This year, cryptocurrency hacks have increased in terms of total value stolen and number of attacks compared to last year. According to a recent report, the industry lost more than $2 billion in the last 12 months, more than half of which was allegedly stolen by North Korean hackers.
The crypto industry loses $2.2 billion to hacks
As the cryptocurrency industry has grown, so have the number of hacks and overall loss of value. 2024 marks the fourth consecutive year that funds stolen from cryptocurrency hacks have crossed the billion-dollar mark, and the fifth year overall that it has surpassed that number.
The latest chain analysis report revealed that hacker attacks remained stable in 2024, increasing by 21.07% year-on-year (y/y). Total value stolen rose to $2.2 billion, $400 million more than in 2023, the third-biggest year by that measure.
Moreover, 2024 became the year of the highest number of individual burglaries, reaching 303 incidents in December. This figure represents a 7% enhance from the 282 attacks that occurred in 2023, but Chainalytic highlights a noticeable change mid-year.
According to the report, the intensity of cryptocurrency hacks decreased after July, when the cumulative value stolen since January had already reached $1.58 billion. This figure was approximately 84.4% higher than the value stolen during the same period in 2023.
Number of crypto hacks enhance in 2024. Source: Chainalysis
Based on this, Chainalytic analysts felt that “the ecosystem was easily on track for a year that could compete with over $3 billion in 2021 and 2022.” Nevertheless, the upward trend slowed significantly in 2024 at the end of July, remaining relatively stable for the rest of the year.
Centralized exchanges (CEX) were the most frequently attacked platforms in the second and third quarters, recording some of the largest incidents in the history of the industry. The Bitcoin and WazirX DMM hacks claimed approximately $540 million between May and July, with the former being the third-largest cryptocurrency heist in history.
Decentralized finance (DeFi) platforms accounted for the largest share of stolen assets in the first quarter, as in most quarters in 2021-2023. Meanwhile, private key breaches were the largest type of compromise, accounting for 43.8% of incidents.
The report also noted that private key hackers turned to bridges and mixing services to launder ill-gotten funds, while hackers using other attack vectors preferred decentralized exchanges (DEX).
North Korean hackers take 60% of the stolen funds
According to Chainalytic, hackers from the Democratic People’s Republic of Korea (DPRK) stole more from cryptocurrency platforms in 2024 than in other years. This year, the total value stolen increased by 102.88% compared to 2023, from $660.5 million to $1.34 billion.
The number of incidents increased from 20 to 47 in 2024. These numbers represent 20% of all incidents and 61% of the total value stolen this year. Additionally, crypto attacks linked to North Korean hackers are becoming more repeated and profitable.
Attacks worth $50 million to $100 million and above that price range have been more common this year, “suggesting that the DPRK is getting better at mass exploits,” the report adds.
It is worth noting that over the past two years, North Korean exploiters have obtained less than $50 million in ill-gotten funds per incident:
When analyzing DPRK activity in comparison to all other hacks we measured, it is clear that DPRK has been consistently responsible for the majority of large-scale exploits over the past three years. Interestingly, in 2024, DPRK dominance at the top rung of the exploitation ladder has continued, but there is also an increasing density of DPRK hackers for smaller amounts, particularly those around $10,000.
Chainalytic highlights that North Korean IT workers have increasingly infiltrated cryptocurrency and Web3 companies, compromising networks, operations and integrity. However, it notes that most of the DPKR-related exploits occurred earlier in the year, and overall hacking activity remained steady in the third and fourth quarters.
Ultimately, the report suggested prioritizing “thorough employment due diligence (…) while maintaining robust private key hygiene to protect key assets, where applicable.”
Bitcoin's performance in the one-week chart. Source: BTCUSDT on TradingView
Featured image from Unsplash.com, chart from TradingView.com
