Hackers Target Centralized Exchanges, Immunefi Reports
Analytical firm Immunefi has released a new quarterly report on fraudulent activities and hacking attacks in the cryptocurrency sector. The data revealed might alter existing views on the security of crypto platforms.
The damage inflicted by hackers and fraudsters on the crypto industry has significantly increased. Total losses in Q2 2024 soared to an astonishing $572.7 million, marking a 112% increase from the same period last year.
The pattern of losses has also shifted significantly compared to Q2 2023. Criminals are now earning less from direct fraud but have substantially increased their profits from tampering with protocol codes, accounting for 98.5% of the total loss volume. Last year, this figure demonstrated an inverse ratio of 20/80.
Trends indicate a rise in hacks and a decline in crypto scams. Source: immunefi.com
The main focus of recent security breaches has shifted to CeFi platforms, rather than DeFi as seen in previous years. According to the latest study, CeFi platforms incurred losses of $401.4 million, while decentralized protocols suffered $171.3 million in damages.
Much of the asset extraction by hackers resulted from developer negligence, leaving exploitable gaps in protocol security.
CeFi vs. DeFi breaches. Source: immunefi.com
Asian CEXs, particularly the Japanese crypto exchange DMM Bitcoin ($305 million) and the Turkish exchange BtcTurk ($44.6 million), bore the brunt of these attacks. Their breaches accounted for 62.8% of the total losses for the second quarter of 2024.
This trend underscores the justification for the stringent regulations imposed on crypto exchanges by the U.S. and Europe, highlighting the critical need for enhanced user asset protection.
Major breaches occurred at DMM Bitcoin and BtcTurk. Source: immunefi.com
Ethereum remains the most targeted blockchain, followed by BNB Chain and Arbitrum.
A common cause of vulnerability is the careless approach to smart contract creation. Beginners often use standard, yet vulnerable templates, and many developers simply copy open-source code without verifying its security.
Ethereum leads in the number of hacking attacks. Source: immunefi.com
Analysts noted that only 5% of the stolen funds have been recovered, representing the lowest recovery rate observed in the study's history.
This quarter highlights how infrastructure compromises can be the most devastating hacks in crypto, as a single compromise can lead to millions in damages. This was evident during this quarter, where losses surged primarily due to hacks targeting CeFi infrastructure, surpassing DeFi, despite a smaller number of hacks in that sector. Robust measures to safeguard the entirety of the ecosystem are crucial.Mitchell Amador, founder of the research firm Immunefi, commented