According to Immunefi, $409 million was lost in cryptocurrency hacks in Q3 2024, revealing flaws in both CeFi and DeFi.
According to a report released this week by Immunefi, cryptocurrency hackers are estimated to have stolen $409 million in the third quarter of 2024.
The amount shows that attacks on centralized and decentralized platforms are still ongoing, with some well-known exchanges and protocols being hit especially hard.
Crypto Hacks Lead to Massive Losses in Q3 2024
The Immunefi report highlights that over $3 million of the stolen sum was traced to hacks at Singapore-based crypto exchange BingX and Indian crypto exchange WazirX, with these incidents accounting for 69.5% of the quarter’s total losses.
With over $87 billion in total value locked in DeFi, the threat posed by hackers does not appear to be abating.
This quarter, fraud accounted for just 0.75% of total funds lost; hacks accounted for 99.25%. The number of fraud cases decreased by 86.4% in the past year.
In comparison to the same quarter in 2023, when losses of over $685 million to hackers and scammers were reported, this $409 million figure represents a 40% decrease.
Immunefi Report Exposes Major Hacks
The significant losses in Q3 2024 were caused by a number of well-publicized attacks.
There was a $27 million breach on the Penipe protocol, a $22 million loss on Indodex, a $12 million loss on Ronin, a $10 million theft on LI.FI Protocol, and a $8 million hack on Bittensor.
👨🏻💻 Cryptocurrency exchange Indodax has fallen victim to a hack, with attackers making off with approximately $22 million in digital assets. #Hack #Indodaxhttps://t.co/M4Yf6P9czg
— Cryptonews.com (@cryptonews) September 11, 2024
The growing threat of cryptocurrency hacks is highlighted by the Immunefi report, as these incidents expose crucial flaws in the CeFi and DeFi platforms.
The Growing Risk to CeFi and DeFi
CeFi was accountable for more significant losses than DeFi, with some of its attacks resulting in hundreds of millions of dollars’ worth of pilfered assets.
The CEO and founder of Immunefi, Mitchell Amador, stated, “We are seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit.”
Amador went on to say that one of CeFi’s biggest weaknesses is still private key management. “It requires rigorous key management policies, practices, and emergency plans,” she added.
Certain exchanges, like WazirX, are already moving to rebuild and recover from losses in the wake of these increasing incidents.
WazirX Takes Steps to Recover
The report is released concurrently with the High Court of Singapore’s ruling to award WazirX a four-month restructuring moratorium, allowing the business to correct its operational procedures and restore the cryptocurrency balances of impacted clients.
We are deeply grateful to the entire WazirX family for standing by us during this challenging time. Your support means the world to us, and we couldn’t do this without you 🙏❤️
— Nischal (Shardeum) 🔼 (@NischalShetty) September 26, 2024
We know the cyberattack has caused hardship for everyone, and we feel the weight of this burden… https://t.co/bMZalXttC3
“We know the cyberattack has caused hardship for everyone, and we feel the weight of this burden alongside you. Please know that we are working tirelessly to bring a faster resolution and ease the pain this has caused,” WazirX founder Nischal Shetty said in a September 26 X post.
Shetty underlined that the business is still dedicated to being open and honest with its users and earning their trust again. “As we move forward, our commitment remains strong—to ensure transparency, rebuild trust, and create a future where we emerge more resilient together.”