The threat of cyber attacks continues to grow. Cyber experts note that in 2024, they will be more frequent, more sophisticated, and often take no more than a few minutes to detect.

In this article, we have gathered information on the global cybersecurity situation, which cyber threats to cryptocurrencies in 2024 are considered by experts to be the most significant, and also consider the best security practices for crypto investors that should be followed in order not to expose their assets to risks. 

Common types of cyber attacks

According to analysts at cybersecurity platform Keeper Security, 92% of leading IT companies are seeing an increase in attacks. Among the most common types of cyberattacks, the following are experiencing the greatest growth:

• Phishing (social engineering) — up 51%;
• Malware (malicious software) — up 49%;
• Ransomware — up 44%;
• Password cracking — up 31%;
• DoS (denial of service) attacks — 28%.

Let’s take a closer look at what they are.

Phishing

Phishing is a type of attack in which a cybercriminal takes a user’s personal information and uses it for their own gain. Typically, the ultimate goal of phishing is to gain access to victims’ cryptocurrency wallets and bank accounts. Attackers often use social engineering tactics that involve psychological manipulation: pretending to be acquaintances of the potential victim or representatives of reputable companies and appealing to the need to take action as soon as possible. The expectation is that after receiving such a message, a person will not hesitate to open a link to a phishing site or participate in a poll or survey by providing their personal information. 

The productivity of phishing attacks continues to advance, outpacing the most advanced cryptocurrency security technologies. In particular, according to the estimates of a well-known anonymous crypto detective-altruist who uncovers fraudulent schemes worth millions of dollars under the nickname ZachXBT, the losses of users of Coinbase, one of the largest (read – secure) exchanges in the world, amounted to at least $100-150 million last year. And this is not the official data of the exchange itself, but just an estimate of the losses of people who turned to ZachXBT for help. He cited these figures in response to a tweet about how a user almost fell for a phishing email from Coinbase’s supposed support team. “Almost got caught. Good thing I always check the sender’s email,” the potential victim wrote. Incidentally, Coinbase is one of the top 10 U.S. financial companies most often impersonated by scammers, according to the analytics division of email tracker Mailsuite. 

Malware

Malware can infect a single device or an entire network. It is activated through phishing attacks or the downloading of third-party files (either accidentally or with the intent to cause harm). Its purpose is to collect and send sensitive personal and corporate data to cybercriminals.

Ransomware

A subset of malware that restricts an organization’s or individual user’s access to files and data until the attacker’s ransom demand is met. Typically, ransomware threatens to sell sensitive data on the darknet, which may or may not be paid. This is regardless of whether or not the payment is received. 

Password cracking

Lack of multi-factor authentication, weak or reused passwords are responsible for the high prevalence of this type of attack, such as password cracking. According to a report by Keeper Security, more than 41% of users use the same or similar passwords across platforms, despite knowing that this practice is dangerous. Cybercriminals crack passwords by mining or using previously compromised passwords using algorithms or artificial intelligence tools. 

DoS Attacks 

DoS (DDoS) attacks overload servers with requests and clog traffic, denying bona fide users access to resource functionality. They can impact blockchain network bandwidth through spam transactions, degrading the quality and speed of processing clean transactions and compromising smart contracts.

Emerging Cyber Threats

Artificial intelligence and dipfakes are increasingly being used as a weapon of choice by cybercriminals. 

The number of dipfakes has increased by 245% compared to 2023. According to Bitget’s latest research, losses from deep fake crimes in the cryptocurrency market will exceed $25 billion by the end of 2024. The use of AI-generated celebrities in videos promoting cryptocurrency investments that turn out to be fake is becoming a common practice for cybercriminals. Avatars of Elon Musk, Vitalik Buterin, and other famous opinion leaders are promoting scams on hacked social media channels and offering to transfer money to the scammers’ accounts. The most recent egregious case was the dipfake of Apple CEO Tim Cook, who, during the official broadcast of the iPhone 16 presentation on YouTube, encouraged viewers to send money to a certain address, promising that Apple would refund them twice as much. Fortunately, users were vigilant and YouTube’s support team responded quickly. 

Artificial intelligence is also being used to speed up password cracking, create massive streams of phishing emails with no tell-tale signs of fraud, launch DDoS attacks with more complex configurations, create audio deep fakes that mimic the voices of loved ones, and more.

