Cryptocurrency hacks and fraud escalated in the second quarter of 2024. Losses nearly doubled compared to the same period last year.
Immunefi, a crypto bug bounty platform, reported $509 million in losses. This marks a 91% increase from Q2 2023.
May 2024 saw record-breaking losses of $107 million. June losses decreased to $78 million across 12 incidents. This represents a 27% drop from June 2023's $107 million.
DMM Bitcoin, a Japanese centralized exchange, suffered the largest loss. Hackers stole $305 million. The exchange has since implemented customer reimbursement measures.
Other significant exploits targeted BtcTurk, Hedgey, Lykke, Gala Games, and SonneFinance. These attacks resulted in combined losses of $164.2 million.
Centralized crypto financial institutions bore the brunt of successful attacks. They accounted for two-thirds of all incidents.
Grace Dees, a cybersecurity analyst at Resonance Security, explained the trend to Decrypt. "CEFi entities often manage larger pools of assets compared to DeFi platforms. This makes them more lucrative targets," she said.
Dees highlighted the vulnerability of centralized systems. "This centralization can create single points of failure," she noted.
Regulatory scrutiny has forced DeFi platforms to enhance security. This may have made them less attractive targets, according to Dees.
Ethereum emerged as the most exploited blockchain. It accounted for 44.4% of attacks. BNB chain followed at 25%, with Arbitrum at 5.6%.
Jonah Michaels from Immunefi explained Ethereum's vulnerability. "Ethereum is the main hub for DeFi activity and currently has the highest amount of funds locked within its ecosystem," he said.
Ethereum's connection to privacy chains facilitates quick laundering of stolen funds. This makes it an attractive target for hackers.
Only 5% of stolen funds were recovered in Q2 2024. This amounted to $26,736,000 across four specific situations.
The crypto industry faces ongoing security challenges. As the market evolves, so do the tactics of malicious actors.