KUALA LUMPUR (Dec 27): Artificial intelligence (AI)-powered phishing scams, BRC-20 (an experimental fungible token standard using ordinal inscriptions) exploits, and new smart contract vulnerabilities are among the biggest threats that crypto projects and investors will likely face in 2024, according to blockchain security firms.

In a report on Wednesday, crypto industry portal Cointelegraph said that while the US$1.7 billion (RM7.88 billion) in scam and hack-related losses in 2023 stands as an undeniable improvement from the US$4 billion lost in 2022, Jesse Leclere, a blockchain analyst from CertiK, warned that scams are only becoming more advanced, and users should remain hyper-vigilant for well-executed exploits.

“Phishing, evolving in its sophistication, will likely target not only individual users, but also corporate systems...using social engineering tactics tailored to the crypto context,” said Leclere, pointing to the Dec 14 Ledger Connect exploit as a prime example of an advanced attack.

One of the key elements that will see phishing scams become more nefarious is the use of generative AI, he added, allowing hackers to automate operations and create convincing fake calls, videos, and messages through which to ensnare potential victims.

Meanwhile, Jenny Peng, a research analyst from 0xScope, warned that AI could form a key component in generating ever-more realistic “deep fakes” to fool crypto users.

Peng added that hackers are likely to also give the burgeoning BRC-20 ecosystem “extra attention” next year, due to a relative lack of developments in security.

“The BRC-20 UniSat wallet launched in early 2023 was promptly hit with a double-spend exploit.

“This incident showed that the BRC-20 ecosystem, where everything is new, will need to evolve its infrastructure quickly to be as battle-tested as Ethereum security-wise,” she added.