Crypto Hack Losses Fall in December, but 2024 Ends Up 40%

Crypto hacks and scams took a surprising downturn in December 2024, marking the lowest monthly losses of the year. After months of escalating attacks, which peaked in October, December's losses dropped to $29 million, according to a recent report by two blockchain security firms.

However, the month was not without its notable incidents, including major exploits of GemPad and LastPass users, Cointelegraph reported. Blockchain security firms CertiK and PeckShield reported December as the least costly month for crypto exploits in 2024.

December's Decline in Crypto Losses

CertiK's analysis revealed $28.6 million in losses for the month, a sharp drop from November's $63.8 million and October's staggering $115.8 million. Exploits accounted for the bulk of these losses, with attackers seizing $26.7 million.

#CertiKStatsAlert 🚨Combining all the incidents in December we’ve confirmed ~$28.6m lost to exploits, hacks and scams.December’s losses are the lowest monthly losses we recorded in 2024.Exit scams: ~$0.2mFlash loans: ~$1.7mExploits: ~$26.7mMore details below 👇 pic.twitter.com/gkQ06y4ndz

PeckShield's data highlighted a similar trend, recording $24.7 million in hack-related losses, a 71% reduction from the previous month. Both firms noted significant incidents that contributed to December's figures.

GemPad, a decentralized finance (DeFi) platform, faced the most severe exploit of the month. Hackers exploited a vulnerability in the platform's smart contracts, draining $2.1 million in assets.

Meanwhile, DeFi project FEG suffered a $1 million loss due to an error in its cross-chain message verification process. This flaw allowed attackers to withdraw tokens without proper validation.

#PeckShieldAlert December 2024 saw 25+ hacks in the crypto space, resulting in ~$24.7 million in losses—a 71% decrease compared to last month. #Top5 Hacks: -#LastPass: $12.38 million -#Yeifinance: $2.2 million -#GemPad: $2.2 million -#MEMECoin Drainer: A victim was drained… pic.twitter.com/p1Y8vjLMfp

Broader Trends in Crypto Security

Another major incident involved LastPass users, whose crypto holdings were targeted following a December 2022 data breach. According to blockchain investigator Zachxbt, hackers drained $12.3 million from compromised accounts in mid-December 2024.

Despite December's improvement, 2024 witnessed a significant uptick in overall crypto theft. Cyvers' Web3 Security Report revealed $2.3 billion stolen across 165 incidents, a 40% increase from the $1.69 billion lost in 2023. However, this figure still represents progress compared to the $3.78 billion stolen in 2022.