Crypto hacking continues to plague the market as Chainalysis revealed that up to $2.2bn worth of cryptocurrency has been stolen in 2024.
These figures mark a 21% rise in crypto hacking cases from last year, with incidents increasing from 282 in 2023, to 303 in 2024.
Chainalysis’ mid-year crime update revealed that $1.58bn worth of crypto was already stolen from January to July this year. This represented a surge in hackings rising by 84% from the same period last year.
Despite this stark rise in crypto crime, 2024 was projected to see more than $3bn stolen but slowed down to $2.2bn by the end of this year. However, crypto hacking remains a consistent and worryingly increasing threat.
Four years in the past decade individually saw more than a billion dollars worth of crypto stolen – 2018, 2021, 2022, and 2023. 2024 marks the fifth year to reach this troubling milestone, highlighting how, as crypto adoption and prices rise, so too does the amount that can be stolen.
In terms of the amount stolen by victim platform type, 2024 also saw interesting patterns. In most quarters between 2021 and 2023, decentralised finance (DeFi) platforms were the primary targets of crypto hacks.
Chainalysis highlights that this could be mainly due to DeFi platforms being more prone to these attacks as their developers tend to prioritise rapid growth and bringing their products to market faster, as opposed to implementing enhanced security measures.
Although DeFi still accounted for the largest share of stolen assets in the first quarter of 2024, centralised services were the most targeted in Q2 and Q3. Some of the most notable centralised service hacks include DMM Bitcoin – May 2024; $305m – and WazirX – July 2024; $234.9m.
This shift in focus from DeFi to centralised services highlights the increasing importance of securing mechanisms commonly exploited in hacks, such as private keys. Private key compromises accounted for the largest share of stolen crypto in 2024, at 43.8%.
After compromising private keys, malicious actors often launder stolen funds by funnelling them through decentralised exchanges (DEXs), mining services, or mixing services to manipulate the transaction trail and complicate tracing.
In 2024, the laundering activity of private key hackers differs from that of hackers exploiting other attack vectors. Chainalysis stated that after stealing private keys, these hackers often turned to bridges and mixing services. For other attack vectors, DEXs were more popular for laundering.