The losses in the centralised finance sector (CeFi), doubled by 2024. Meanwhile, projects on the market for decentralised financing (DeFi), showed improved security against breaches.
Hacken, a Web3-affiliated security company, revealed that hacks cost over $2.3 billion in the crypto sector. CeFi suffered the greatest losses, compared with other categories such as Gaming/Metaverse and wallet/user.
Source: Hacken
CeFi’s value nearly doubled from 339 to 694 millions in 2024, a drop of 40% in DeFi losses from 2023.
CeFi has a distinct advantage over the other sectors in the first half of this year, thanks to high-profile breaches on the market.
The top two CeFi hacks for the year.
-
DMM Bitcoin
The Japanese DMM Bitcoin cryptocurrency exchange recorded the largest losses in 2024, after hackers sucked out roughly $304million from its platform following the compromise of the private keys.
-
WazirX
After bad actors stole $230 million in user funds from WazirX’s hot wallet, the July hack shook local markets.
Hackers were able to access 4 out of 6 required signatures to complete a transaction. This allowed them to convert the wallet into a malicious contract.
The security of DeFi is growing stronger
Hacken claims that the DeFi industry has benefited from the innovations in the Multiparty Computation (MPC), Zero-Knowledge Proofs (ZKPs), as well as the improved security of bridges, which have reduced vulnerabilities.
ZKPs, for example, allow Blockchain networks to verify transactions while avoiding revealing sensitive information.
Despite this, attackers have still been able to attack several DeFi platforms.
The top two DeFi hacks for the year.
-
Radiant Captial
In mid-October, hackers targeted the DeFi Protocol and infected the computers of some developers of the project with malware. They then intercepted transactions and altered them to steal $55,000,000 worth of assets.
-
Orbit Bridge
Early January, several wallets with multi-signature signers were compromised. The attackers were able to bypass the security checks, and approve malicious transactions. This resulted in the thefts of approximately $80,000,000 worth of assets.
The biggest risk to private key theft is the theft of keys.
Private key theft was the biggest threat in 2024 to the crypto-industry. Major exploits on both DeFi (Digital Currency) and CeFi (Crypto Exchanges) were caused by compromised private keys, and weak multisignature wallets.
The saying goes: “Not your keys and not your crypto.”
The percentage of attacks originating from exploits for access control has increased compared with the prior year.
In 2023, roughly 50% of hacks occurred due to compromised private keys and poor access controls. This year the number jumped to 75%.
Leaks of private keys have always led to substantial financial losses.
A report by security company PeckSheild claims that it caused losses of $7.2 Million in just November.
CertiK reported $343.1 Million in losses caused by 65 incidents of leaked private keys in Q3 2024.
The report Crypto hacking losses will double across Centralised Finance Platforms in 2024 – Report may change as new information is released