DeFi
Hacks and scams cost cryptocurrencies more than $573 million in the second quarter
In the second quarter of this year, the cryptocurrency industry faced significant security challenges, with losses from hacks and scams amounting to $572.7 million across 72 incidents, according to a recent report from Immunefi, a Web3 security services and bug bounty platform.
Impact on decentralized finance (DeFi) platforms
This represents a substantial 70.3% increase from the $336.3 million in losses recorded in the first quarter and more than double the $265.5 million stolen in the same quarter of the previous year.
Year-to-date losses for the year have jumped 24% to more than $900 million compared to the same period last year.
Decentralized finance (DeFi) platforms, which collectively hold nearly $100 billion in value according to data from DeFiLlama, have been heavily targeted by cybercriminals.
Crypto losses in Q2 2024. Source: Immunefi
While DeFi accounted for all of the exploits tracked by Immunefi in Q1, the focus shifted in Q2, with centralized finance (CeFi) platforms taking the majority of the financial hit.
Of the total Q2 losses, CeFi accounted for $401.4 million, or 70%, with the remaining 30%, or $171.3 million, attributed to DeFi.
Two major incidents dominated the news this quarter, together accounting for $360 million, or 62.8% of total losses.
The greatest of them was a $305 million breach of Japanese cryptocurrency trading platform DMM Bitcoin, followed by a $55 million theft from Turkish crypto exchange BtcTurk on June 23.
May was the month with the highest monthly losses, totaling $358.5 million. Despite these high losses, only $28.7 million, or 5% of the total funds stolen during the quarter, were recovered from four separate exploits involving companies like Bloom, ALEX Lab, Gala Games, and YOLO Games.
Expert insights and infrastructure compromises
Mitchell Amador, Founder and CEO of Immunefi, highlighted the devastating impact of infrastructure compromises, noting that the shift to targeting CeFi infrastructure has led to a significant increase in losses.
He stressed the importance of robust security measures across the ecosystem to avoid financial damage on such a large scale.
He said the second quarter highlighted how compromising a single piece of infrastructure could result in millions in losses, making it crucial to protect the entire ecosystem.
The vast majority of financial losses this quarter are due to computer hackswhich accounted for 98.5% or $564.2 million of the total, occurring in 53 incidents. In contrast, fraud, scams and rug pulls accounted for only 1.5% or $8.5 million, spread across 19 incidents.
The most targeted blockchain networks were Ethereum and BNB Chain. Ethereum was the hardest hit with 34 incidents, accounting for 46.6% of the total losses on these networks, while BNB Chain followed with 18 incidents accounting for 24.7% of the losses.
Other networks like Arbitrum, Blast, Optimism, Solana, Polygon, Fantom, Linea, Mantle and TON have also experienced incidents but to a lesser extent.
Immunefi’s Role in Cryptographic Security
Immunefi’s role in cryptocurrency security has become increasingly crucial. Earlier this month, the platform passed the milestone of $100 million in payments to ethical hackers and researchers over the past three years, stemming from more than 3,000 bug bounty reports.
This achievement highlights the essential role of the ethical hacking community in safeguarding the blockchain ecosystem.
Immunefi claims to operate the largest blockchain security community with over 45,000 researchers and credits these efforts with saving over $25 billion in user funds across various protocols such as Polygon, Optimism, Chainlink, The Graph, Synthetix and MakerDAO against potential theft.
The high-profile payments facilitated by Immunefi demonstrate the value of vigilance in the crypto space. The highest bounty facilitated by the platform was a $10 million reward for identifying a vulnerability in the Wormhole cross-chain protocol.
This substantial payment highlights the importance of continued monitoring and the crucial role ethical hackers play in identify and mitigate potential threats before they can be exploited by malicious actors.
The second quarter of this year highlighted continued vulnerabilities within the cryptocurrency sector, particularly within centralized financial platforms. The significant increase in losses from hacks and scams reflects the persistent and evolving threat landscape.