CertiK report reveals December crypto losses fell to 2024 low at $28.6 million

There was a significant reduction in losses due to exploits, piracy and scams in December compared to previous months.

Blockchain security firm CertiK’s latest report saw a total of roughly $28.6 million in losses, the lowest monthly figure since 2024.

December crypto losses are lowest in 2024

Exploits dominated the financial impact, accounting for $26.7 million, while flash loan attacks and exit scams brought in $1.7 million and $200,000, respectively. Among the flash loan attacks, the most notable incidents included CloberDex, which suffered losses of $501,279, followed by Clipper DEX with $450,811 and MoonMaker with $319,320.

The single largest exploit in December was against Gempad, with damages totaling $2.14 million. Other major losers included FBD, which lost $1.07 million, and Vesta DAO, $401,428. CertiK’s infographic revealed that December marks a sharp decline in overall losses, a stark contrast to the peak months earlier in the year, where losses reached tens of millions monthly.

The report also highlighted the growing threat of phishing, with the main victim (address 0x751e) losing $7.87 million, making it one of the costliest phishing incidents of the year. Other fishing incidents ranged from $1.4 to $2.8 million in individual losses.

Phishing scams persist

Earlier last month, a cryptocurrency user revealed that he lost $300,000 in a phishing scam after clicking on a malicious KakaoTalk meeting link shared via direct message on X. The link, which was suspected of installing malware, compromised several wallets, including Ethereum and Solana addresses. The attacker allegedly transferred the funds to a wallet linked to the BingX exchange.

More recently, Animoca Brands co-founder Yat Siu’s X account was hacked despite two-factor authentication (2FA). The attackers resorted to promoting a fraudulent token called “MOCA”. The phishing scheme, linked to Pump.fun, targeted more than 15 crypto-focused accounts, stealing nearly $500,000.

Blockchain security firm SlowMist also uncovered a phishing campaign using fake Zoom meeting links to steal cryptocurrency. The scheme mimicked Zoom’s interface, leading many victims to download malware disguised as a meeting installation package. The malware then collected sensitive data, including cryptocurrency wallet details, leading to losses of over $1 million.

Hackers found to be potentially linked to Russian-speaking agents laundered stolen funds through exchanges such as Binance and Gate.io.

SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).

LIMITED OFFER for CryptoPotato readers on Bybit – Use this link to register and open a FREE $500 position with any currency!