In its latest Web3 Security Report, the cyber security firm CertiK revealed a sharp increase in the total value of stolen funds in Q3, reaching $753 million across 155 incidents. Despite a decrease in the number of hacks compared to the previous quarter, attacks have grown more severe, with phishing and private key compromises being the most prevalent attack vectors. Phishing alone caused $343 million in damages across 65 incidents. One standout case involved a Bitcoin whale who suffered a $238 million loss in a phishing attack, making it the single most significant attack in Q3.
Private key compromises also caused significant losses, with approximately $317 million stolen across just 10 incidents. The most notable attack in this category targeted WazirX, India’s leading crypto exchange, resulting in the theft of $231 million across more than 200 cryptocurrencies. Despite the decrease in the number of incidents, only 4.1% of stolen funds were recovered in Q3, a sharp decline from the previous quarter. The average loss per hack reached $5.93 million, indicating the severity of the attacks.
The report highlighted the Ethereum network as a consistent prime target for hackers, with $387.8 million stolen across 86 incidents, far surpassing any other blockchain. The report also noted potential risks associated with cross-chain functionality, with $89.8 million stolen across several networks. Code vulnerabilities that facilitate Ethereum hacks resulted in $39.6 million in losses, while Reentrancy attacks, allowing hackers to repeatedly withdraw funds, accounted for $30.3 million in losses.
Despite these significant losses, CertiK remained optimistic about the Ethereum network, referencing the approval of spot Ethereum ETFs as a reflection of growing institutional interest in secure digital assets. BlackRock’s ETHA fund recently exceeded $1 billion in total net asset value just two months after its launch, signaling a potential shift in the institutional landscape towards digital assets. On-chain activity on Ethereum has shown signs of a steady recovery from the crypto bear market, with an uptick in Total Value Locked and new wallet addresses over 2024.
The report also noted a consistent growth in on-chain solutions for trading, lending, and governance, as traders seek alternatives to centralized platforms. CertiK credited this growth to the overall ecosystem expansion, which comes with increased risk of exploits. Despite the challenges posed by the rising number and severity of attacks, the report suggests that the growing interest from institutional investors and the steady recovery of the Ethereum network indicate a positive trajectory for the digital asset industry.
