The world of cryptocurrency security took a major hit in 2024, as hackers ransacked the Web3 ecosystem, stealing a staggering $2.3 billion worth of digital assets. This marks a sharp 40% increase in crypto-related heists compared to the previous year, highlighting ongoing vulnerabilities in the system despite efforts to secure the space. As Bitcoin hit new all-time highs—surpassing $100,000 for the first time in December—the crypto world became an even juicier target for cybercriminals.
A 40% Yearly Surge: Hackers Go Big
The numbers tell a concerning story. Over 165 hacking incidents were reported in 2024, with a combined total of $2.3 billion in stolen crypto. This is a 40% increase from 2023, which saw $1.69 billion worth of digital assets swiped. According to on-chain security firm Cyvers, this increase was largely driven by one major factor: growing access control vulnerabilities, especially at centralized exchanges (CEXs) and cryptocurrency custodians.
Deddy Lavid, co-founder and CEO of Cyvers, explained that these hacks were often facilitated by compromised private keys and poor key management systems. High-profile attacks, like those targeting multi-signature wallets, have highlighted the severe risks that the crypto ecosystem faces when it comes to safeguarding digital assets.
While the 2024 total is worrying, it’s still 37% below the all-time record of $3.78 billion stolen in 2022. Still, the rising trend suggests that the industry needs to seriously reconsider its security practices to avoid even more damaging attacks in the future.
Access Control Breaches: The Biggest Culprit
Out of the $2.3 billion in stolen funds, a whopping $1.9 billion—over 81% of the total—was due to access control breaches. These types of vulnerabilities are primarily associated with poor private key management, and they accounted for 67 of the 165 hacking incidents.
Smart contract exploits, which have become an increasingly common attack vector, were responsible for the second-largest share of the loot. These exploits led to $456 million in losses across 98 separate incidents, making up 19% of the total stolen in 2024.
While the losses are significant, experts argue that this doesn’t need to be the status quo. Cyvers’ Lavid is pushing for the industry to adopt more robust security practices, including better private key management with offline storage and real-time threat monitoring systems. He believes that by focusing on education, collaboration, and innovative security solutions, the crypto world can drastically reduce the frequency and severity of these attacks.
North Korea’s Growing Cyber Threat: Bitcoin ETFs in the Crosshairs
Looking ahead, the industry has even more to worry about. Cyvers warns that North Korean hackers could soon turn their attention to high-value targets like Bitcoin exchange-traded funds (ETFs). Michael Pearl, vice president of GTM strategy at Cyvers, shared an exclusive insight into the growing threat from North Korean cybercriminals.
“The FBI has issued a warning that North Korean hackers are planning to infiltrate and steal from Bitcoin ETFs,” Pearl said. “These ETFs store large amounts of Bitcoin, and you can be sure that hackers are already strategizing ways to get their hands on it.”
Bitcoin ETFs—investment funds that track the price of Bitcoin—have gained traction in recent years, with some of the largest financial institutions and asset managers offering them to institutional and retail investors alike. However, this makes them increasingly attractive to hackers, particularly those with state-sponsored backing, such as North Korea. The rise in cryptocurrency valuations, combined with the growth of Bitcoin-based financial products, has given cybercriminals even greater incentives to target these highly valuable assets.
The Road Ahead: A Call for Stronger Crypto Security
The steady rise in crypto hacks and the growing threat of state-sponsored cybercrime make it clear that the Web3 ecosystem is far from secure. As the industry matures, so too do the techniques and motivations behind these attacks. While Bitcoin’s price surge is great for investors, it also makes the crypto ecosystem a more attractive target for bad actors looking to make a quick profit.
To avoid another catastrophic year in 2025, the crypto industry will need to focus on improving security standards across the board. This means not just beefing up security protocols at centralized exchanges and custodians, but also prioritizing education around secure private key management and adopting new, real-time threat detection systems.
The rise in security breaches is a wake-up call for the crypto community. As it strives for mainstream adoption, the industry must prove that it can protect digital assets just as securely as traditional financial systems. If the industry can’t address these vulnerabilities, the promise of a decentralized financial revolution could be at risk, as public trust is key to widespread adoption.
In the meantime, the warning signs are clear: as long as high-value targets like Bitcoin ETFs exist, the crypto world will remain a top target for hackers, especially those with advanced capabilities and geopolitical motivations. It’s time for the industry to take these threats seriously and fortify its defenses—before the next wave of attacks wipes out even more billions.
