Crypto Hacks Surge in 2024, Total Losses Top $1.2 Billion

Key Takeaways

• The first eight months of 2024 saw more than 150 incidents of hacks and rug pulls
• In August , hackers made away with around $15 million across five separate incidents.

Crypto hackers have stolen over $1.2 billion in 2024, according to a report from blockchain security firm Immunefi. This marks a 15% increase compared to the same period last year, when just over $1 billion was stolen. The first eight months of 2024 saw more than 150 incidents of hacks and rug pulls, reflecting a growing concern over the security of digital assets.

In August alone, hackers made away with approximately $15 million across five separate incidents. This was a significant drop from July’s figures, which saw losses of $269 million.On July 18, 2024, India based crypto exchange WazirX faced a major security breach resulting in the theft of $230 million worth of assets. This incident was the second-largest crypto hack of the year so far.

Most of the attacks this year have targeted decentralized finance (DeFi) platforms, Immunefi’s data shows. Unlike in previous years, these attacks were not primarily due to code vulnerabilities or stolen private keys.

Instead, hackers have shifted their focus to the BNB Chain, exploiting its recent hard forks—such as ZhangHeng, Plato, and Hertz—to carry out rug pulls and other fraudulent activities. A separate report by Immunefi revealed that forked code on BNB Chain has made it a popular target, with $1.64 billion stolen from the network since its creation in 2017.

While the overall losses in 2024 have surpassed last year’s figures, there has been a noticeable decline in the number of monthly hacks. August’s losses were 94.5% lower than those in July, indicating a temporary slowdown in the rate of crypto theft.

The $15 million lost in August was largely due to two major incidents: a $9.8 million hack of the Ronin Network and a $1.5 million exploit involving Nexera. Both incidents were linked to vulnerabilities introduced during code upgrades.

According to Immunefi founder, Mitchell Armado, the importance of maintaining a security-first mindset is a huge priority. He stated, “Both the Ronin and Convergence incidents this month were due to vulnerabilities introduced during code upgrades. Convergence clarified in their post-mortem that they had ‘modified [that] part of the code post-audit,’ which highlights the critical importance of maintaining a security-first approach at every step.”