tl;dr
In 2024, cybersecurity firm Hacken reported that $1.7 billion worth of crypto assets were lost through the theft of private keys, which it identified as the most significant threat to crypto investors. The firm highlighted that access control exploits related to private key compromises accounted for...
html
Insights from 2024 Crypto Asset Hack Losses In 2024, cybersecurity firm Hacken reported that $1.7 billion worth of crypto assets were lost through the theft of private keys, which it identified as the most significant threat to crypto investors. The firm highlighted that access control exploits related to private key compromises accounted for nearly all crypto hack losses, a sharp increase from the previous year.
Hacken also outlined four reasons behind private key theft: insecure management platforms, social engineering campaigns, insecure data backups, and vulnerabilities in single-signature schemes of crypto wallets. The largest exploit of 2024 was the hack of Indian crypto exchange WazirX, where over $230 million worth of digital assets were stolen due to unauthorized fund movements from their wallets, despite employing a robust security system.
New data from cybersecurity firm Hacken reveals that $1.7 billion worth of crypto assets were lost through the theft of private keys in 2024. In its 2024 Web3 Security Report, Hacken says that the theft of private crypto keys remains the most significant threat to crypto investors. According to Hacken, the number of smart contract exploits pale in comparison to how often private crypto keys are stolen.
Private keys are strings of letters, words, and numbers generated by crypto wallets used to authorize transactions and prove ownership. They help encrypt data and assets to protect them from being stolen. The cybersecurity firm goes on to note four reasons why people tend to get their private keys stolen – using an insecure management platform, being tricked by social engineering campaigns, insecure backups of data, and vulnerabilities within single-signature schemes of crypto wallets.
According to Hacken, the largest exploit of 2024 was the hack of centralized Indian crypto exchange WazirX, which saw over $230 million worth of digital assets stolen. “Despite employing a robust multiparty security system, the exchange suffered a breach due to unauthorized fund movements from their wallets. WazirX utilized a Gnosis Safe multisig wallet requiring 4 out of 6 signatures for transactions. Five of the keys were managed by WazirX, while the sixth was held by Liminal, a digital asset custody provider. The attacker managed to manipulate the system, obtaining signatures from three WazirX signers and one from Liminal, allowing them to upgrade the wallet to a malicious contract and siphon off the funds.”