DeFi and CeFi present two different situations.
According to the latest report 'The Hacken 2024 Web3 Security Report' released by the blockchain security company Hacken, the total losses caused by hacks to decentralized finance (DeFi) protocols have significantly reduced this year, down 40% compared to last year. However, the cybersecurity situation of centralized finance (CeFi) platforms is not optimistic, with related losses not decreasing but instead doubling compared to last year.
In terms of numbers, DeFi accounted for approximately 20.4% of the overall losses from hacker attacks in the cryptocurrency market, while CeFi accounted for 30%. Although DeFi still faces cybersecurity challenges in total amounts, losses have decreased from $787 million last year to $474 million now; in contrast, CeFi losses surged from $339 million last year to $694 million, showing a significant disparity.
CeFi is severely impacted, with both DMM Bitcoin and WazirX falling victim.
Among the many CeFi attack incidents, the DMM Bitcoin hack that occurred in May this year was the most severe, resulting in a loss of about $305 million in a single incident. After successfully obtaining a large amount of Bitcoin, the attacker transferred over 4,500 Bitcoins to unknown addresses and subsequently concealed the flow of funds through multiple hops. Another event that severely impacted the CeFi market was a malicious contract upgrade attack on the cryptocurrency exchange WazirX in the third quarter, leading to about $240 million in assets being stolen. The hacker obtained the signatures of three signatories of the exchange and the third-party manager Liminal, leading to the upgrade of the cold wallet into a contract with malicious code, successfully stealing a large amount of user funds.
In contrast, while DeFi also faces significant incidents, such as Radiant Capital being hacked for over $55 million, the overall losses have stabilized and declined compared to previous years. The report points out that the optimization of fund management and access mechanisms, along with the prevalence of multi-sign contracts or audits, may be one of the reasons for the significant reduction in DeFi losses. However, hacker methods are continuously evolving, especially as 'access control vulnerabilities' still threaten DeFi projects. Strengthening private key management, implementing hardware security, and multi-layer permission settings remain urgent tasks for each protocol.
Total cryptocurrency losses exceed $2.3 billion, with access control vulnerabilities at the top.
The report also states that in 2024, the total losses in the cryptocurrency market due to hacker attacks reached $2.9 billion, about 58% of which were related to 'Access Control vulnerabilities'. These types of attacks allow criminals to quickly steal assets by stealing or abusing private keys, executing malicious contract upgrades, and more. Hacken also pointed out that phishing scams have taken over $600 million this year, including forms such as celebrity endorsement scams and presale scams. It is evident that outside of DeFi and CeFi, the entire industry still faces countless theft and fraud methods.
Source: Hacken, total losses in the cryptocurrency market due to hacker attacks reached $2.9 billion in 2024.
The results of this report show that although DeFi's cybersecurity performance has improved compared to last year, investors and developers still need to stay alert; on the other hand, the risks of CeFi are more pronounced. Various centralized exchanges, if they do not implement multi-signature, contract auditing, and monitoring properly, may face large-scale fund theft. Hacken finally calls for each platform to continuously strengthen basic security, adopt hardware wallets or multi-sign models, and enhance internal monitoring and auditing mechanisms to truly protect users' assets in the increasingly mature cryptocurrency market.
If you are also worried about encountering fraud and don’t know what to do, feel free to click here to view (Cryptocurrency Fraud Self-Help Guide).
[Disclaimer] The market has risks; investment should be cautious. This article does not constitute investment advice, and users should consider whether any opinions, views, or conclusions in this article align with their specific situation. Investing based on this is at your own risk.
The article 'Centralized vs Decentralized: Which is Safer? CeFi Has Been Hacked for Much More Than Last Year, While DeFi Has Improved' was first published on 'Cryptocurrency City'.
