Crypto losses spiked by 1163% over April

Crypto losses in April soared by a staggering 1,163% from the previous month, with the majority of the stolen funds being drained from an elderly US individual's wallet in a single heist, according to blockchain security firm CertiK.

In an April 30 X post, CertiK disclosed that a total of $364 million was stolen across various exploits, hacks and scams last month, a sharp increase from the $28.8 million recorded by the firm in March.

However, CertiK noted that white hat exploiters returned around $18.2 million from exploits on the crypto protocols KiloEx, Loopscale and ZKsync, which would have brought down April’s total.

The largest hack in April, and the fifth largest to date, involved an elderly US individual who lost 3,520 Bitcoin (BTC), valued at $330.7 million, from their wallet after a hacker used advanced social engineering tactics to gain access on April 30.

Excluding that attack, April’s crypto losses were $34 million, a 21% increase from March.

CertiK stated that phishing scams, largely driven by the Bitcoin heist, were the main culprits for the majority of the losses, while social engineering, access control hacks and price manipulation exploits rounded out the top four types of attacks that stole the most value.

February still has the most significant number of crypto losses for the year so far, with $1.53 billion. Most of that was from the $1.4 billion Bybit hack by North Korea’s Lazarus Group, which also holds the crown for the largest crypto hack ever.

Hackers return some funds

Over $18 million was returned for the month. Decentralized exchange KiloEx suspended platform operations after suffering a $7.5 million exploit; however, on April 15, the exploiter returned all of the stolen funds, only four days after the attack.

The ZKsync Association also recovered $5 million of stolen tokens from an April 15 security incident that affected its airdrop distribution contract.

Related: Crypto hackers hit DeFi for $92M in April as attacks double from March

Meanwhile, DeFi protocol Loopscale had half of the funds stolen during a major exploit on April 26 returned. Malicious actors manipulated the RateX PT token pricing functions on the protocol to steal $5.7 million in USDC (USDC) and 1,200 Solana (SOL).

Losses to crypto scams, exploits and hacks were declining in the final days of 2024, with December registering the smallest amount stolen at $28.6 million, compared to $63.8 million in November and $115.8 million in October.