Cryptocurrency theft through wallet drainer attacks reached unprecedented levels in 2024, with scammers stealing $494 million from over 300,000 wallet addresses. This represents a 67% increase in stolen funds compared to 2023, despite only a 3.7% rise in victim count.
Key Findings:
– 30 major heists exceeded $1 million each
– Largest single theft: $55.4 million
– First quarter losses: $187 million
– Ethereum network accounted for 85.3% of losses ($152 million)
Notable Trends:
– Pink Drainer service’s exit in Q2 temporarily decreased activity
– Inferno service dominated Q3, causing $110 million in losses
– Acedrainer emerged in Q4, capturing 20% market share
– Most attacks targeted staking (40.9%) and stablecoins (33.5%)
Attack Methods:
– Fake CAPTCHA and Cloudflare pages
– IPFS implementation to avoid detection
– Permit signatures (56.7%) and setOwner signatures (31.9%)
– Google Ads and Twitter ads for phishing traffic
– Compromised accounts and fake token airdrops
Security Recommendations:
1. Use only verified websites
2. Verify URLs with official sources
3. Review transaction approvals carefully
4. Enable wallet security features
5. Use token revoking tools
6. Simulate transactions before execution
The data, reported by web3 anti-scam platform Scam Sniffer, highlights the growing sophistication of cryptocurrency theft and emphasizes the need for enhanced security measures in digital asset management.