Back to all stories
Highlighted Stories
Reports
Security
Hack3d: The Web3 Security Report 2024
1/2/2025
Hack3d: The Web3 Security Report 2024

Welcome to Hack3d: The Web3 Security Report for 2024. CertiK’s Hack3d reports offer deep dives into the exploits, vulnerabilities, and trends that define blockchain and smart contract security. They’re an invaluable resource for anyone seeking to understand the current landscape of Web3 security. Each report contains detailed incident analyses, technical insights, and the most comprehensive statistics on hacks, scams, and exploits in the entire Web3 industry.

Read the full report for free.

2024 saw the cryptocurrency industry gaining further acceptance in traditional finance, marked by significant milestones that reshaped the market landscape. The approval of spot Bitcoin and Ethereum exchange-traded funds (ETFs) by the U.S. Securities and Exchange Commission (SEC) was among the most notable developments. After years of anticipation, the SEC greenlit 11 spot Bitcoin ETFs, including those from prominent firms like BlackRock and Fidelity. By July, Ethereum ETFs followed suit, offering institutional investors new opportunities to diversify their portfolios and signaling mainstream validation for these digital assets.

The steady recovery from the prolonged “crypto winter” continued throughout the year, as renewed institutional confidence brought a wave of investment back into the market. This steady influx laid the groundwork for Bitcoin’s historic milestone of surpassing $100,000 in value, which occurred in the aftermath of the 2024 U.S. presidential election, and caused other popular cryptocurrencies to rise in tandem, such as Ethereum and Solana.

It is clear that the re-election of Donald Trump marked a turning point for the cryptocurrency industry in the U.S., which will likely influence other crypto markets around the world. Trump’s administration quickly signaled a pro-crypto stance by appointing Paul Atkins, a prominent blockchain advocate, to lead the SEC. Elon Musk’s appointment as head of the “Department of Government Efficiency” (DOGE) added momentum to the administration’s pro-crypto agenda and drove a surge in Dogecoin’s value.

While regulatory developments across the global shape the crypto industry in different ways, one constant remains: the critical importance of security. As markets evolve and integrate into traditional financial systems, the risks associated with non-compliance, fraud, and theft continue to grow.

Here are some of the key statistics covered in 2024’s report:

  • A total of $2,362,748,975.83 was lost across 760 on-chain security incidents in 2024.
  • These figures represent an approximate 31.61% increase in value stolen compared to 2023. The number of security incidents year-over-year increased by 29.
  • The average amount lost per hack in 2024 was $3,108,880 and the median amount stolen was $150,925.
  • May was the most costly month of the year, with $444,386,754 lost across 63 incidents.
  • Similar to Q3 of 2023, Q3 of 2024 saw the most losses, with $753,301,497 stolen in 157 hacks, scams, and exploits. The subsequent quarter saw a 46.65% decline in the amount stolen.
  • Phishing was the most costly attack vector in 2024, with $1,050,129,498 lost across 296 incidents, and three phishing incidents of more than $100,000,000 lost. This represents nearly half of all value stolen in the year and 39.1% of the number of incidents suggesting that, on average, phishing attacks typically lead to larger amounts stolen per incident than other vulnerabilities.
  • Private key compromises followed, with $855,385,570 stolen across 65 incidents. All four quarters of 2024 saw high levels of activity involving phishing attacks and private key theft.
  • Ethereum experienced the highest number of security incidents, with a total of 403 hacks, scams, and exploits leading to $748,688,677 in losses. This resulted in an average of $1,857,788 stolen per incident.
  • Hackers also heavily targeted Bitcoin and Tron, with $542,700,000.00 and $133,003,944.04 stolen, respectively.
  • Security breaches affecting multiple chains accounted for $435,045,134.22 in losses across 39 incidents.

Our report also looks at the most commonly used attack vectors, the most exploited chains, how amounts stolen fare against factors like total value locked (TVL), the top incidents of 2024, notable industry developments, and best security practices for crypto participants.

Hack3d 2024 is an indispensable resource for all stakeholders in Web3, from developers and investors to policymakers and enthusiasts. It offers a mix of technical depth, market analysis and insights, and forward-thinking projections, making it a crucial guide for understanding and navigating this dynamic industry.

Join us as we look back on the pivotal developments of 2024, learning the lessons that need to be learned, acknowledging the progress we’ve undoubtedly made, and looking forward to a secure future for the Web3 world.

Read the report for free here.