Cyvers Report: Exploits Targeting Centralized Exchanges Drive $1.4B in Stolen Crypto for 2024

UTC by Mayowa Adebajo · 4 min read
Cyvers Report: Exploits Targeting Centralized Exchanges Drive $1.4B in Stolen Crypto for 2024
Photo: Depositphotos

The report also notes that effective incident response strategies have been very vital in reducing losses in Q2 2024.

According to a detailed quarterly report by blockchain security firm Cyvers, centralized exchanges (CEXs) may have suffered great losses amounting to a whopping $1.4 billion in the first half of 2024 alone. The report dubbed Cyvers Web3 Security Report for Q2 and H1 2024 has highlighted what appears to be a growing threat and the urgent need for comprehensive security measures to keep the alarming trend in check.

Q2 Was Marked by Soaring Crypto Losses, Cyvers Report Claims

Per Cyvers’ report, crypto-related losses surged significantly in the second quarter of 2024, with $629.68 million lost across 49 incidents. This brought the year-to-date total to $1.38 billion, a sizeable increase from the previous year, connoting the evolving nature of cyber threats, most especially within the Web3 ecosystem.

Of the losses recorded, smart contract exploits accounted for $67.38 million from 20 incidents, while access control breaches were responsible for a staggering $491.31 million from 26 incidents. Address poisoning, such as the Pink Drainer incident earlier reported by Coinspeaker, was also a notable threat, resulting in losses of $71.48 million from 361 incidents. The year-over-year loss increase reflects a more than 100% rise from Q2 2023, which implies that these attacks are growing at an alarming rate.

The report also detailed how there has been a geographical trend and shift in attack strategies from attackers. Cyvers noted that Eastern Europe experienced a surge in activity, while Asia-Pacific centralized exchanges faced targeted attacks due to regulatory gaps and weaker cybersecurity laws. In sharp contrast, however, North American DeFi protocols displayed great resilience to many of the threats. From all indications, that may just be a result of the stringent security and compliance measures in the region.

Cyvers also claimed to observe a notable shift in attack strategies in Q2. The firm identified access control incidents as becoming more prominent even as they particularly targeted centralized exchanges.

This shift simply means that previous tactics that focused on smart contract vulnerabilities in DeFi protocols may no longer be popular among attackers. For context, access control exploits surged by 35%, while smart contract exploits saw an 83% decrease compared to H1 2023.

High-Profile Hacks and Repercussions

It is worth mentioning that the security breaches in Q2, particularly the high-profile centralized exchange (CEX) hacks, had far-reaching economic impacts. These incidents have not only ensured that there is now increased regulatory scrutiny. They have also somehow increased operational costs for exchanges. That is especially true for companies whose reputations have been tarnished, having incurred even more expenses to cover legalities.

Besides, the rising rates of these attacks have also driven crypto insurance rates up, adding to the overall operational costs of Web3 projects. That is not to mention the dwindling trust that users now have thanks to the continued occurrence of security incidents. It would be expected that this lack of trust could potentially slow down the adoption rate and investment in the Web3 space.

Emerging Trends and Loss Mitigation Techniques

The report by Cyvers noted emerging trends, such as the rise of address poisoning. It also predicts that sophisticated contract exploits, AI-driven attack vectors, and targeting of Layer 2 solutions will increase. That is, at least, for the time being.

However, the report also notes that effective incident response strategies were very vital in reducing losses in Q2 2024. Cyvers claims that there is an improvement in the area of coordination between exchanges, blockchain analytics firms, and law enforcement. This, it says, has led to successful recovery efforts, such as the recovery of $22 million from the Gala Games hack.

In view of these claims, it has become expedient that there is a need for continuous vigilance and strong security measures. So, as individual exchanges and DeFi projects adopt multi-layered security protocols, all market participants must also come to a round table to continue their collaborative efforts in the fight against these threats.

Cybersecurity News, News, Technology News
Related Articles