Increased Risk of Phishing Identified by CertiK Alerts Users
==================================================================
In the ever-evolving world of Web3, the year 2024 saw a significant rise in security threats, with access control breaches and social engineering emerging as the dominant threat vectors. This revelation comes from the 2024 Hack3d Report, which offers insights into the past year and provides a glimpse into the future.
Access control vulnerabilities, social engineering, and smart contract exploits accounted for over 95% of the total losses reported in 2024. Access control issues alone were responsible for approximately 81-70% of stolen funds, leading to massive financial damage exceeding $2.3 billion.
Significant incidents included large-scale hacks such as CoinDCX’s $44.2 million malware attack, a notorious address poisoning incident resulting in over $68 million loss, and the combined total of $147 million lost across 13 major hacks in July 2025. Exploits of smart contracts accounted for $456 million in losses, highlighting the perils within decentralized finance (DeFi) infrastructures.
Phishing, private key theft, rug pulls, and malware attacks were also dominant contributors, underscoring both technical weaknesses and significant human factors such as operational security failures.
Looking ahead to 2025, experts predict a shift towards multi-layered security frameworks that integrate technical controls with operational security and continuous real-time monitoring. A holistic approach, combining secure smart contract development, enhanced access control protocols, and addressing human vulnerabilities, will be critical going forward.
The adoption of AI-powered risk assessment, transaction validation, and anomaly detection tools is predicted to be necessary to counteract increasingly sophisticated, coordinated attacks. Security culture and operational readiness are forecast to become as important as technical solutions, stressing the importance of ongoing vigilance and proactive defenses against social engineering.
However, critical code vulnerabilities remain a concern, and North Korean hackers stole at least $1.34 billion worth of crypto assets in 2024. Private key compromise was the second most significant threat, leading to over $855 million in losses across 65 incidents.
Hacken experts calculated that total Web3-market losses in the past year exceeded $2.9 billion, a 31.61% increase from the previous year. In 2024, over $1 billion was stolen through 296 phishing attacks, according to CertiK. However, it's important to note that exploits in the Web3-market are not specified to be included in the figures provided by CertiK.
Despite these challenges, the future direction includes a more integrated, AI-augmented defense posture combined with stronger attention to human factors and continuous monitoring to mitigate emergent threats in Web3. While smart contract security remains vital, it's clear that a comprehensive approach is needed to ensure the safety and security of the Web3 ecosystem.
Read also:
- Health Risk Warning: The Harmful Effects of Sitting Too Much, Exploring Sedentary Lifestyles
- Competition heated up: Google Pixel 10 against Samsung Galaxy S25 - a pivotal moment for Google's smartphone dominance
- Advancement from Analog to Digital: A History of Audio Cassettes
- Moves and Changes in the Pro AV Industry: Mergers, Collaborations, and Personal Appointments
