Although financial losses decreased, users still lost tens of thousands and thousands of dollars to common cybersecurity exploits corresponding to address poisoning fraud.
According to blockchain security firm PeckShield, total losses from hacks and cybersecurity exploits within the crypto industry were around $76 million in December, down 60% from losses of $194.2 million in November.
There were 26 major crypto exploits in December, PeckShield said in an X post, with one user losing $50 million to an address poisoning scam. This is a kind of attack during which the threat actor sends small amounts of cryptocurrency from a wallet that could be very much like a legitimate wallet address, betting that the intended victim won’t notice the discrepancy.
Typically, the primary and last 4 characters of the addresses match, with the attacker hoping that the victim will by accident send money to the fraudulent address by choosing the compromised address from their transaction history without closely examining the complete string.
Funds were lost in crypto hacks in December. Source: PeckShield
Another user lost about $27.3 million when his private key was leaked in a multi-signature wallet hack, PeckShield said.
How to scale back exposure to common crypto exploits
PeckShield cited the Christmas Trust wallet hack, which drained $7 million of user funds from the wallet, and the $3.9 million Flow protocol hack as a number of the most notable attacks in December.
The Trust Wallet exploit affected the wallet's browser extension. Browser-based wallets are consistently connected to the web, a design feature that may increase vulnerability to certain cybersecurity threats.
Differences between hardware and software wallets. Source: Cointelegraph
Using a hardware wallet, an offline storage device much like a USB drive, to store private crypto keys is widely considered one in every of the safest storage methods for digital assets.
Users may completely neutralize the specter of address fraud by verifying every character of the goal wallet's address multiple times, quite than quickly glancing on the address or choosing it from a transaction history list.
