Financial losses from security breaches in DeFi decreased by 40% in 2024, while CeFi experienced more than double the increase, showing a stark contrast in security between the two sectors.

The decentralized finance (DeFi) sector saw a 40% reduction in financial losses due to security incidents in 2024, according to the annual 'Web3 Security Report' from blockchain security company Hacken released on November 24. This result was achieved through improvements in protocols, bridges, and advanced cryptographic measures.

In contrast, the centralized finance (CeFi) sector experienced a challenging year with security breaches more than doubling, causing losses of up to $694 million. This contrast raises questions about the security and resilience of traditional financial systems in the context of advancing blockchain technology.

DeFi strengthens security, minimizes damage

Hacken's report shows that financial losses in DeFi decreased from $787 million in 2023 to $474 million in 2024. This is a positive signal indicating that efforts to improve security in DeFi are yielding results.

In particular, bridge exploits, which were once a critical weakness of DeFi, have sharply decreased from $338 million to just $114 million. The adoption of advanced technologies like multiparty computation and zero-knowledge proofs has significantly contributed to this improvement.

Financial losses due to hacks or DeFi bridge exploits over the past 3 years. Source: Hacken

However, DeFi has not completely avoided security risks. The report indicates that access control vulnerabilities still account for nearly half of the total losses in DeFi. The Radiant Capital hack causing $55 million in damages is a typical example demonstrating that these vulnerabilities can still be exploited. This highlights the necessity for continued research and development of advanced security solutions to protect the DeFi ecosystem.

While DeFi is on track to strengthen its security system, CeFi is facing an increasingly severe situation. Financial losses from security breaches in CeFi have more than doubled compared to 2023, reaching $694 million in 2024. Centralized exchanges have become prime targets for attacks, mainly due to access control vulnerabilities, poor private key management, and weak multisig setups.

Two notable hacks targeting the DMM and WazirX exchanges in Q2 and Q3 of 2024 resulted in losses of $305 million and $230 million, respectively. Both incidents were related to private key breaches and multisig exploits, highlighting serious weaknesses in the security systems of centralized exchanges.

Mr. Dyma Budorin, co-founder and CEO of Hacken, stated that the findings from the report indicate serious gaps in the operational security of CeFi. He emphasized the importance of adopting stricter key management practices and automated monitoring systems to mitigate risks.

Financial losses of DeFi compared to CeFi over the past 3 years. Source: Hacken

The significant disparity in financial losses between DeFi and CeFi not only reflects the advancements in DeFi's security but also highlights the challenges that CeFi is facing. A report from Chainalysis stated that North Korean hackers stole over $1.3 billion in cryptocurrency assets in 2024 through 47 hacks, further underscoring the urgency of enhancing cybersecurity in both sectors.