Phishing scams emerged as the most costly security threat to the cryptocurrency industry in 2024, with attackers stealing over $1 billion worth of digital assets across 296 incidents, according to blockchain security firm CertiK’s latest Web3 security report.
Phishing: The Biggest Threat to Crypto Security
Phishing attacks typically involve hackers using fraudulent links to trick victims into divulging sensitive information, such as private keys to their crypto wallets. These scams accounted for the largest share of crypto-related thefts last year.
“Phishing was the most costly attack vector last year,” a CertiK spokesperson stated, adding that the actual figure may be higher when factoring in unreported cases and lesser-known scams like “pig butchering,” a tactic where scammers build trust before stealing funds.
Three of the 296 phishing incidents reported in 2024 resulted in losses exceeding $100 million. For example, in May, a single address-poisoning scam led to a trader losing $68 million worth of cryptocurrency. Address poisoning involves tricking users into sending funds to fraudulent addresses that closely resemble their intended recipients. Fortunately, in this case, the attacker returned the funds after 10 days, likely due to increased scrutiny from blockchain security experts.
Other Major Threats: Private Key Compromises
Beyond phishing, private key compromises ranked as the second-largest security threat in 2024, resulting in $855 million worth of stolen crypto across 65 incidents.
A CertiK representative warned that phishing tactics are expected to become even more sophisticated in 2025, especially with advancements in artificial intelligence.
The Broader Picture: Crypto Hacks in 2024
Despite the rise in phishing scams, the overall amount stolen in crypto hacks decreased by 52% compared to 2022, when $3.5 billion was stolen. However, crypto hacks still cost the industry $2.3 billion in 2024, marking a 40% increase from the $1.69 billion stolen in 2023, as reported by onchain security firm Cyvers.
Efforts to Combat Phishing and Hacks
Industry leaders and security teams are stepping up to counter phishing scams and other cyber threats:
- Security Alliance: An anti-hack initiative led by Paradigm researcher Samczsun has received over 900 hack-related tickets since its launch in August 2023.
- Binance: The world’s largest cryptocurrency exchange developed an “antidote” to combat the growing prevalence of address-poisoning scams.
- White Hat Efforts: Blockchain security firms and ethical hackers are playing a crucial role in identifying and mitigating phishing and hacking threats.
As phishing scams continue to evolve, the crypto industry faces a growing need for robust security solutions and regulatory safeguards. Experts predict that artificial intelligence will both enhance security tools and provide hackers with more advanced techniques, underscoring the importance of vigilance in the crypto space.
