Centralized financial platforms (CeFi) have become a new target for hackers, leading to losses of $1.4 billion in 2024, according to a Cyvers report. This alarming increase shows the security vulnerabilities of centralized exchanges compared to decentralized platforms.

The cryptocurrency market is witnessing a worrying shift as hackers turn their attention to attacking centralized financial platforms (CeFi). According to Cyvers' mid-year Web3 security report, attacks against CeFi caused about $1.4 billion in losses in 2024, a ninefold increase over the same period last year.

Centralized Exchanges: New Hotspot for Cryptocurrency Hacks

This spike shows that centralized exchanges are becoming a new hotbed for cybercriminal activity. The reason is said to be due to the large concentration of digital assets and potential security holes on these platforms. In contrast, the report indicates that decentralized finance (DeFi) protocols are showing improved resilience against attacks.

Cyvers report shows that losses from attacks on centralized financial platforms (CeFi) skyrocketed 900% in the second quarter, pushing total losses in the cryptocurrency sector to more than $600 million. Phishing attacks, a form of access control breach, were responsible for about $490 million stolen in the quarter alone. This figure far exceeds the loss of less than $70 million due to smart contract attacks during the same period.

“This quarter saw a significant shift in attack vectors, with CeFi hit hard by large-scale attacks, while DeFi showed more resilience,” the report said. Cyvers stated. This highlights the importance of strengthening cybersecurity at centralized exchanges to prevent further losses in the future.

Evolving attack vectors and mitigation efforts

Despite the increase in attacks on centralized exchanges, DeFi protocols have shown remarkable resilience, by quickly freezing compromised smart contracts and protecting users . However, Cyvers warns that the risk of exploitation remains significant as hackers continue to discover new vulnerabilities in complex contracts.

Cross-chain bridges have emerged as a notable attack vector. In April, XBridge was hit for $1.44 million, illustrating the growing threat. High-profile breaches also significantly impacted Q2 data, such as the $300 million hack of Japanese cryptocurrency exchange DMM, which was attributed to compromised private keys. Another significant breach involved Turkish cryptocurrency exchange BtcTurk, which lost approximately $50 million to hackers in June.

Despite these incidents, victims have had more success in recovering lost funds, with a 42% increase year-on-year. However, a large portion of the stolen money – about 76% – has not yet been recovered.

Looking to the future, Cyvers warns of new threats from artificial intelligence (AI) and quantum computers. These technologies could equip hackers with sophisticated tools to bypass onchain security measures, posing new challenges for Web3 users and the broader cryptocurrency industry.