The most recent CertiK Web3 Security Report unveils a staggering loss of $1.19 billion due to onchain security incidents in the first half of 2024. This alarming figure emphasizes the urgent need for enhanced security measures.
The report emphasizes that the majority of these losses were a result of phishing attacks and compromises of private keys, with phishing attacks alone accounting for nearly $498 million.
Ronghu Gu, co-founder of CertiK, stressed the importance of multifactor authentication, such as two-factor authentication (2FA) and “security keys,” in a Q&A session with Cointelegraph.
Among the security breaches that occurred in 2024, the DMM Bitcoin attack was the most significant in the second quarter. This breach resulted in a loss of $304 million and placed it among the infamous hacks in history. The Japanese crypto exchange experienced a breach that led to the theft of 4,502.9 Bitcoin (BTC). Consequently, the platform implemented enhanced security measures to prevent future thefts.
Another incident involved BtcTurk, a Turkish crypto exchange, where a cyberattack targeted hot wallets, resulting in a loss of $90 million.
Gu informed Cointelegraph that these recent breaches demonstrate that attackers are still actively targeting large crypto custodians to test their defenses.
Amid the losses incurred in the first half of 2024, the United States introduced and passed the regulatory framework bill FIT21. This bill aims to enhance consumer protections and promote innovation in the crypto sector through a comprehensive regulatory digital asset framework. It received bipartisan support and is expected to create a safer and better-regulated environment for digital asset exposure in the US.
Gu added that the FIT21 bill is likely to attract more institutional investors and drive greater compliance efforts and requirements across the industry.
Despite the concerning state of Web3 security highlighted in CertiK’s report, Gu explains that the trend is not pointing downward. In June, crypto hacks decreased by 54.2%, resulting in a loss of $176.2 million, a significant decline compared to May’s losses of nearly $385 million.
Gu suggests that while these losses may currently be a part of the industry, there are simple measures that all users can take to protect themselves, such as implementing 2FA.
In other news, a phishing scam has targeted Hedera users, and an address poisoner has managed to obtain $70,000.