Enjoy Free Global Shipping on Orders Over $399. Shop Now!

CART

×

No products in the cart.

Q2 2024: CeFi Exchange Hacks Surge 1000% Year-on-Year 

Written by Werner Vermaak for CoolWallet

Introduction

The recently released Immunefi Q2 2024 Crypto Losses Report paints a depressing picture of the current crypto threat landscape, highlighting why secure cold storage solutions like a CoolWallet hardware wallet are more crucial than ever. Sadly, after suffering $200 million losses in Q1 2024, the second quarter saw nearly $600 million stolen, according to Immunifi and Hacken’s Q2 2024 Web3 Security Report report. This shows that as crypto markets once again rise, so do the influx of criminals targeting our industry, with great success.

As a leading hardware wallet provider celebrating its 10th year in 2024, CoolWallet is committed to keeping our users informed about the latest security trends and threats in the crypto space. With everyone getting strapped in for the 2024/2025 crypto bull run expected to resume later this year, now is not the time to lose your moonbags in a stupid hack or scam. 

Let’s dive into the damage caused by bad actors in the second quarter of the year. 

$572 million crypto stolen in Q2 2024

In Q2 2024, the crypto ecosystem witnessed a shocking $572.7 million in losses due to hacks and frauds. This represents a 112% increase compared to the same period in 2023. The majority of these losses – a whopping $564.2 million – were due to crypto hacks across 53 incidents, while $8.45 million was attributed to frauds. In comparison, Q2 2023 hacks only totalled $220 million, while crypto frauds netted $45 million. 

Japanese exchange DMM Bitcoin hacked for $300m

Japanese crypto exchanges have a less-than-stellar record when it comes to hacks, with CoinCheck (2018, $600 million) and Mt.Gox (2014, $300 million) topping the list of the biggest exchange hacks of all time. 

Add DMM Bitcoin now to its wall of shame, after a staggering $305 million were looted in a hack this quarter. This accounts for over 50% of total losses in the last 3 months. 

CeFi Losses Due to Hacks Up 1000% Year on Year

Once again, Centralized Finance (CeFi) platforms bore the brunt of attacks this quarter, losing $320 million, thus accounting for 70% of all funds lost and increasing its hacks tally by 984%.

 If you still don’t know it, hear it from our CEO and founder Michael Ou one more time:  Not Your Keys, Not Your Crypto. 

Hacken Report

Hacken Report

ImmuneFi report

ImmuneFi report

Two major incidents stand out:

1. DMM Bitcoin: This Japanese crypto exchange lost $305 million in a single hack, in what Elliptic reports as an “unauthorized leak”. It’s the biggest since the $400m FTX “hack” in 2022. 

2. BtcTurk: Turkey’s largest crypto exchange suffered a $55 million loss.

These two incidents alone accounted for 62.8% of all Q2 losses, highlighting the potential vulnerabilities in centralized systems.

Here’s a list of the top 10 breaches:

  1. DMM Bitcoin: $305,000,000
  2. BtcTurk: $55,000,000
  3. Hedgey: $44,600,000
  4. Lykke: $23,600,000
  5. Gala Games: $21,000,000*
  6. SonneFinance: $20,000,000
  7. UwU Lend: $19,300,000
  8. Rain: $14,800,000
  9. Holograph: $14,400,000
  10. Velocore: $6,800,000

DeFi Hacks Decrease YoY, Despite Surge in TVL

DeFi platforms saw a 25% decrease in losses compared to Q2 2023, however they still suffered $171.3 million in damages across 62 incidents. This serves as a reminder that even decentralized platforms are not immune to security threats. 

This is where hardware wallets with a secure element and real-time threat protection like CoolWallet Pro really shine. Its Secure Element (EAL6+) allows the user to thwart possible attack vectors by protecting the private key and requiring a physical button push to authorize any transaction. 

Couple this with SmartScan, CoolWallet App’s Web3 transaction scanner which flags malicious contracts and Dapp actions, and users can feel safe knowing they’re fully protected. 

