CEO warns of new wave crypto airdrop scam emails, CoinGecko potentially affected
Growing crypto valuations are attracting more hackers.
Cryptocurrency prices have appreciated significantly since the beginning of the year. According to CoinMarketCap data, the total market capitalization of all cryptocurrencies rose by 54% year-to-date (YTD).
Besides growing the potential bounty for exploiters, growing cryptocurrency prices are also attracting more hackers to the crypto space, according to Pattnaik:
“The surge in crypto asset values creates a tempting target for hackers, as successful exploits can net them significantly more stolen funds than the previous year.”
Over $574 million worth of digital assets were lost across 30 individual crypto hacks during May 2024, representing a 666% month-over-month increase, according to a June 1 X post by PeckShield.
Magazine: Caitlyn Jenner meme coin ‘mastermind’s’ celebrity price list leaked