In 2024, nearly $500 million in cryptocurrency was stolen from over 332,000 victims through wallet drainer malware, according to anti-scam firm Scam Sniffer. The malware tricks victims into signing malicious transactions, allowing attackers to drain their wallets of funds. This marked a 67% year-over-year increase in losses, with the largest single theft reaching $55.48 million. Scam Sniffer also noted that the total amount stolen from these 332,000 victims was staggering, with $171 million coming from 30 incidents where losses exceeded $1 million each.
The first quarter of 2024 saw the highest number of wallet drainer attacks, with 175,000 victims and $187.2 million in losses. As the year progressed, attacks continued but with fewer victims, totaling over 90,000 in the second and third quarters, with losses amounting to $257 million. The final quarter of the year recorded the smallest number of victims, about 30,000, and $51 million in losses. Despite a drop in activity during the second half of the year, the attacks continued to be a significant concern for cryptocurrency users.
The largest thefts occurred in the latter half of the year, with two major attacks in August and September, stealing $55.48 million and $32.51 million respectively. This increase in large-scale thefts was attributed to high phishing website activity during the first quarter, which peaked due to significant market adjustments. As the year progressed, the activity from major wallet drainer malware operators like Pink and Inferno decreased, leading to a lower overall attack rate in the second half of 2024.
According to additional data from Chainalysis, cryptocurrency thefts saw a broader surge in 2024, with more than $2.2 billion in assets stolen. In December, the US attributed a significant portion of the theft to North Korean state-sponsored hackers, who were responsible for stealing $308 million from Bitcoin.DMM.com. The surge in wallet drainer attacks highlights a growing trend of targeted thefts in the cryptocurrency market, marking a concerning increase in cybercriminal activity.
