As the second quarter of 2024 ends, the Web3 ecosystem continues to advance in an ever-changing security environment. This quarter saw a significant shift in the types of attacks, with centralized exchanges (CEX) bearing the brunt of major incidents, while decentralized finance (DeFi) protocols showed better resilience. Blockchain security firm Cyvers’ report provides a detailed analysis of security incidents.
Noteworthy Report from Security Company
The Cyvers Web3 Security Report for the second quarter and first half of 2024 reveals a dramatic increase in crypto losses due to cyberattacks. The report highlights notable incidents, changing attack strategies, and the financial and operational impacts on the Web3 ecosystem. Despite the increase in attacks, improvements in recovery efforts and incident response strategies underscore the need for constant vigilance and robust security measures.
In the second quarter of 2024, there were crypto losses amounting to $629.68 million across 49 incidents, bringing the total for the first half of 2024 to a staggering $1.38 billion. This figure marks a significant increase compared to the same period in 2023, highlighting ongoing crypto losses.
There were losses of $67 million across 20 incidents targeting smart contracts, while access control breaches resulted in losses of $491 million across 26 incidents. The annual loss increase showed a rise of over 100% compared to the second quarter of 2023.
Details on the Subject
The second quarter of 2024 saw a notable shift in security breaches, particularly targeting centralized exchanges with access control incidents. This indicates a move away from exploiting smart contract vulnerabilities in DeFi protocols. Attacks on access control increased by 35%, while smart contract attacks decreased by 83% compared to the first half of 2023.
Compared to the second quarter of 2023, the 900% increase in CeFi losses indicates a significant shift in attackers’ focus. This trend may be attributed to the concentration of assets on centralized platforms and potentially lax security measures at some exchanges.
Cyvers team cites the DMM Bitcoin incident as an example. The Japan-based centralized exchange suffered a major attack in May 2024, resulting in a loss of $305 million. This incident was the largest blockchain hack since December 2022 and the third-largest in crypto history.
The attack involved transferring 4502.9 Bitcoins, valued at over $308 million, to multiple addresses, complicating recovery efforts. Initially, the nature of the transfer was unclear, but DMM Bitcoin confirmed it was a security breach and launched an investigation.
