Crypto hack and fraud-related losses decreased in Q3 2024, though Ethereum (ETH) remained the most targeted smart contract platform, according to a report by Immunefi.
Losses Primarily Due To Centralized Exchange Hacks
Immunefi has released its 2024 Q3 report, detailing the specifics of cryptocurrency-related hacks and losses during the quarter. The report notes two major exchange hacks, WazirX in July 2024, and BingX in September 2024, which collectively accounted for 69.5% of all funds lost in Q3 2024, totalling $287 million.
Notably, both WazirX and BingX are centralized exchanges, and lost funds to the tune of $235 million and $52 million, respectively. Centralized finance (CeFi) platforms were responsible for 74.8% of all successful exploits during the quarter, compared to decentralized finance (DeFi) platforms accounting for 25.2% of lost funds.
It’s worth highlighting that although CeFi platforms witnessed only three incidents, they lost funds worth $309 million in Q3 2024. In contrast, DeFi platforms suffered $104 million in losses across 31 incidents during the same period. Compared to Q3 2023, DeFi losses have dropped by 79.2%, while CeFi losses are up 66.4%.
Commenting on the disparity between CeFi and DeFi incidents, Mitchell Amador, Founder and CEO at Immunefi remarked:
We’re seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit. In CeFi, the biggest infrastructural issue is private key management, which is essential to maintaining the self-custody of crypto assets but is not typically subject to security audits. It requires rigorous key management policies, practices, and emergency plans.
Further, the report sheds light on losses from both crypto hacks and frauds. Compared to Q3 2023, losses due to crypto hacks and frauds fell by 38.2% and 86.4%, respectively, in Q3 2024.
Ethereum Reigns Supreme As Hackers’ Favorite Blockchain
The report emphasizes that Ethereum and Binance Chain (BNB) were the two most targeted smart contract platforms in Q3 2024. While Ethereum suffered 15 incidents, representing 44.1% of the total losses across targeted networks, Binance Chain was responsible for 23.5% of the losses with 8 incidents.
Coinbase’s Base chain ranked third with 5.9% of losses across different blockchains. Other targeted blockchains include Blast (BLAST), Solana (SOL), and Ethereum layer-2 scaling solution Arbitrum (ARB), with one incident each.
Attacks on layer-2 scaling solution-based protocols aren’t surprising, given how nascent they are and the limited security infrastructure they possess. Earlier this year, Emin Gün Sirer, co-founder of Avalanche (AVAX) blockchain warned about the red flags to watch out for in new layer-2 projects.
The increasing frequency of hacks and frauds in the crypto space underscores the critical role of white-hat and gray-hat hackers, as seen in the recent incident involving the DeFi protocol Rho Markets. At press time, Bitcoin (BTC) was trading at $64,650, up 1.3% in the past 24 hours.