Warnings Issued About Increasing Phishing Attempts by CertiK
In the digital landscape of 2024, the Web3 ecosystem encountered significant hurdles, with over $2.9 billion worth of crypto assets stolen across 760 incidents, according to the Hack3d Report by CertiK. This alarming figure represents a 31.61% increase from the previous year.
Phishing attacks emerged as the most frequent and costly attack vector, accounting for 132 incidents and resulting in the theft of approximately $410 million. Notably, phishing was the most costly attack vector, with over $1 billion stolen through 296 attacks.
The Hack3d Report also highlighted the most damaging attacks in terms of financial loss – wallet compromises. These incidents, occurring in just 34 instances, resulted in losses up to $1.7 billion.
Ethereum was the most targeted blockchain, with 175 incidents totaling $1.63 billion stolen, likely due to its leading role in DeFi and extensive smart contract activity.
One of the most notable incidents was the May attack on Japanese cryptocurrency exchange DMM Bitcoin, which resulted in the theft of 4,502 BTC, worth approximately $320 million at the time. However, specific details about the DMM Bitcoin incident or the organizations affected by the attack were not provided.
In the first half of 2025 alone, crypto investors lost $2.47 billion from various breaches, scams, and exploits, surpassing the total losses recorded in 2024.
The report also emphasised the persistent security risks in the Web3 space, such as phishing, wallet attacks, and smart contract exploits. It underlined the increasing use of AI combined with formal verification to enhance security audits and real-time monitoring of smart contracts.
In addition to phishing, the second most significant threat identified was private key compromise, leading to over $855 million in losses across 65 incidents.
Furthermore, North Korean hackers stole at least $1.34 billion worth of crypto assets in 2024, according to Chainalysis.
It's important to note that the real tally of phishing attacks is believed to be higher due to unreported incidents and other similar scams. In December 2024, DMM Bitcoin announced its liquidation, although specific details about the DMM Bitcoin incident or the organizations affected by the attack were not provided.
The Hack3d Report serves as a stark reminder of the challenges that lie ahead in the Web3 ecosystem and underscores the need for enhanced security measures and vigilance in the digital world. As phishing tactics are expected to evolve in 2025, potentially incorporating artificial intelligence, it's crucial for stakeholders to stay informed and proactive in safeguarding their digital assets.
[1] Source: Hack3d Report 2024 by CertiK [2] Source: The information about the DMM Bitcoin hack and the expected evolution of phishing tactics was reported by CertiK and further discussed with Cointelegraph [3] Source: [Referenced Article 1] [4] Source: [Referenced Article 2]
The escalating issue of phishing attacks in the Web3 ecosystem resulted in the theft of approximately $1.42 billion in 2024, making it a significant threat, as reported by the Hack3d Report by CertiK. In addition, the report highlighted the growing concern of private key compromises, leading to over $855 million in losses. As phishing tactics are expected to evolve in 2025, potentially incorporating artificial intelligence, it's crucial for stakeholders to prioritize enhanced cybersecurity measures and stay vigilant in safeguarding their digital assets, such as Bitcoin and those in the DeFi sector.
