In the second quarter of 2024, a total of $572.7 million in cryptocurrency was lost across 72 incidents due to hacks and scams. Centralized finance platforms were the primary targets of these breaches.
These losses mark a 70.3% increase from the $336.3 million lost in Q1 and a 112% rise compared to Q2 2023 when $265.5 million was stolen. Over $900 million has been lost to these illicit activities year-to-date, a 24% increase from the same period last year.
Shift in Targets
Data shows a shift in targets. In Q2, centralized finance (CeFi) platforms bore the brunt of the attacks, accounting for 70% ($401.4 million) of the losses. In contrast, decentralized finance (DeFi) platforms accounted for 30% ($171.3 million) of the quarterβs losses. This marks a change from Q1, where DeFi platforms were the sole targets of identified exploits.
Major Hacks
The two most prominent exploits in Q2 contributed significantly to the total losses, with Japanese cryptocurrency trading platform DMM Bitcoin losing $305 million and Turkish crypto exchange BtcTurk losing $55 million on June 23. These incidents alone accounted for 62.8% of the total losses. May 2024 saw the highest monthly losses in the quarter, totaling $358.5 million.
“This quarter highlights how infrastructure compromises can be the most devastating hacks in crypto, as a single compromise can lead to millions in damages,” said Mitchell Amador, founder and CEO of Immunefi.
He stressed the need for robust security measures to protect the entire ecosystem.
Why This Happened
Centralized finance platforms, which manage substantial asset pools, have become major targets due to their central repositories and security weaknesses, making them susceptible to hacks. These platforms are also growing in value, and the value of Web3 protocols, particularly Ethereum (ETH), has attracted hackers seeking easy money.
Hacks were the dominant form of loss, accounting for 98.5% ($564.2 million) of the total across 53 incidents. The DMM Bitcoin incident and similar infrastructure breaches have led to significant losses. DeFi platforms have improved their security measures in response to regulatory scrutiny, but CeFi entities are still vulnerable to cyberattacks, presenting opportunities for malicious actors.
Fraud, scams, and rug pulls accounted for only 1.5% ($8.5 million) over 19 incidents. Ethereum and BNB Chain were the most targeted networks, with Ethereum accounting for 44.4% of the exploits, followed by BNB Chain and Arbitrum at 5.6%.
The heightened regulatory scrutiny on DeFi platforms has forced them to implement stricter security measures, potentially making them more challenging targets for exploits.
In total, $26.7 million has been recovered from stolen funds in four specific situations, representing only 5% of the total losses in Q2 2024.
Stay updated on the latest developments in the cryptocurrency world with Global Crypto News.