$3 Billion Lost to Crypto Hacks in 2024
Blockchain security had another tumultuous year in 2024, with close to $3 billion lost to crypto-related hacks, according to the latest research from Hacken. Though the aggregate financial damage was on par with 2023, the trend of vulnerabilities exploited was worrisome. The hackers increasingly targeted access control mechanisms-a class of flaws that enable unauthorized access to systems and data.
Access Control Flaws Dominate Hack Losses
Data from Hacken indicated that 78% of the losses from this year came from access control vulnerabilities. Access control vulnerabilities took center stage this year, from DeFi and CeFi to gaming/metaverse platforms.
By distribution, DeFi platforms accounted for 20.4% of total losses as protocols remained a juicy target for attackers looking to exploit weak points in smart contracts and liquidity pools. CeFi breaches accounted for 30% of the year’s losses, reflecting continued threats to centralized exchanges and wallet providers. Meanwhile, gaming and metaverse platforms suffered $389 million in damages, or about 20% of all crypto hack losses.
Cross-Chain Bridge Hacks Shrink
On a positive note, one of the key positive metrics in the report was a significant decrease in losses associated with cross-chain bridges. According to the report from Hacken, there were only $117 million in damages in this category, from $330 million in 2023 and $1.9 billion in 2022. What this really suggests is very positive growth in the security of cross-chain protocols, which had hitherto been among the most active vulnerabilities of late.
DNS Hijacking Increases, Reveals New Emerging Threats
While the report showed some positive changes in specific areas, it also pointed out one disturbing trend: DNS hijacking attacks, where hackers redirect traffic from legitimate platforms to fake ones. This underlines the need for comprehensive and changing security strategies to outbalance emerging threats.
He said that Hacken’s findings are based on data from verified reports, post-mortems, and social platforms like X, ensuring a robust and reliable analysis of the year’s security landscape.
