Ethereum News, All news

Ethereum Was 50% of $2.3B Lost to Hacks in 2024

Posted on by CryptoCoinstart News Report
Ethereum Was 50% of $2.3B Lost to Hacks in 2024
17
Jan
ba1

Web3 Security in 2024: $2.3 Billion Stolen, Ethereum the Major Target

The Web3 space experienced significant security breaches in 2024, with bad actors stealing approximately $2.3 billion from various projects. Ethereum-based platforms accounted for more than half of the total losses, according to the latest State of Web3 Security in 2024 report from Cyvers. This report highlights the growing vulnerabilities in decentralized platforms and urges for stronger security measures to protect user assets.

Ethereum: The Leading Blockchain Targeted by Hackers

Ethereum, being the leading blockchain for decentralized finance (DeFi), bore the brunt of the thefts, with more than 51% of the stolen funds originating from Ethereum-based projects. This is largely due to Ethereum’s significant liquidity and dominance in the DeFi space, making it an attractive target for malicious actors.

The report also identified other blockchains targeted by hackers, with the following breakdown of losses:

  • BNB Chain: 24% of stolen funds.
  • Bitcoin: 5% of stolen funds.
  • XRP: 4% of stolen funds.
  • Arbitrum: 3% of stolen funds.

Major Vulnerabilities: Access Control and Smart Contract Loopholes

The Cyvers report identified access control failures as the leading cause of losses in Web3, accounting for a staggering 81% of the total funds stolen. These failures were often due to weak authentication mechanisms and improper permission controls, leaving user assets vulnerable to exploitation.

In addition to access control issues, smart contract vulnerabilities contributed to 19% of the thefts. These vulnerabilities allowed hackers to exploit coding loopholes, siphoning off funds from decentralized platforms and projects.

Top 3 Biggest Web3 Hacks of 2024

The three largest hacks in 2024 involved multi-million dollar breaches, with the following projects being the hardest hit:

  • DMM Bitcoin: $305 million stolen due to access control flaws.
  • PlayDapp: $290 million lost in a breach linked to poor security protocols.
  • WazirX: $235 million taken in an attack stemming from inadequate access control mechanisms.

Other significant breaches included the exploit of Ethereum-based Muchables, which lost $97 million due to smart contract vulnerabilities, and address poisoning attacks that accounted for $68 million in stolen funds.

Crypto Losses in 2024: Growing Threats and Recovery Challenges

The frequency and severity of crypto losses increased throughout 2024, with the third quarter being the most damaging, accounting for a total of $669 million in stolen funds. In contrast, the fourth quarter saw fewer incidents, with $130 million in losses.

Efforts to recover stolen assets yielded mixed results. The first half of 2024 saw $620 million recovered in Q1 and $562 million in Q2. However, recovery efforts drastically slowed in the latter half of the year, with only $93 million recovered in Q3 and a meager $25 million in Q4.

The report noted that early intervention can significantly aid in recovering stolen assets, but delays in response often result in funds being lost permanently before authorities and security teams can act.

Recommendations for Enhancing Web3 Security

To counter the rising threat of Web3 security breaches, Cyvers recommended several proactive measures, including:

  • Continuous Monitoring: Implementing ongoing monitoring of decentralized networks to identify vulnerabilities in real-time.
  • Real-Time Vulnerability Testing: Regularly testing platforms for potential weaknesses and patching them before they are exploited.
  • AI-Powered Detection: Using artificial intelligence to detect and mitigate suspicious activities and vulnerabilities in real-time.

The report also highlights the need for standardization across the Web3 ecosystem to ensure that security protocols are implemented consistently and effectively across different projects.

Web3 Hacks and Scams: A Surge in 2024

In a related report, Web3 security firm PeckShield noted a 15% increase in crypto hacks and scams in 2024, with decentralized finance (DeFi) protocols being the biggest targets. This surge underscores the ongoing vulnerabilities in the Web3 ecosystem, especially within the DeFi space, where funds are often more exposed to potential exploits.

As the Web3 space continues to evolve and attract new participants, it is crucial for projects and platforms to prioritize security measures to safeguard user assets and prevent further losses.

CryptoCoinstart News Report