In the third quarter of 2024, the number of hacks decreased to the lowest level in three years, with only 28 incidents resulting in a total of $463.6 million stolen.
However, there is no chance of recovering more than $440 million in stolen funds, and the overall outlook remains concerning.
Worst collection rate ever
According to a new report from cybersecurity firm Hacken shared with CryptoPotato, an astonishing 95% of stolen funds are lost forever. This is in sharp contrast to previous quarters, where 50-60% of stolen assets were frozen or recovered.
This high proportion of unrecovered funds therefore highlighted the urgent need for stronger post-incident response strategies.
“This is the worst quarter in recent times in terms of recovered or frozen funds. Of all victims, only three projects were able to recover lost assets. I was hoping that the trend of refunding some of the siphoned funds would continue, but unfortunately!
Looking at losses by region, Asia had the highest losses for the quarter, with losses of $264 million. Australia followed with $43.3 million, followed by Europe with $22.16 million and North America with a loss of $15 million over the same period.
The most harmful type of attack continues to be when a malicious attacker gains control of a seed phrase or functionality and is able to withdraw funds from a wallet or smart contract at will. In the third quarter, there were 8 incidents in which $316 million was stolen, with access control violations accounting for 2% of assets lost compared to all other attack types combined. more than doubled.
Next is the re-entry attack. This is considered one of the most durable ways to extract assets from a protocol. This involves an attacker exploiting the smart contract’s withdrawal functionality loop to repeatedly withdraw funds. This attack is particularly harmful to protocols with liquidity pools.
There were only three re-entrant attacks during the quarter, but they resulted in losses of over $33 million across various assets.
evolving threat
While traditional lag pulls have declined, meme coin launches on platforms such as Base, Tron, and Solana have proliferated. Solana’s meme coin platform, pump.fun, recently launched more than 2 million coins, but only 89 reached a market cap of $1 million.
According to a report from Hacken, this indicates that many lag pull scammers are migrating to these platforms and creating low-value coins that mimic lag pull tactics without showing any legitimate activity. .
Special Offer (Sponsored) Binance Free $600 (CryptoPotato Exclusive): Receive an exclusive welcome offer of $600 on Binance when you register a new account using this link (more details).
BYDFi Exchange 2024 limited offer: Welcome reward up to $2,888. Register using this link and open a 100 USDT-M position for free!