The crypto industry saw $409 million worth of hacks in the third quarter of the year.
The quarter, spanning July, August and September saw only $3 million in fraud cases.
Ethereum and the Binance smart chain were the worst hit overall.
Defi platforms suffered more frequent hits, compared to Cefi which saw more severe hacks.
The crypto sector continues to suffer attacks from left and right, in terms of hacks.
The third quarter of the year is no different and has seen serious security challenges according to a new report from Immunefi.
Per reports, in Q3 alone, over $409 million has been siphoned off in crypto hacks.
These attacks have exposed vulnerabilities across both the Cefi and Defi sectors, as we will soon see.
Here are the biggest security highlights between July and September.
Immunefi's report showed that just like in Q1 and Q2, the hackers have been busy so far.
Within July and September, the crypto space’s malicious actors stole a staggering $409 million, with July being the harshest of all.
The month saw more than $281 million in losses, followed by September with $116 million and then August with a relatively small $15 million.
The interesting part about this is that July is the second largest month of hacks throughout the entire year, aside from May when hackers carted off a staggering $385 million.
Immunefi notes that the majority of these attacks were carried out on Defi platforms, unlike Q2 where Cefi suffered the most.
This also represents a 40% decrease in hacks, compared to Q3 2023 when hackers stole $685,970,444.
Among the biggest hacker hits of the quarter were the Singapore-based BingX and the Indian WazirX.
These two platforms alone accounted for a staggering 69.5% of the total losses.
Both were worth a combined $287 million, showing that centralized platforms are just as much on the radar as decentralized ones.
This comes even as DeFi continues to expand rapidly with over $87 billion in TVL at the end of the quarter.
Some of the major high-profile hacks contributed to the overall $409 million in losses including:
The Penipe Protocol which suffered a $27 million hack, Indodex with $22 million in losses and the Ronin network with $12 million.
Others include LI.FI Protocol with $10 million and Bittensor with $8 million.
These hacks not only resulted in massive financial losses but also showed that neither Cefi nor Defi is as safe as anyone believes.
Interestingly, while the hackers remained busy overall, the fraudsters took a breather.
The number and severity of fraud cases took a notable decline, with an 86.4% drop on a year-over-year basis.
Fraud cases now account for just 0.75% (around $3 million) of the total losses in the quarter, compared to the hacks’ 99.25%.
Interestingly while this recent $409 million is harsh, it still represents a 40% decrease compared to the same period in 2023 where around $685 million was lost across the industry.
Interestingly, while Defi platforms were hit more frequently than CeFi, the latter were attacked more harshly in terms of financial impact. This was the case with WazirX, where hundreds of millions of dollars vanished in a single-day exploit.
Interestingly, the hackers seemed to favor private key management attacks throughout the quarter, which is worth taking into account.
Finally, the two worst-hit chains were Ethereum and Binance's smart chain.
Immunefi highlights that the former saw 15 incidents representing 44.1% of the total losses.
The BNB Chain, on the other hand, saw 8 incidents which represented 23.5% of the whole.
The other 5.9% came from other chains like Blast, Solana and Arbitrum with 1 incident each.
As a follow-up, WazirX has recently been granted a four-month restructuring moratorium by the High Court of Singapore.
This means that it now has time to repay its creditors and enhance its operating protocols after the $230 million hack in July.
Nischal Shetty, the CEO of the exchange acknowledged the severity of the hack and has expressed a commitment to addressing the situation.
In a recent tweet, Shetty reassured users that the exchange is now working hard to resolve the matter.
He also highlighted WazirX’s dedication to maintaining privacy and making sure that it remains secure in the long term.
Overall, Immunefi’s report shows that despite the advances in crypto security, the industry still remains as vulnerable as ever.
It also shows that both Defi and Cefi platforms have to implement stronger security measures to bring down the severity and extent of the hacks.
For the Cefi space, recent data shows that the key areas to improve on include private key management and response plans.
Both of these are important factors when it comes to preventing large-scale hacks.
On the other hand, Defi platforms must focus on securing their protocols by writing stronger smart contracts to safeguard their TVLs.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information, but it will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.