CertiK and PeckShield data revealed that December 2024 saw the lowest crypto losses of the year, with scams, exploits, and hacks significantly decreasing towards the end of the year.
CertiK posted on Dec. 31 that losses in December amounted to $28.6 million, compared to $63.8 million in November and $115.8 million in October. Of these losses, $26.7 million were ascribed to exploit. Two major incidents occurred: a $2.1 million exploit of DeFi platform GemPad, which was caused by a weakness in its smart contracts, and a $1 million loss from an exploit in FEG’s token bridge, which was caused by a hole in crosschain message verification.
PeckShield corroborated the trend in a Jan. 1 post, noting $24.7 million in hack losses for December—a 71% drop compared to November. Among the over 25 recorded hacks, the largest was a $12.3 million loss by LastPass users on Dec. 16–17, tied to a 2022 data breach that compromised customer vaults. Another major attack involved Yei Finance, where $2.2 million was stolen on Dec. 2.
Cyvers’ 2024 Web3 Security Report, shared on Dec. 24, estimated $2.3 billion in crypto stolen across 165 incidents in 2024—a 40% increase from 2023’s $1.69 billion but still below 2022’s $3.78 billion.
Cyvers’ CEO, Deddy Lavid, attributed the increase in 2024 to increasingly frequent access control breaches, particularly in centralized exchanges and crypto custodians.
