Inventory of Hacking Incidents in the First Half of 2024: Losses Amounted to $1.38 Billion, Doubled from the Same Period Last Year

The latest report from blockchain research firm TRM Labs indicates that cryptocurrency theft from hacks in the first half of 2024 has reached $1.38 billion, which is twice as much as the same period last year. Among them, common hacking methods include leakage of private keys or mnemonic phrases, flash loan attacks, and zero transfer attacks.

Losses in the first half of 2024 reached $1.38 billion

TRM Labs' Threat Intelligence Division reported that hackers stole a total of $1.38 billion worth of cryptocurrency in the first half of 2024, more than double the $657 million stolen in the same period last year.

However, this figure is only two-thirds of the record-breaking numbers from 2022:

Nevertheless, the amount of funds stolen in each month of the first half of 2024 exceeds that of the corresponding months in 2023.

As usual, a few large-scale attacks accounted for the majority, with the top five hackers and vulnerability attacks representing 70% of the total amount stolen this year.

Primary Attack Methods: Leakage of Private Keys and Mnemonics

The main method of attack remains the leakage of private keys and mnemonics, followed by vulnerabilities in smart contracts and flash loan attacks.

Solana meme coin platform Pump Fun targeted by private key theft + flash loan attack

Additionally, the company mentioned the rise of zero-transfer attacks since last year, including zero U address poisoning, affecting victims such as the US Drug Enforcement Administration (DEA) and phishing tool Pink Drainer, as well as the almost victimized exchange Binance.

Phishing Tool Pink Drainer Falls into Zero U Address Poisoning Trap, 10 ETH Vanishes

Japanese Exchange DMM Hacked

Furthermore, TRM Labs directly pointed out the largest hack of 2024, the hacking incident at the Japanese cryptocurrency exchange DMM Bitcoin, which resulted in the loss of over $305 million worth of Bitcoin at the time.

Breaking News: Licensed Japanese Exchange DMM Hacked, 4,503 Bitcoins Stolen, Loss of 48.2 Billion Yen

Finally, the company also stated that the frequency and methods of attacks so far this year have not changed significantly compared to last year, but due to the recovery and rise in the cryptocurrency market in the first half of this year, this may also be one of the indirect reasons for the increase in stolen cryptocurrency compared to last year.

Review of Major Hacking Incidents in 2024

DeFiLlama compiled a list of exchanges and protocols that have been compromised in the past six months, sorted by the amount of losses:

• In March, the blockchain game platform Munchables on Blast was hacked by internal developers who modified the protocol, resulting in the theft of approximately $62.5 million in ETH.
• In June, the hot wallet private key of the Turkish cryptocurrency exchange BtcTurk was leaked, leading to the theft of around $55 million in cryptocurrency.
• In April, the derivative protocol Hedgey Finance was exploited through vulnerabilities in the createLocked Campaign function and flash loan attacks, resulting in losses of approximately $44.7 million.
• In February, the internal private keys of the mixing platform FixedFloat were leaked, leading to the theft of $26.1 million worth of BTC and ETH.

Suspected North Korean hackers infiltrated the Blast-certified project Munchables, resulting in a $60 million hack