Close to $1.4 Billion Lost to Crypto Exploits Since the Beginning of This Year
Cybersecurity company Cyvers’ released its mid-year Web3 security report, noting that the aggregate amount stolen from cryptocurrency since the beginning of 2024 is getting close to $1.4bn, with centralized exchanges (CEXs) becoming new ground zero for exploits.
The amount of money lost in the crypto space in Q2 2024 is more than $600M, representing a hundred percent increase relative to the same period in 2023. The significant increase was mainly due to a 900 percent increase in losses on CEXs, according to Cyvers.
“This quarter has witnessed a significant shift in attack vectors, with centralized exchanges (CEX) bearing the brunt of major incidents, while decentralized finance (DeFi) protocols show improved resilience,” reads the report. It was said that this may be due to assets concentrating on CEX platforms and possible lax security measures in some exchanges.
Most of the funds stolen during the period were due to access control breaches which are usually in the form of phishing attacks. About $490 million was lost to access control breaches in the second quarter alone, while not up to $70 million was lost to smart contract exploits.
Users experienced protection from decentralized finance (DeFi) protocols’ quick freeze of compromised smart contracts. However, according to Cyvers, exploit risk is still prevalent as hackers continue to discover new vulnerabilities in complex contracts. The report mentioned that cross-chain bridges are likewise becoming a remarkable attack vector, citing XBridge’s exploit which happened three months ago.
Cyvers highlighted the high-profile breach of crypto exchange DMM which occurred two months ago, reportedly due to a compromised private key, prompting losses of about $300 million. BtcTurk also recorded almost $50 million in losses due to an exploit last month.
Fortunately, more victims were able to recover stolen funds, with a 42 percent increase in the aggregate funds recovered in the second quarter of 2024 relative to the same period in 2023. However, 76 percent of the lost funds are yet to be recovered.