Last updated:
An estimated $409 million was stolen by crypto hackers in the third quarter of 2024, Immunefi revealed in a report this week.
The amount reflects ongoing attacks on both centralized and decentralized platforms, with some prominent exchanges and protocols hit particularly hard.
Crypto Hacks Lead to Massive Losses in Q3 2024
The Immunefi report highlights that over $3 million of the stolen sum was traced to hacks at Singapore-based crypto exchange BingX and Indian crypto exchange WazirX, with these incidents accounting for 69.5% of the quarter’s total losses.
As DeFi continues to grow, with over $87 billion in total value locked, the threat from hackers shows no signs of slowing.
This quarter saw hacks account for 99.25% of total funds lost, while fraud represented just 0.75%. Fraud cases saw a notable decrease year over year, dropping by 86.4%.
This $409 million figure represents a 40% decrease from the same quarter in 2023, which recorded losses of over $685 million to hackers and fraudsters.
Immunefi Report Exposes Major Hacks
Several high-profile attacks in Q3 2024 contributed to the immense losses.
Penipe protocol suffered a $27 million breach, Indodex faced a $22 million loss, Ronin lost $12 million, LI.FI Protocol saw $10 million stolen, and Bittensor experienced an $8 million hack.
The Immunefi report underscores the growing threat of crypto hacks, with these incidents revealing critical vulnerabilities across both CeFi and DeFi platforms.
The Growing Risk to CeFi and DeFi
While DeFi saw a higher number of incidents, CeFi was responsible for more severe losses, with some individual attacks leading to hundreds of millions of dollars in stolen assets.
“We’re seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit,” said Mitchell Amador, Immunefi founder and CEO.
Amador further explained that private key management remains one of the biggest vulnerabilities in CeFi. “It requires rigorous key management policies, practices, and emergency plans,” she added.
In response to these mounting incidents, some exchanges like WazirX are already taking steps to recover from losses and rebuild.
WazirX Takes Steps to Recover
The report coincides with the High Court of Singapore’s decision to grant WazirX a four-month restructuring moratorium, giving the company time to restore affected clients’ crypto balances and adjust its operating protocols.
“We know the cyberattack has caused hardship for everyone, and we feel the weight of this burden alongside you. Please know that we are working tirelessly to bring a faster resolution and ease the pain this has caused,” WazirX founder Nischal Shetty said in a September 26 X post.
Shetty emphasized that the company remains committed to transparency and rebuilding trust with its users. “As we move forward, our commitment remains strong—to ensure transparency, rebuild trust, and create a future where we emerge more resilient together.”