Crypto Hacks Plummet to $49 Million in February, Phishing Attacks Emerge as Top Threat

In February 2024, losses in the cryptocurrency sector due to hacks plummeted to $49 million, a significant decrease compared to the $385 million lost in January. While a single month's data is insufficient to establish a long-term trend, this notable decline reflects a marked reduction in large-scale smart contract exploits during the month. According to an analysis by security research firm Nominis, social engineering attacks have surpassed traditional protocol vulnerabilities as the primary source of threats this month. Among these, phishing scams have increased significantly, with attackers inducing users to click on malicious links or sign forged transactions to illegally obtain their digital assets. These attacks often exploit users' negligence in managing wallet permissions, with "authorization abuse" being the most common—victims unknowingly grant attackers transfer permissions to their wallets, leading to the silent transfer of funds. Notably, the primary victims this time were individual users, rather than centralized exchanges or decentralized finance protocols, highlighting that weak individual security awareness has become a critical weakness in the industry's risk profile.

Overview of major attack events in the crypto industry in February. Source: Nominis Although the security protection system for crypto assets is continuously improving, hacking methods are also constantly evolving. Historical data shows that 2022 was the peak year for cryptocurrency theft, and although it has declined since then, the overall loss level remains high.

Annual loss trend of cryptocurrency due to hacking and fraud. Source: Chainalysis Industry experts point out that improving user education and strengthening wallet permission management mechanisms will be the core direction for reducing security risks in the future.