CertiK has released its market update, entitled Hack3d: The Web3 Security Quarterly Report – Q2 + H1 2024.
CertiK‘s Hack3d: The Web3 Security Report for Q1 2024 digital assets and blockchain ecosystem update is described as “the industry’s most comprehensive record of statistics and analysis of onchain security incidents.”
According to CertiK, it equips stakeholders with the knowledge needed “to make informed decisions in an increasingly high-stakes environment.”
Here are Q2 2024 highlights shared by CertiK:
- A total of $688,102,941 was lost across 184 onchain security incidents in Q2 2024. This represents a 37% increase in value lost compared to Q1 2024, though there was an 18% decrease in the number of incidents quarter-over-quarter.
- Phishing was the most costly attack vector in Q2 2024, with $433,688,871 lost across 67 incidents, accounting for a large majority of total financial losses.
- Private key compromises followed, with $170,064,635 lost in 16 major incidents.
- Ethereum experienced the highest number of security incidents, with a total of 83 hacks, scams, and exploits leading to $170,636,798 in losses.
- The total dollar value of funds returned was $99,328,507 across 7 separate incidents, leading to adjusted total losses of $588,774,434 for the quarter.
- The average loss per incident was $3,739,689 and the median loss per incident was $204,614.
Here are H1 developments shared by CertiK:
- $1,190,398,361 was lost across 408 onchain security incidents in H1 2024.
- Phishing accounted for $497,735,904 lost across 150 incidents. Private key compromises followed, with $408,949,115 lost in 42 incidents, highlighting persistent vulnerabilities in key management.
- Ethereum was the most affected chain, experiencing 235 incidents and $397,405,773 in losses.
- The total value of funds returned in H1 2024 was $177,791,389 across 18 incidents, leading to adjusted total losses of $1,012,606,971 for the first half of 2024.
- The average loss per incident was $2,932,729, and the median loss per incident was $230,784.
As covered, CertiK is a firm focused on blockchain security, leveraging AI technology to protect and “monitor blockchain protocols and smart contracts.”
Founded in 2018 by professors from Yale University and Columbia University, CertiK’s mission is to “secure the web3 world.”
CertiK applies innovations from academia “to enterprise, enabling mission-critical applications to scale with safety and correctness.”
To date, CertiK claims that it has “worked with nearly 4,000 Enterprise clients, secured over $360 billion worth of digital assets, and has detected nearly 70,000 vulnerabilities in blockchain code.”
Their clients include various projects “such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz.”
CertiK says that it is “backed by Insight, Partners, Sequoia, Tiger Global, Coatue Management, Lightspeed, Advent International, SoftBank, Hillhouse Capital, Goldman Sachs, Coinbase Ventures, Binance, Shunwei Capital, IDG Capital, Wing, Legend Star, Danhua Capital and other investors.”