Most Targeted Chains

Ethereum and BNB Chain remained the primary targets for attackers:

Ethereum: 34 incidents

BNB Chain: 18 incidents

Arbitrum: 4 incidents

Projects on these chains should be particularly vigilant, but users across all networks need to prioritize security.

Silver Linings

Fund Recovery

Despite the grim statistics, there’s a glimmer of hope. About 5% of the stolen funds ($26.7 million) were recovered in Q2 2024, showing a slight improvement in recovery efforts compared to previous quarters.

For example, $21 million in stolen funds were later recovered from the Gala Games hack. The Gala Games hacker was able to trade 600 million GALA tokens for 5,913 Ethereum, amounting to about $21 million USD, and the effective burn of 4.4 billion GALA tokens. The hacker later returned the 5,913 Ethereum to Gala’s wallet.

Ethereum DeFi Grows 4x in TVL, with lower losses

In Q2 2024 Ethereum grew by nearly 400% year on year in total value locked (TVL), rising to $90 billion, thanks to its blossoming universe of layer-2 chains like Arbitrum, Optimism, Starknet, Polygon, Base, Linea and ZkSynk (all supported by CoolWallet) helping it to scale exponentially.

Meanwhile, the overall DeFi TVL went 3x from $50B to $150 billion in the last 12 months. 

Despite this surge in on-chain value, hackers only stole $8 million this quarter. That shows DeFi’s defenses are getting stronger and resilient. 

Ethereum DeFi Grows 4x in TVL, with lower losses

Protect Yourself: The CoolWallet Edge

In light of these concerning trends, it’s clear that users need to take proactive steps to secure their crypto assets. Here’s how a hardware wallet like CoolWallet can help:

1. Offline Storage: By keeping your private keys offline, hardware wallets significantly reduce the risk of remote hacks. 

2. Protection from Exchange Hacks: As the DMM Bitcoin and BtcTurk incidents show, even major exchanges can be compromised. Storing your long-term holdings in a hardware wallet keeps them safe from such events.

3. Phishing Resistance: Hardware wallets like CoolWallet require physical confirmation for transactions, protecting you from many common phishing attacks.

4. Multi-Chain Support: With attacks happening across various chains, CoolWallet’s multi-chain support allows you to secure assets on different networks with a single device. We support the world’s leading major layer-1 and layer-2 networks and in most cases, their ecosystems.

5. Regular Firmware Updates: We continuously update our CoolWallet firmware (card) and software (app) to address new security threats, ensuring your defenses stay current.

Additional Steps for User Security

Beyond using a hardware wallet, here are some extra precautions you can take:

1. Enable Two-Factor Authentication (2FA) like biometric verification wherever possible.

2. Use unique, strong passwords for each of your crypto accounts.

3. Be wary of unsolicited offers or messages, especially those promising high returns.

4. Regularly audit the smart contracts and protocols you interact with.

5. Keep your software and operating systems up-to-date.

6. Educate yourself about common scams and phishing techniques in the crypto space.

7. Never ever capture or store your recovery seed phrase online or even print it. Write in in pen and keep it somewhere very safe. For extra protection, use CoolKey, our apocalypse-proof  steel Wallet. 

Conclusion

The Q2 2024 report serves as a scary reminder of the ongoing security challenges in the crypto world. One wrong click and poof! there goes your crypto moonbag and retirement fund. 

While no solution is 100% foolproof, using a hardware wallet like CoolWallet significantly reduces your risk exposure. By combining robust hardware security with vigilant personal practices, you can navigate the crypto landscape with greater confidence and peace of mind.

Stay safe, stay informed, and keep your crypto cool with CoolWallet!

Go to previous article

What is Ethereum? The Complete Guide – Part 2 (2024 Update)

Go to next article

What is Ethereum? The Complete Guide – Part 3 (2024 Update)

© 2024 - CoolWallet - All Rights Reserved.
Website by Innovext