Pig butchering crypto scams wiped out $3.6b this year: report
In 2024, “pig butchering” scams were the biggest danger to crypto users, costing $3.6 billion, according to Cyvers, a Web3 security company.
The report indicates that there was a 40% annual rise in the number of cyber attacks in 2024 compared to 2023, with 165 incidents costing $2.3 billion in damages. The sum was still down 37% from the fraud peak in 2022, but complex schemes and breaches surged this year.
Access control breaches made up most of that damage, with 67 incidents totaling $1.9 billion. Other attack vectors included smart contract vulnerabilities, leading to losses of $456.8 million over 98 incidents, and address poisoning assaults, resulting in $68.7 million in a single major case. These attack methods demonstrate the loopholes in blockchain networks and decentralized applications that scammers still take advantage of.
Ethereum (ETH) was the blockchain network that scammers operated on, accounting for the majority of crypto fraud losses. The data involved around 150,000 addresses and 800,000 fraudulent activity transactions, Cyvers said. Cyvers cited the blockchain’s ease of access as a key factor in the fraudulent schemes, which they said allowed scammers to send over 100,000 small inducement payments to victims as part of their grooming methods.
Educating the users about these incidents is imperative in combating access control breaches, believes Deddy Lavid, CEO of Cyvers. Greater transparency in exchange operations and enhanced user vigilance are also essential to reduce the success rate of these types of frauds, he noted.
What does Pig butchering mean?
“Pig butchering” refers to a technique in which victims are groomed through repeated contact by scammers, often starting with unsolicited messages that draw them into fake crypto schemes. With trust secured, the way is open for deploying smaller amounts of cash to siphon off larger pots in the hundreds of millions, often in Tether (USDT) through less transparent exchanges such as Binance, HTX, OKX, Crypto. com, and Coinbase. Illicit cash is usually laundered through decentralized and centralized exchanges before it is cashed out.
Crypto scams on the rise
The most important attacks in 2024 includes WazirX, which lost $235 million on a vulnerability in its multi-sig wallet system in one of the largest hacks of the year.
DMM Exchange was hacked and lost $305 million when attackers compromised a private key in the platform’s Bitcoin (BTC) hot wallet. It was another high-profile breach. Additionally, hackers compromised the devices used to access the platform, resulting in a $50 million loss for Radiant Capital, In contrast, BingX was drained of $52 million worth of funds when attackers were able to access the exchange’s hot wallets and transfer funds across multiple networks. Like this, these incidents unveil the recurring vulnerabilities of many crypto exchanges.
Recovery
However, even in the face of these losses, some progress was made in the rehabilitation effort. In 2024, approximately $1.3 billion was returned to victims, primarily on-chain detectives like ZachXBT and bug bounty programs. The first quarter of 2024 had the highest number of incidences of any quarter in the year, at 53, the study noted. The largest amount, roughly $760 million, was lost in Q3 2024, while Q4 exhibited the lowest activity and losses.