The crypto sector lost $423.9 million in Q3/2024 due to hacks and scams, a 38% decrease compared to the same period in 2023, with 45% of the total amount coming from the hack of the WazirX exchange.
Losses from hacks and scams in Q3/2024 decreased by 38% compared to the same period last year
According to the latest report from the Web3 bug bounty platform and security service Immunefi, the crypto industry in the third quarter of this year recorded losses of more than $423.9 million due to 34 security breaches (hacks) and 3 scams. This brings the total number of hacks and scams for the year to 179, with a total loss of $1.34 billion recorded YTD.
Losses from crypto hacks in Q3/2024 were $423.9 million, a 38% decrease compared to the same period last year.
The $423.9 million in losses in Q3/2024 was largely due to the Indian crypto exchange WazirX, with the hack of this exchange accounting for 45% of the total, with a loss of $235 million.
Ranking second on the list is the BingX exchange, which suffered a loss of around $52 million in a hacker attack in 09/2024. Following BingX is the DeFi protocol Penpie, which was the victim of a $27 million security breach, causing the PNP token to "plummet" after the news. Next is the Ronin bridge with $12 million, the LI.FI bridge which was drained of $10 million, Bittensor (TAO) which had its private key exposed, resulting in the loss of $8 million in assets, and 3 other names: RHO Markets, Casper Network, and Delta Prime.
List of the 10 most damaging attacks in Q3/2024 according to the Immunefi report.
Although the $423.9 million recorded in Q3/2024 is a large figure, it is 38% lower than the $685.9 million recorded in the same period last year, indicating some positive progress in the security measures of protocols in the Web3 environment. Gonçalo Magalhães, Head of Security at Immunefi, said:
"Overall, losses are trending downward... Projects are increasingly adopting robust security measures, including enhanced auditing processes, improved smart contract design, and the deployment of bug bounty programs. The community now has a larger pool of skilled security experts. The current security landscape has matured significantly compared to 2-3 years ago, reducing the exploitability for hackers."
Specifically in October 2024, the total damage from hacks and scams was $55.1 million, a 56.6% decrease compared to the $126.9 million recorded in September. However, this represents a 114% increase compared to October 2023.
Losses in October were mainly from 7 incidents, but the majority of the damage came from two projects: the $50 million hack of the DeFi protocol Radiant Capital and the $4.4 million exploit of Tapioca DAO.
BNB Chain and Ethereum continue to be the two networks most targeted by attacks in Q3/2024, accounting for 69.4% of all attacks. Notably, Ethereum had 17 targeted attacks, accounting for 47.2%. While Base had 2 attacks at 5.6%, the remaining networks Blast, Arbitrum, Solana... only had 1 attack each.
These figures reflect a change in the "preferences" of hackers' targets, as the Q2/2024 report had shown BNB Chain as the main target.
At that time, Immunefi said one of the main reasons BNB Chain was prone to rug pulls was that developers often used forked code. However, these losses have started to decline since the implementation of key upgrades such as ZhangHeng, Plato, and Hertz, which have addressed many vulnerabilities.
Compiled by Coin68
Join the discussion on the hottest DeFi issues in the Fomo Sapiens chat group with the Coin68 admins!
