Crypto Exploited For $1.4B This Year As Hackers Target CeFi – Report
According to cybersecurity firm Web3's mid-year security report, the total amount of crypto funds stolen this year is approaching $1.4 billion, as centralized exchanges emerge as new ground zero for exploitation.
In the year In the second quarter of 2024, total crypto losses exceeded $600 million, a 100% increase from the same period last year. Disrupted funds are mainly due to a 900% increase in centralized exchange losses, the report said.
“This quarter has seen a significant change in attack vectors, with Central Exchange (CEX) bearing the brunt of major incidents, while decentralized finance (DeFi) protocols are showing improved resilience,” the report said. “This trend may be due to the accumulation of assets in centralized platforms and security measures that can be delayed on some exchanges.”
Access control breaches — often in the form of phishing attacks — accounted for the majority of stolen funds, about $490 million in Q2 alone, Syvers said. That figure dwarfs the losses of smart contract exploits, which have flowed in at just under $70 million.
Decentralized finance (DeFi) protocols have protected users from swift action to end compromised smart contracts, but Sievers warned that the threat of exploitation remains as hackers find new vulnerabilities in complex contracts. Cross-chain bridges are also becoming an important attack vector, the report said, citing the $1.44 million XBridge exploit in April.
Related: Crypto Losses Reach $1.19B in H1 2024: CertiK Calls for Better Security
A high-profile breach of Japanese currency exchange DMM in May had a significant impact on Cyberspace's Q2 data. The hack, which was allegedly caused by a secret private key, cost more than $300 million. Another notable example is Turkish cryptocurrency exchange BtcTurk, which lost around $50 million to hackers in June.
The report revealed that victims are having more success than ever in recovering lost funds. Total revenue grew 42 percent in Q2 compared to the same period last year. Still, the vast majority of lost funds—76%—were never recovered.
Web3 users should be wary of emerging threats from artificial intelligence and quantum computing, which could give hackers sophisticated new tools to bypass onchain security measures, Syvers said.
Magazine: Crypto-Sec: Phisher Follows Hedera Users, Address Poison Gets $70K
