Private key compromises are emerging as one of crypto’s costliest attack vectors, with hackers stealing more than $17 billion across 518 recorded incidents over the past decade, according to data platform DefiLlama.

In data shared Tuesday, DefiLlama’s dashboard shows a large share of those incidents stemmed from compromised private keys, alongside phishing and other credential-based attacks.

Around 22.3% of the incidents were attributed to private key compromises through “brute force,” 18.2% to private key compromises via “unknown methods,” and 10% occurred due to phishing attacks on multi-signature wallets.

The figures add to evidence that some of the industry’s biggest losses are increasingly coming from weaknesses in…