The crypto industry has lost over $1.19 billion to hacks and scams in 2024, with CeFi exploits dominating the losses, according to Immunefi.
Points
- The crypto industry has lost over $1.19 billion to hacks and scams year-to-date.
- July alone saw $269.4 million worth of exploits.
- CeFi exploits account for the majority of the losses.
- Ethereum and BNB Chain are the most targeted networks.
- Immunefi has surpassed $100 million in ethical hacker payouts.
The crypto industry has incurred over $1.19 billion in losses due to 149 hacks and scams year-to-date, according to a report from web3 bug bounty and security services platform Immunefi. July alone saw $269.4 million in losses from 14 specific incidents, representing a 15.9% year-over-year decrease but a 90% month-over-month increase.
The majority of the losses in July came from one exploit alone: the $235 million hack on WazirX, suspected to have been carried out by North Korean hackers. The centralized Indian crypto exchange faced backlash over its “socialized loss” plan following the incident. The largest DeFi exploit in July was the $10 million loss incurred by DEX aggregation and bridging protocol LI.FI.
Hacks dominated the losses in July, accounting for 98.9% ($266.4 million) of the total, compared to cases of fraud, scams, and rug pulls at only 1.1% ($3 million). The dominance of hacks was mainly due to the WazirX exploit, with the sole CeFi attack representing 87% of July’s lost funds, contrasting with the $34.4 million lost in 13 DeFi incidents.
CeFi exploits also dominate the year-to-date losses, accounting for $636 million (53.4%) of the total from just six incidents. DeFi represents $554 million in losses (46.6%) over 143 specific incidents. Ethereum and BNB Chain were the most targeted networks, representing 71.4% of total on-chain losses. Ethereum suffered the most individual attacks with seven incidents, representing 50% of the losses on targeted chains, followed by BNB Chain with three incidents.
Immunefi has surpassed $100 million in ethical hacker and researcher payouts, resulting from over 3,000 bug bounty reports. The largest payout was a $10 million award for a vulnerability discovered in Wormhole’s cross-chain protocol. Immunefi claims to operate the largest blockchain security community, saving over $25 billion in user funds across protocols like Polygon, Optimism, Chainlink, The Graph, Synthetix, and MakerDAO from being stolen.
Explanation
- The significant financial losses due to hacks and scams highlight the ongoing security challenges in the crypto industry.
- CeFi exploits represent the majority of losses, underscoring the need for enhanced security measures in centralized exchanges.
- Ethereum and BNB Chain remain prime targets for attackers, reflecting their prominence in the crypto ecosystem.
- Immunefi’s role in identifying vulnerabilities and awarding ethical hackers emphasizes the importance of proactive security measures.
- The large payouts and savings in user funds demonstrate the effectiveness and necessity of bug bounty programs in safeguarding the crypto ecosystem.