Malicious actors stole more than $750 million in various crypto-related hacks and scams during the third quarter, bringing total losses for the year to more than $1.9 billion, according to the quarterly report on Hack3d security from CertiK.
Losses were incurred in 155 separate incidents, showing a 9.5% increase in stolen funds compared to the previous quarter. However, there were 27 fewer incidents than in the second quarter.
According to the report, three major events accounted for most of the stolen funds during the quarter. Two of the largest incidents were a $238 million phishing attack targeting a Bitcoin whale and a $231 million hack of India-based centralized exchange WazirX. The third largest incident involved an individual investor who fell victim to a phishing scam that resulted in a loss of $55.4 million.
Meanwhile, approximately $30.9 million was recovered in nine incidents, bringing adjusted net losses to approximately $722 million for the quarter.
Phishing remains a concern
Phishing attacks and private key compromises were the most common attack methods used by malicious actors during the third quarter.
Phishing alone caused losses exceeding $343 million in 65 cases. Typically, these scams involve attackers posing as trusted entities to trick victims into sharing sensitive information such as passwords.
Private key compromise comes in second, with more than $324 million lost in 10 cases. In these scenarios, attackers take control of private keys, allowing them to transfer funds without the need for additional authentication.
Other notable vulnerabilities included code flaws, re-entry bugs, price manipulation, and fundraising scams, among others.
Ethereum suffered the most losses
Of all blockchain networks, Ethereum has experienced the most security breaches, with 86 hacks and scams resulting in losses of over $387 million. The Bitcoin network followed, with $238 million stolen in a single phishing incident.
CertiK explained that the two major blockchain networks were the most targeted due to their “high transaction volume, large user base and TVL.”
At the same time, multi-chain platforms also suffered significant losses of around $90 million, while other blockchain networks like Binance Smart Chain (BSC), Cosmos, Scroll, Solana, Base, Blast and Optimism are responsible for the remaining incidents.
