It looks like the DeFi community got the message.

In recent years, decentralised finance projects have been a top target for cybercriminals and hackers. And blockchain security experts have been urging the community to be more guarded.

Sure enough, DeFi hacks have fallen by a quarter In the first nine months of 2024 compared to all of 2023, according to data from TRM Labs.

It’s centralised exchanges and custodians that have been fleeced the most.

Hack hauls

The theft of $2.1 billion in digital assets in the first three quarters of 2024 has already exceeded all of 2023 by 5%, according to TRM Labs.

“We have essentially seen hack hauls double in 2024, as of September 30, compared to the same period in 2023,” Ari Redbord, global head of policy and government affairs at blockchain intelligence firm TRM Labs, told DL News.

Redbord said crypto hacks were happening at a record-setting pace reminiscent of 2022, where investors lost $3.8 billion.

According to web3 security firm Cyvers, hacking incidents involving centralised exchanges and custodians have grown about 1,000%, to $401 million, over last year.

Most of those losses came from the DMM Bitcoin Exchange breach where suspected North Korean hackes stole a staggering $305 million from the platform.

The Türkiye-based crypto exchange lost $55 million in June and other affected platforms include Lykke and Rain Exchange.

Private key leakage

Those CEX losses share a common theme ― an attack on the platform’s infrastructure that ultimately exposed the private keys of their crypto wallets.

Private keys are alphanumeric text strings used to sign crypto transactions. When exposed, they can be used to steal funds from a victim’s wallets.

CEX platforms either manage their private keys in-house or assign the responsibility to a third-party protocol.

Access control

Regardless of the key management strategy used, access control is a major concern and web3 security experts previously warned of gaps existing in the security models being used by crypto companies.

“Attacks have evolved their tactics to exploit these weaknesses, capitalising on the gaps in access control and leveraging advanced techniques like phishing and social engineering to gain unauthorised access,” Meir Dolev, chief technology officer of web3 security outfit Cyvers, told DL News.

Many CEX hacks from crypto’s pre-DeFi era bore hints of insider involvement.

Third-party key managers became the solution to rogue employees leaking private keys to hackers.

Still, Dolev said these private key custody protocols can be just as vulnerable.

High-profile hacks

That vulnerability was already a concern from last year as it was the cause of some high-profile hacks including the $41 million stolen from crypto casino platform Stake.

“The solution to this evolving threat landscape lies in multi-layered security measures,” Dolev said.

“Companies should not rely solely on third-party services but instead adopt a hybrid approach that combines internal key management practices with robust external solutions.”

Osato Avan-Nomayo is our Nigeria-based DeFi correspondent. He covers DeFi and tech. To share tips or information about stories, please contact him at osato@dlnews.com.