CertiK has shared its Web3 security quarterly report, Hack3D, which summarizes incidents that affected the crypto community during Q1 2024. According to the cybersecurity firm, in the first quarter of 2024, a staggering total of $502,522,934 was reported lost across 223 on-chain security incidents.
On the one hand, this figure marks a significant 54% surge in financial damage compared to the same period in 2023, which recorded losses amounting to $326 million. Although this is a rather unnerving trend, the comparison of the Q1 2024 figures to the previous quarter reveals a slight downturn with a 3.8% reduction from the $522 million losses incurred in Q4 of 2023.
Furthermore, CertiK emphasizes that a significant part of the lost funds was recovered.
"$77,970,073 of value was ultimately returned, with the majority of this figure coming from the Munchables incident," the team stresses, referring to one of the incidents in the series of three major exploits affecting the Blast mainnet launched on February 29.
"Blast, an Ethereum Layer 2 network, found itself at the center of a nearly catastrophic breach that prompted calls from many to roll back the entire chain before all the funds at risk were returned to Munchables, the affected platform," CertiK states in its report. The Web3 security team also notes that "there were three major attacks in March, with the second, most significant attempt targeting the Munchables project, threatening a total of $97 million in digital assets."
The Web3 game Munchables, which initially lost 17,413.96 ETH, worth approximately $63 million due to the manipulation of one of its contracts, managed to recover its funds.
CertiK assumes that "The collective efforts of the crypto community and perhaps the looming threat of exposure pressured the attackers into returning the stolen assets," adding that "The Munchables team confirmed the return of all assets, which were then transferred to a multi-signature contract."
The month that witnessed the greatest damage
According to CertiK’s data, March was the month when the greatest number of exploits took place this year so far, totaling 86 incidents. However, the actual financial damage experienced by the Web3 community during that period, amounting to $149,005,111, was considerably smaller than the losses caused by January incidents, which surpassed $193 million.
Meanwhile, despite a significantly lower number of incidents in February, which totaled only 59 exploits, the financial damage inflicted on the community that month was still greater than the damage experienced in March, amounting to $160,385,286.
The most affected chain
"Ethereum experienced the highest number of security incidents, with a total of 131 hacks, scams, and exploits leading to $139 million in losses," CertiK reports. The total damage experienced by this chain was also the largest last month.
Ethereum was followed by BNB, which experienced 36 exploits in March. However, the total losses on this chain, amounting to $26.4 million, were much lower than on networks like Ripple, which suffered financial damage of $112.5 million, and Blast, which suffered losses of $68.1 million.
The significant losses experienced by Ripple stemmed from a single security incident affecting Chris Larsen, the co-founder of Ripple. Larsen reported on January 30 that one of his personal XRP wallets, possibly alongside several others, had been compromised, leading to the illicit transfer of approximately 213 million XRP tokens.
Similarly, the large financial losses experienced by Blast also stemmed from a relatively small number of incidents. As mentioned earlier, merely three exploits accounted for $68.1 million in damage, although a significant amount of these funds was successfully recovered.
Arbitrum, which encountered thirteen exploits in March, and Solana, which endured seven attacks, were also among the most affected chains last month.
Incident statistics
"Private key compromises were once again the most costly attack vector, with $239,037,879 lost in just 26 incidents," CertiK states in its report, emphasizing that these figures align with the current trend, representing "nearly half of all financial losses, even though key compromises accounted for just 11.7% of all security incidents."
The significant losses experienced by the Ripple co-founder, discussed earlier, were the largest private key compromise experienced by the community in March. "Other significant breaches included the PlayDapp and FixedFloat incidents in mid-February, which led to losses of approximately $32 million and $26 million, respectively," CertiK adds.
The second most damaging type of exploit when it comes to financial losses was access control security breaches. Although CertiK calculated only fifteen incidents of this type in March, the monetary loss they inflicted reached almost $80 million. The damage caused by access control incidents is followed by thefts caused by exit scams, which led to total damage surpassing $68 million in March.
One of the exit scam incidents that happened in March turned out to be the third largest exploit that month according to CertiK’s data. This alleged exit scam affected the users of a cryptocurrency trading platform, Bitforex, which abruptly went offline on February 2, making numerous users unable to access or withdraw their funds. At the same time, a staggering $56.5 million worth of assets were siphoned out of BitForex wallets, spanning across Ethereum, Bitcoin, and Tron networks. These dubious activities were preceded by the resignation of Xinyao (Jason) Luo, the CEO, and founder of BitForex.
Phishing attacks were particularly prevalent in March, with at least 83 incidents causing a total loss of $64 million. However, the team behind Scam Sniffer, a specialized anti-scam solution, provided somewhat different statistics in its March Phishing Report.
Read also: Crypto Phishing Thefts Soar to $71 Million in March, Affecting Amost 78,000 Victims
"Crypto phishing scams hit $71M in March, marking a 50% increase in stolen funds from February," Scam Sniffer reported, claiming that "The first quarter of 2024 has seen a total of $173M lost to phishing scams."
The report by Scam Sniffer also highlighted a significant increase in phishing activities targeting popular networks like BNB and Base. Particularly, the Base chain witnessed a threefold increase in stolen funds, resulting in financial losses of approximately $3.36 million. Meanwhile, BNB suffered losses nearing $7 million due to phishing scams.
Among the primary tactics deployed by phishing scammers last month, Scam Sniffer listed deceptive comments and posts published by fake accounts. "Every day brings popular projects for them to mimic," Scam Sniffer explained, stressing that the anti-scam solution detected up to 1,517 fake accounts within just two weeks.
Despite the widespread incidents of exploiting code vulnerabilities in March, accounting for 47 security breaches, they led to similarly lower damage than other types of exploits, resulting in a loss of $42.6 million. Meanwhile, CertiK reports thirty cases of flash loan attacks causing a loss of $37.7 million.