Web3 cybersecurity company Cyvers has found that losses to hacks and scams have skyrocketed in the cryptocurrency ecosystem in 2024. Losses in the first three quarters of the year have reached an all-time high of $2.1 billion and already exceeded the total losses in 2023.
Centralized finance (CeFi) operators were hit harder than decentralized finance (DeFi) operators, with a 984% year-on-year increase in the three quarters of 2024. Much of that came in the second quarter of the year when $401 million was lost.
The bad guys were busy in Q2
The Q2 losses came predominantly from five incidents. The largest of those was the hack of Japanese exchange DMM, which netted $305 million in Bitcoin (BTC) through a private-key hack. Turkish exchange BtcTurk was in second place that quarter with a loss of $55 million.
Cyvers said in a preview of its third quarter report provided exclusively to Cointelegraph:
“The surge in CeFi vulnerabilities underscores the need for improved access control mechanisms and regulatory oversight.”
Losses in the DeFi sector dropped 25% year-on-year in Q2, “reflecting a more resilient ecosystem.” Still, losses came to $171.3 million from 62 incidents, mainly concentrated on Ethereum and the BNB Smart Chain:
“DeFi remains vulnerable due to the complexity of smart contracts and decentralized protocols.”
Overall, more bad actors targeted DeFi than CeFi. In the first three quarters, $1.6 billion was lost to access control vulnerabilities across 51 incidents, compared to $742.6 million in 16 incidents in the same period of 2023.
Smart contract vulnerabilities cost $380.4 million in 79 incidents in 2024, down from $429.6 million lost in 28 incidents in the same period of 2023.
Related: Telegram bot Banana Gun to absorb $3M loss from hack
Crypto must be proactive in tackling emerging threats
The crypto industry must face its security threats proactively, Cyvers urged. Emerging risks like artificial intelligence-driven attacks and quantum computing vulnerabilities need to be addressed with cross-chain security protocols, real-time threat detection technologies and regulatory frameworks.
Global regulators such as the International Organization of Securities Commissions should prioritize those security efforts, the company added.
Magazine: Bankroll Network DeFi hacked, $50M phisher moves crypto on CoW: Crypto-Sec