Cryptocurrency wallet drain stole $494 million in 2024

Scammers stole $494 million worth of cryptocurrencies in wallet draining attacks last year that targeted more than 300,000 wallet addresses.

This represents a 67% increase on 2023 figures, although the number of victims rose by only 3.7%, indicating that victims possessed larger sums on average.

The data comes from the web3 anti-fraud platform.Sniffer scamwhich has been tracking wallet draining activity for a while, has previously reported on attack waves that affected up to 100,000 people at one time.

Wallet drainers are phishing tools specifically designed to steal cryptocurrencies or other digital assets from users’ wallets, often deployed on fake or hacked websites.

In 2024, Scam Sniffer observed 30 large-scale thefts (over $1 million) conducted via wallet drain, with the largest single theft draining $55.4 million worth of cryptocurrency.

This happened early in the year when rising Bitcoin prices led to an increase in phishing activity. In the first quarter of the year, a total of $187 million was stolen via wallet drain attacks.

In the second quarter of the year, a notable drying service called “Drying pinkwho was previously seen impersonating journalists in phishing attacks to hack Discord accounts and Twitter for cryptocurrency theft attacks, has announced her exit.

Although this caused a decline in phishing activity, scammers gradually began to increase their frequency in the third quarter with Hell The service took the lead by causing $110 million in losses in August and September combined.

Finally, activity declined in the final quarter of the year, which represented only about 10.3% of the total losses recorded in 2024. At that time, Acedrainer also emerged as a major player, capturing 20% ​​of the drying market, ScamSniffer says. .

Most of the losses (85.3%) occurred on Ethereum, at $152 million, while staking (40.9%) and stablecoins (33.5%) were among the most targeted.

In terms of trends seen in 2024, Scam Sniffer highlights the use of fake CAPTCHA and Cloudflare pages, IPFS to evade detection, as well as the shift in signature types that facilitate the theft of funds.

Specifically, most thefts relied on signing an “authorization” (56.7%) or “setOwner” (31.9%) to drain funds. The first gives approval to spend the token according to the EIP-2612 standard, while the second updates the smart contract ownership or administrative rights.

Another noteworthy trend is the increased use of Google Ads and Twitter Ads As a source of traffic to phishing sites, where attackers use it Hacked accountsAnd robots and airdrop fake codes to achieve their goal.

To protect against Web3 attacks, it is recommended to interact only with trusted and verified websites, verify URLs with official project websites, read transaction approval prompts and permission requests before signing, and simulate transactions before executing them.

Many wallets also offer built-in warnings about phishing scams or malicious transactions, so make sure you enable them. Finally, use token revocation tools to ensure that no suspicious permissions are activated.