$412 Million Lost to Hacks in Q3 2024, Yet Overall Safety Improves

Immunefi released its quarterly report on losses in the cryptocurrency sector, revealing that a total of $412 million was lost to hacks and frauds in Q3 2024. However, despite these alarming numbers, the report also highlights an overall improvement in the security situation.

Interestingly, while Decentralized Finance (DeFi) platforms were targeted more frequently, it was Centralized Finance (CeFi) that experienced the largest losses. This emphasizes the importance of self-custody for protecting digital assets.

Crypto Security Today

In its comprehensive report, bug bounty platform Immunefi provided insights into the losses suffered by the Web3 ecosystem in Q3 2024. The report shows a loss of just under $413 million, a significant amount at first glance. However, when considering that the entire industry is estimated to have $90 billion locked, these losses appear relatively light.

The report also reveals a positive trend in the security landscape, with Q3 losses representing a considerable improvement compared to previous quarters. In the preceding quarter (Q2), losses amounted to $572 million, while Q3 of the previous year saw over $685 million in losses.

This demonstrates an almost 40% decrease in losses within a year. Notably, over 99% of these losses were attributed to hacks, while incidences of fraud have notably decreased.

A notable event occurred shortly before the report was published, with BingX falling victim to a hack that resulted in a loss of $52 million. This incident alone accounted for 12% of the total losses due to hacks. Excluding the WazirX hack in July, the other 32 incidents accounted for 32% of the losses.

Growing Stability

This high number of losses in Q3 can be attributed to chance, as frauds have decreased by over 86% within a year. The overall security situation in the cryptocurrency sector is improving in various aspects. Ethereum and BNB accounted for more than half of the losses by chain, and several of the previous year’s major losers are no longer present.

Immunefi’s CEO Mitchell Amador stated, “We’re seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit. In CeFi, the biggest infrastructural issue is private key management, which is essential to maintaining the self-custody of crypto assets but is not typically subject to security audits.”

Amador’s insights shed light on the situation. DeFi losses have decreased by nearly 80%, but CeFi losses have increased by 66%. While more attempts were made to hack DeFi platforms, a few major exchange hacks accounted for the majority of successful thefts. This aligns with Immunefi’s previous warnings about infrastructure vulnerabilities being the weak point for crypto projects. As a result, self-custody is now more crucial than ever.