强调

Hack3d: The Web3 Security Quarterly Report - Q1 2024

研究与成果 安全报告
Hack3d: The Web3 Security Quarterly Report - Q1 2024
  • A total of $502,522,934 was lost across 223 onchain security incidents in Q1 2024.
  • This represents a 54% increase in value lost compared to Q1 of 2023’s total of $326 million, though a minor 3.8% decrease from Q4’s losses of $522 million.
  • January was the most costly month of the quarter, with $193,132,537 lost in 78 onchain security incidents.
  • Private key compromises were once again the most costly attack vector, with $239,037,879 lost in just 26 incidents. This again represents nearly half of all financial losses, though key compromises accounted for just 11.7% of all security incidents.
  • Ethereum experienced the highest number of security incidents, with a total of 131 hacks, scams, and exploits leading to $139 million in losses.
  • $77,970,073 of value was ultimately returned, with the majority of this figure coming from the Munchables incident.
  • Hack3d investigates the ongoing prevalence of private key compromises, as well as Solidity rounding error exploits, the unprecedented inflows to the recently-approved Bitcoin ETFs, major financial institutions’ forays into onchain finance, and the effects of Ethereum’s successful Dencun upgrade on scaling L2s.

Hack3d Report 2024 Q1 - Incident Types and Financial Impact

Hack3d Report 2024 Q1 - Blockchain Incidents by Chain

Hack3d Report 2024 Q1 - Monthly Financial Impact of Security Breaches

Read the full report for free.

相关博客

CertiK Hack3D: H1 2026 Report

CertiK Hack3D: H1 2026 Report

Web3 security losses exceeded $1.31 billion in H1 2026 across 344 incidents, with wallet compromise emerging as the most financially destructive attack vector and phishing shifting toward fewer, higher-value social engineering attacks.

Security Considerations for Passkey-Based Web3 Wallets

Security Considerations for Passkey-Based Web3 Wallets

This article analyzes that security model across the full asset-control lifecycle. It traces a single transaction through Clave's open-source implementation, surveys past vulnerabilities in WebAuthn, FIDO2, and CTAP, maps them onto the lifecycle of a typical Passkey Wallet, and ends with implementation checks for teams building one.

Quantum Computing Threats to the Blockchain Industry

Quantum Computing Threats to the Blockchain Industry

This report examines how future fault-tolerant quantum computers may compromise blockchain cryptography, and what protocols, validators, custodians, and ecosystem participants must do to migrate before the window closes.