A staggering $409 million was lost to cryptocurrency hacks in the third quarter of 2024, according to a recent report by blockchain security firm Immunefi. The report highlights the ongoing threat of cyberattacks targeting both centralized (CeFi) and decentralized finance (DeFi) platforms, with some high-profile exchanges and protocols suffering substantial losses.
Massive Crypto Losses in Q3 2024
The Immunefi report revealed that prominent crypto exchanges, including Singapore-based BingX and India’s WazirX, were particularly affected, with their hacks contributing to 69.5% of the quarter’s total losses. Despite a significant growth in DeFi, which now holds over $87 billion in total value locked, the space continues to be a primary target for hackers.
Notably, hackers accounted for 99.25% of the total losses during the quarter, with fraud cases dropping to just 0.75%. This marks a dramatic decrease in fraud-related incidents, down 86.4% from the previous year. While the $409 million lost to hackers in Q3 2024 is considerable, it represents a 40% drop from Q3 2023, which saw losses exceed $685 million.
Major Hacks Highlighted in the Report
Several high-profile hacks contributed significantly to the losses in Q3 2024. The Penipe protocol alone faced a $27 million breach, while Indodax, a major crypto exchange, lost $22 million. Other victims included the Ronin network ($12 million), LI.FI Protocol ($10 million), and Bittensor ($8 million).
The report underscored the increasing sophistication of hackers and the vulnerabilities that persist across both CeFi and DeFi platforms. Despite fewer incidents occurring in CeFi, these platforms often experienced more severe losses compared to DeFi, with individual attacks resulting in hundreds of millions in stolen assets.
CeFi vs. DeFi: The Growing Risk Landscape
Mitchell Amador, founder and CEO of Immunefi, noted the growing risk to both CeFi and DeFi, explaining that while DeFi is more frequently targeted, CeFi platforms suffer more devastating financial consequences. Amador emphasized that inadequate private key management remains a critical vulnerability for centralized exchanges, calling for more robust policies and emergency plans to safeguard digital assets.
WazirX’s Recovery Efforts
One of the most affected platforms, WazirX, has begun taking steps to recover from its losses. The report coincides with a decision by Singapore’s High Court to grant the exchange a four-month restructuring moratorium. This move allows WazirX to restore affected clients’ balances and refine its operational protocols.
WazirX founder Nischal Shetty expressed gratitude to the platform’s user base, acknowledging the difficulties caused by the hack. “We know the cyberattack has caused hardship for everyone, and we feel the weight of this burden alongside you. Please know that we are working tirelessly to bring a faster resolution and ease the pain this has caused,” Shetty said in a social media post on September 26.
Shetty reiterated WazirX’s commitment to transparency, trust-building, and resilience as the company moves forward in the wake of the cyberattack.
Conclusion
The Q3 2024 report from Immunefi serves as a stark reminder of the persistent security challenges in the crypto industry. With $409 million lost to hackers in just three months, it’s clear that both CeFi and DeFi platforms must continue to prioritize security and adopt stronger preventive measures to protect their users and assets.