Crypto Hacks, Scams Hit $29M in December, Lowest in 2024

December Sees Decline in Crypto Losses Crypto hacks, scams and exploits declined to $28.6 million this December 2024, marking the lowest monthly loss seen in the year 2024. This is considered a big drop from a year that’s mostly characterized by higher losses at $63.8 million in November and $115.8 million in October. Data from blockchain security firms CertiK and PeckShield show that December was mostly quiet for crypto, even though the space remains vulnerable. Key Takeaways of December Losses: CertiK Reports on Exploits According to CertiK, exploits accounted for the majority of December’s losses, with $26.7 million stolen. The most prominent incident was the $2.1 million theft that happened on the DeFi platform GemPad , wherein hackers attacked its smart contracts. Other prominent attacks include the theft of $1 million from the FEG token bridge, which, upon investigation, CertiK found was caused by an error in the verification of cross-chain messages, enabling attackers to withdraw tokens without depositing them first. PeckShield’s Findings Data from PeckShield showed hack-related losses of $24.7 million last December, which is 71% lower than November. Among the 25 incidents that it tracked, the most notable was the $12.3 million exploit that hit LastPass users. This was linked to a 2022 data breach wherein hackers stole encrypted customer vault backups that would later allow them to gain access to sensitive crypto assets. Another incident was the $2.2 million breach of the Yei Finance protocol on Dec. 2, further showing how much vulnerability a DeFi platform carries with it. Annual Trends in Crypto Security While December was a relatively slow month in terms of losses, a total of 2024 had seen $2.3 billion of crypto thefts across 165 incidents so far, per Cyvers. The cumulative total is up 40% over the $1.69 billion stolen in 2023 but is significantly lower than the $3.78 billion lost in 2022. The CEO of Cyvers, Deddy Lavid, attributed this increase in 2024 to access control breaches, especially at centralized exchanges and custodians. These breaches are one of the main issues that the industry faces and prove that security should be enhanced not only on decentralized but also on centralized platforms. Looking Ahead Although the decline in December brought some relief, the crypto industry still needs to work harder in closing security gaps that make losses possible. In 2025, stronger protocols, better auditing, and increased user awareness will be key in reducing vulnerabilities.