$488.5M in stolen crypto recovered in 2018 PeckShield’s losses reach $3B by 2024

PeckShield's latest analysis shows that crypto-related security breaches are on the verge of a 2024 bull market.

Despite the grim statistics, recovery efforts have recovered hundreds of millions in stolen property.

Crypto losses in 2024

PeckShield's 2024 Crypto Security Annual Report shows that the year saw another surge in crypto-related breaches, with total losses exceeding $3.01 billion. Of this, $2.15 billion was obtained from hacking and $834.5 million was obtained from fraud, representing a 15 percent increase in losses compared to 2023.

Although the number of incidents that have occurred in the past three years has decreased, the financial impact is still high, especially in the financial sector, which is responsible for most of the losses. The report highlighted May as the worst month in 2024, with losses peaking at $662.2 million, followed by January at $440.8 million.

Among the top ones, the DMM Bitcoin breach resulted in a loss of $305 million, followed by the Playdeep exploit with a loss of $290 million. On a positive note, recovery efforts recovered $488.5 million in stolen assets.

Meanwhile, CertiK recently observed that crypto-related losses fell to $28.6 million in December – the lowest monthly figure of the year. Exploitation took in $26.7 million, with the Gamepad taking the biggest single loss at $2.14 million. While this is on the decline, phishing scams remain a significant threat, with the top victim losing $7.87 million.

Phishing is still a concern.

For example, hackers hacked the account of Animoka Brands CEO Yat Siu X by pushing a fake token and stealing $500,000 from crypto users. Meanwhile, a phishing campaign launched by SlowMist used fake zoom links to install malware that collected crypto wallet details, resulting in over $1 million in losses. The stolen funds were allegedly transferred to Russian-speaking groups on exchanges such as Binance and Gate.io to impersonate operations.

Recently, cyber security firm CrowdStrike identified attackers in a phishing campaign by impersonating the company with fake employment emails to infect victims with Monero cryptocurrency miner XMRig.

Phishing emails direct job seekers to download a fake “employee CRM app” from a fake CrowdStrike portal. Once installed, the malware uses minimal system resources to download the XMRig miner and perform download checks in the background to avoid suspicion.