According to cybersecurity firm Cyvers' mid-year Web3 security report, the total volume of stolen crypto funds so far this year is approaching $1.4 billion as centralized exchanges emerge as the new ground zero for exploits.
The total amount of cryptocurrency stolen so far this year is nearing $1.4 billion, with centralized exchanges becoming a major target for exploits, according to a mid-year Web3 security report by cybersecurity firm Cyvers.
In the second quarter of 2024, total crypto losses exceeded $600 million, which is a 100% increase over the same period last year. According to the report, the surge in stolen funds was mainly driven by a 900% increase in losses on centralized exchanges.
“This quarter has seen a significant shift in attack vectors, with centralized exchanges (CEX) bearing the brunt of major incidents, while decentralized finance (DeFi) protocols show improved resilience,” the report said. “This trend may be attributed to the concentration of assets in centralized platforms and potentially lax security measures in some exchanges.”
Access control breaches — often in the form of phishing attacks — accounted for the overwhelming majority of stolen funds, around $490 million in Q2 alone, according to Cyvers. That figure dwarfs losses from smart contract exploits, which saw less than $70 million drained during the same period.
Quick action by decentralized finance (DeFi) protocols to freeze compromised smart contracts has protected users, but Cyvers cautioned that exploit risk remains prevalent as hackers unearth new vulnerabilities in complex contracts. Cross-chain bridges are also becoming a major attack vector, the report noted, citing the $1.44 million exploit of XBridge in April.
The high-profile breach in May of Japanese cryptocurrency exchange DMM heavily impacted Cyvers’ Q2 data. The hack — which was reportedly caused by a compromised private key — drained upward of $300 million. Another significant outlier was the Turkish cryptocurrency exchange BtcTurk, which lost around $50 million to hackers in June.
The report noted that explicit victims are having greater success than before in recovering lost funds, with total funds recovered increasing by 42% in Q2 over the same period last year. Still, the vast majority of lost funds — some 76% — have not been retrieved.
Web3 users should remain on the lookout for emergent threats posed by artificial intelligence and quantum computing, which could provide hackers with sophisticated new tools for bypassing onchain security measures, Cyvers said.
The above is the detailed content of Centralized Exchanges Emerge as Ground Zero for Exploits as Total Crypto Funds Stolen This Year Approach $1.4B: Cyvers Report. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
