Crypto hacks reach $2.1B in 2024 with CeFi hit hardest

In 2024, the cryptocurrency ecosystem experienced a significant rise in hacks and scams, with losses surging to $2.1 billion, according to a report from Web3 cybersecurity firm Cyvers.

This marks an all-time high for the first three quarters of the year and already surpasses the total losses recorded in 2023.

Centralised finance (CeFi) operators were hit harder than decentralised finance (DeFi), with a staggering 984% year-on-year increase.

Most of the damage came in the second quarter, where $401 million was lost.

The largest incident was the $305 million hack of Japanese exchange DMM, followed by a $55 million loss from Turkish exchange BtcTurk.

Cyvers emphasised the need for stronger access control mechanisms and regulatory oversight to curb the growing vulnerabilities in CeFi platforms.

"CeFi vulnerabilities underscore the need for improved access control mechanisms and regulatory oversight," Cyvers stated in its preview of the third-quarter report.

While the DeFi sector saw a 25% drop in losses compared to the previous year, the space remains vulnerable due to the complexity of smart contracts and decentralised protocols.

Despite the drop, DeFi suffered $171.3 million in losses across 62 incidents, primarily targeting Ethereum (CRYPTO:ETH) and the BNB Smart Chain (CRYPTO:BNB).

In the first three quarters, $1.6 billion was lost due to access control vulnerabilities in DeFi, with 51 major incidents compared to CeFi’s 16 incidents, which caused $742.6 million in losses.

Smart contract vulnerabilities also contributed to the losses, costing $380.4 million in 79 incidents.

Cyvers urged the industry to proactively address emerging threats like AI-driven attacks and quantum computing vulnerabilities by enhancing cross-chain security and real-time monitoring.

Global regulators, including the International Organization of Securities Commissions, were called upon to prioritise these security efforts.