In February 2024, the cryptocurrency industry experienced significant losses totalling ~$ $67Mn across 12 specific incidents. Comparatively, January 2024 saw registered losses totalling ~$ $133Mn, almost twice the amount incurred in February.

Examining the distribution of these losses reveals insights into the prevalent threats within the ecosystem. The majority of the losses derived from hacking incidents, accounting for 97.54% of the total, while fraudulent activities contributed to only 2.46%. This distribution highlights the ongoing challenge posed by hacking in the crypto space, with fraud incidents representing a relatively minor portion of the overall losses. There is a consistent dominance of hacking as the primary cause of crypto losses, with fraudulent activities maintaining a relatively low impact.

Major Hacks in Feb 2024

In February 2024, significant hacking incidents rattled the cryptocurrency landscape.

PlayDapp ($32 Million Loss)

PlayDapp is a blockchain gaming platform that was severely hacked in February 2024. The attack originated from an access control vulnerability within one of the main wallets that control PlayDapp’s smart contracts. The attacker managed to recover its private key, which allowed them to bypass security measures and grant themselves unauthorized privileges. By exploiting this vulnerability, the attacker added themselves as authorized miners for the platform’s token (PLA), enabling them to create new PLA tokens at will. These newly minted tokens were then transferred to the attacker’s wallet, effectively stealing funds from the platform. In response to the breach, PlayDapp quickly initiated measures to contain the situation.

FixedFloat ($26 Million Loss)

FixedFloat, a cryptocurrency exchange that operates without Know Your Customer (KYC) and Anti-Money Laundering (AML) protections, was the victim of a hack in February 2024. The attackers stole an estimated ~$26.1 million in Bitcoin and Ether from the project. The exact details of the FixedFloat hack are still unknown, but it appears to have been a private key theft. There is no sign of exploitation of the protocol’s smart contracts. The team put the project in maintenance mode and prioritized fixing vulnerabilities in its services over providing information to the public.

Duelbits

Duelbits, a crypto casino, experienced a significant loss of $4.6 million due to a private key compromise. The attacker managed to steal by gaining access to Duelbits’ deployer address and minting tokens. The stolen assets were quickly distributed across various addresses. The attack occurred just before Valentine’s Day 2024. The cybersecurity team CertiK suggested that Duelbits likely fell victim to a private key compromise, which enabled the perpetrator to steal the funds. Subsequently, the attacker swapped all seized assets for ETH. This incident highlights the importance of securing private keys and the potential vulnerabilities within crypto casinos.

In-depth Analysis 

Hacks vs. Fraud Analysis

Hacking incidents continued to dominate crypto-related losses in February 2024, outweighing fraudulent activities by a large margin. Hacking accounted for 97.54% of the total losses, totaling ~$65Mn, while fraud incidents represented only 2.46%, amounting to ~$1.65Mn. This contrast highlights the persistent challenge posed by hacking within the cryptocurrency ecosystem, necessitating comprehensive security measures to mitigate such risks effectively.

DeFi vs. CeFi Analysis

In February 2024, DeFi platforms were the primary target for exploits, while CeFi platforms remained unaffected by major attacks. DeFi platforms suffered total losses of ~$67Mn across 12 incidents, reflecting the vulnerability of decentralized protocols. This contrast underscores the challenges associated with securing DeFi platforms, emphasizing the importance of rigorous security audits and proactive risk management strategies.

Losses by Chain

Ethereum emerged as the most targeted blockchain network in February 2024, accounting for the majority of losses. It suffered 12 individual attacks, representing 85.71% of total losses across targeted chains. Other chains, including BNB Chain and Bitcoin, witnessed fewer incidents, each representing 7.14% of total losses. These statistics highlight the vulnerabilities inherent in popular blockchain networks, necessitating continuous efforts to strengthen security measures effectively.

Crypto Losses Year-to-Date

Total loss: $200,478,412

Total Incidents: 32

In 2024, the cryptocurrency market experienced a notable uptick in losses compared to the previous year, reflecting ongoing challenges within the industry. Year-to-date, total losses amount to $200,478,412 across 32 specific incidents, marking a 15.4% increase from the same period in 2023, where losses totaled $173,693,675. These losses encompass a variety of factors, including hacking incidents and fraudulent activities, illustrating the persistent threats inherent in the cryptocurrency ecosystem

Conclusion

The analysis of the crypto losses observed in February 2024 provides valuable insights into the evolving landscape of cybersecurity within the cryptocurrency industry. With hacking incidents dominating the scene and decentralized finance platforms emerging as primary targets, it’s evident that the challenges of securing digital assets persist. As losses continue to mount year-to-date, stakeholders must prioritize proactive measures to enhance security protocols and mitigate risks effectively. 

Collaboration among industry players, coupled with continuous vigilance and robust risk management strategies, is imperative to fortify the resilience of the crypto ecosystem. By addressing vulnerabilities and implementing stringent security measures, the industry can navigate the complexities of the digital landscape and safeguard the integrity of the market for all participants.