📣 2024 Crypto Breaches — A Quarterly Analysis
posted 14 hr ago
Major security failures rocked the crypto world throughout 2024, with centralized and decentralized platforms falling victim to sophisticated attacks each quarter.
Renowned blockchain security auditor Hacken presents an in-depth look at the year’s major breaches. Discover the tactics used by hackers and the vulnerabilities they targeted.
Q1: PlayDapp Breach — $290 Million
In February, hackers uncovered and exploited an access management flaw in PlayDapp’s system, producing 1.8 billion PLA tokens valued at $290 million. The resulting oversupply caused a market crash for PLA, severely impacting users.
PlayDapp responded by freezing affected tokens across exchanges, suspending the compromised smart contract, and introducing a token migration plan.
The hack revealed glaring vulnerabilities and emphasized the need for enhanced access control measures in the gaming and metaverse sectors.
Share of Hacks Attributed to PlayDapp in Q1 2024. Source: hacken.io
Q2 Breach: DMM Exchange Loses $305M
In May 2024, DMM Exchange became the target of the largest Bitcoin-focused hack of the year, losing 4,502.9 BTC (worth $305 million) to anonymous wallets. The stolen cryptocurrency was scattered across numerous addresses, significantly complicating recovery attempts.
Experts point to weaknesses in private key security, flaws in signing operations, and the potential use of "address poisoning" as possible factors. The breach has prompted renewed calls for adopting stronger measures like multi-signature solutions, cold storage systems, and decentralized treasury practices.
DMM Exchange’s Role in Q2 2024 Crypto Breaches. Source: hacken.io
$230M Heist at WazirX in Q3 2024
The third quarter saw a significant blow to WazirX, where hackers exploited a multi-signature wallet system to siphon off $230 million. Despite having six keyholders, the attackers successfully manipulated the setup.
They obtained necessary approvals from three internal signatories and one external custodian, which allowed them to replace the wallet with a malicious contract, granting unrestricted access to the assets.
This incident highlights the limitations of centralized frameworks and raises concerns over the robustness of even advanced key management protocols.
WazirX’s Hack in Q3 Crypto Landscape. Source: hacken.io
More insights: WazirX Hack: Is Liminal Responsible for the Lost Funds?
Q4’s Radiant Capital Exploit — $55 Million Gone
In the last quarter of 2024, hackers stole $55 million from Radiant Capital, a lending and borrowing platform. The breach involved malware infiltrating developer devices, allowing attackers to intercept transaction approvals and manipulate the LendingPoolAddressesProvider contract for unauthorized transfers.
The attack highlights the growing sophistication of Web3 exploits, particularly those targeting development environments, raising critical concerns about platform security.
Radiant Capital’s Share of Q4 Exploits. Source: hacken.io
Explore further: Top 7 Applications in the LayerZero Ecosystem
2024’s Security Wake-Up Call
The attacks in 2024 reveal that vulnerabilities in access controls, key management, and infrastructure security remain a significant concern. The diversity of techniques deployed by hackers highlights the pressing need for holistic and anticipatory security strategies.
To navigate the challenges of an evolving Web3 landscape, the crypto industry must focus on frequent security audits, advanced cryptographic solutions, and comprehensive user training. These efforts are crucial to asset protection and fostering trust in the digital asset ecosystem.
More breaking news
More breaking news
Breaking news
📣 No Bitcoin Reserves for Japan: Here’s What the PM Said
