In 2024, “pig butchering” scams emerged as the leading threat to cryptocurrency users, causing an estimated $3.6 billion in losses, according to Cyvers, a Web3 security firm. In 2023, this number was around $3.96 billion, as per an estimate from the FBI. What is pig butchering? The scheme is called “pig butchering” because it involves scammers “fattening up” victims, or “pigs,” before exploiting them. Scammers create fake personas, sometimes using deepfake images, to build relationships with victims through messages, social media, or dating apps. They often introduce cryptocurrency into the conversation, offering investment guidance without directly asking for money. Eventually, victims are directed to send funds to platforms controlled by the scammer, marking the start of the exploitation. Cyberattacks surge in 2024 The Cyvers report revealed a 40% increase in cyberattacks in 2024 compared to the previous year, with 165 incidents resulting in $2.3 billion in damages. Although this is 37% lower than the 2022 peak, the sophistication and variety of attack vectors intensified: Access Control Breaches: Accounted for 67 incidents, causing $1.9 billion in losses. Smart Contract Vulnerabilities: Led to 98 incidents and $456.8 million in damages. Address Poisoning Assaults: Involved a single significant case, resulting in a $68.7 million loss. Ethereum: a primary target As per the report, Ethereum remained the most exploited blockchain, with scammers using its open-access infrastructure to execute fraudulent schemes. Over 800,000 transactions and 150,000 addresses were linked to scams in 2024. Techniques included sending small inducement payments to victims as part of grooming strategies. Major crypto hacks of 2024 WazirX: $235 Million Loss WazirX, one of India’s largest cryptocurrency exchanges, faced a massive hack in 2024, resulting in a loss of $235 million. The breach occurred due to a vulnerability in the platform’s multi-signature (multi-sig) wallet system. Multi-sig wallets require multiple keys for transactions, enhancing security, but the vulnerability allowed attackers to bypass this safeguard. DMM Exchange: $305 Million Loss DMM Exchange suffered a devastating attack in 2024 when its Bitcoin hot wallet was compromised. The breach occurred when attackers gained access to a private key associated with the wallet, allowing them to drain $305 million in Bitcoin. Radiant Capital: $50 Million Loss Radiant Capital, a decentralized finance (DeFi) platform, experienced a breach that resulted in a $50 million loss. The hack occurred when the attackers gained control of the devices used by Radiant Capital’s team to access the platform. BingX: $52 Million Loss BingX, a global crypto exchange, was drained of $52 million in 2024 following a sophisticated attack that targeted its hot wallets. Attackers exploited vulnerabilities in the platform’s security, allowing them to access the wallets and transfer funds across multiple networks. Recovery efforts show progress Despite the rising incidents, recovery efforts made notable strides in 2024. Around $1.3 billion was recovered, largely due to on-chain detectives like ZachXBT and bug bounty initiatives. The first quarter of 2024 saw the highest number of attacks, while Q3 recorded the largest financial impact, at $760 million. Q4 exhibited a decline in both activity and losses, indicating potential progress in combating these crimes. The post 'Pig butchering' scams cost crypto users $3.6B in 2024, report finds appeared first on Invezz