Current threat landscape. Key takeaways

• The CrowdStrike 2024 Global Cyber Threat Report highlights the characteristics of cyber attacks such as speed and stealth as a key trend. Attackers are acting suddenly (making it extremely difficult to take preventative measures) and with unprecedented speed. In 2022, the average breach duration was 84 minutes; in 2023, it is already 62 minutes (down 26%), and the fastest breach lasted only 2 minutes and 7 seconds. Criminals are actively working to reduce the time to primary access, as it takes the longest. And it looks like they are having some success.
• Hackers are also paying a lot of attention to cloud storage – the number of cloud intrusions has increased by 75%. 
• In the first half of 2024, cybercriminals stole nearly $1.4 billion worth of cryptocurrency, double the amount stolen in the same period last year. Blockchain analysts at TRM Labs attribute these figures primarily to an increase in the size of individual thefts and rising asset prices (the average monetary volume per attack increased by nearly 80%). According to analysts, the appreciation of cryptocurrency is an undeniable motivating factor for hackers hungry for more profit. 
• The biggest incident in the cryptocurrency market in the first half of the year was the hacking of the Japanese centralized exchange DMM Bitcoin, which resulted in the withdrawal of 4,500 bitcoins worth more than $300 million.
• Experts at Cyvers, a platform specializing in Web3 cybersecurity, note an interesting trend in their report: that centralized platforms (CeFi) are much more likely to be attacked than decentralized ones (DeFi) – the number of hacks has increased by almost 1000%. In previous periods it was exactly the opposite, and decentralized trading platforms were always considered more vulnerable. Moreover, DeFi platforms reduced their losses by 25%. This information is also confirmed by Chainalysis. Analysts also note that centralized exchanges have increased their investments in protecting cryptocurrency transactions, but still cannot keep up with attackers (especially from North Korea), who are using increasingly sophisticated tactics. For example, fraudsters are being employed in the cybersecurity departments of cryptocurrency exchanges to gain access to data.
• Also, according to experts, the big security risks in the cryptocurrency industry this year will be related to ransomware, whose losses from attacks amounted to almost $460 million in the first half of 2024.
• In its research, onchain security platform Immunefi cites curious data on how hacked cryptocurrencies recover prices. It turns out that almost 78% of projects attacked by cybercriminals experienced a sustained negative price movement of the native coin for six months, with more than 50% of them losing at least half of their value during this period. This means that compromised protocols suffer the greatest damage after the attack, during the period of recovery of operations, team morale and, of course, reputation. According to experts, the more stable a project is and the more extensive its ecosystem, the less significant the price drop.

How to Avoid Cryptocurrency Cyber Fraud

Cyber experts use the following methods to protect cryptocurrency assets:

1. Be proactive. According to most cyber experts, the most urgent measures to protect cryptocurrencies in 2024 and beyond should be preventive measures. The speed and suddenness of hacker attacks should be offset by reconnaissance and monitoring of information leaks on the darknet and underground chat rooms, as well as regular detection of hidden problems in systеm configurations. 
2. The use of multi-factor authentication for cryptocurrencies is a must. The more complex the authentication, the more reliable the guarantee of protection against hacking. KYC and AML procedures are also standard privacy and security measures for cryptocurrencies.
3. Increase password security. Using a password manager that allows the generation of complex character combinations and the creation of different passwords for individual accounts will make it more difficult for cybercriminals to hack, create conditions for secure storage of cryptocurrencies, and protect users from hacking attacks on cryptocurrency exchanges. 
4. Anti-Phishing. Messages sent from platforms to users inсlude additional encryption to validate the authenticity of the source and reduce the threat of phishing to cryptocurrency wallet security. 
5. Secure storage of keys, passwords, and mnemonics is a top user priority to protect digital assets from hackers. Offline storage of private keys on cold wallets and regular backups provide an additional layer of security. According to reviews of hardware wallets for cryptocurrencies and recommendations from cyber experts, Ledger, Trezor, KeepKey and SafePal crypto wallets are considered the most reliable today. Hot wallets and cloud services are not designed for long-term secure storage of cryptocurrencies.

Conclusion

The cryptocurrency market is in a growth phase right now, your assets are increasing in value and becoming more attractive to scammers. 

Consider all possible strategies to protect your bitcoins and altcoins from hackers and use only the best crypto asset security solutions.

Thank you for your attention. Invest safely and profitably!

AnyExchange is a  cryptocurrency exchanger that has been successfully operating throughout Ukraine and abroad for more than five years. On our platform you can convert the leading cryptocurrencies at the most favorable rate and make fast money transfers worldwide.