Quick Links
In 2024, the race between innovation and exploitation reached new heights. As blockchain adoption surged, so did the sophistication of cybercriminals. High-profile hacks, phishing schemes, and smart contract vulnerabilities dominated headlines, leaving investors and developers grappling with trust and resilience as hacks and exploits accounted for over ~ $1.21 Bn in losses.
For more such detailed insights, read our in-depth “Crypto Outlook 2025” report.
Tale of Hacks & Exploits in 2024
Amount Lost
The year began with losses amounting to ~ $291 Mn in Q1’ 24. The value of exploits peaked in the months of May and July, as they witnessed the largest amount of hacks with ~ $354 Mn and $248 Mn lost respectively. Post this, the hacker activity declined, as losses worth ~ $150 Mn were recorded between Aug’ 24 and Dec’ 24.
Anatomy of Exploits
Access control issues topped the list of crypto exploits in 2024, accounting for 21 incidents and staggering losses of ~ $743.42 Mn. Rug pulls followed closely behind, with 20 incidents amounting to ~ $86.19 Mn in stolen funds. Flash loan attacks, a perennial favorite among hackers, caused ~ $15.72 Mn in damage across 13 incidents. Reentrancy attacks, often a major threat, were relatively subdued this year, with damages limited to ~ $0.23 Mn. Lastly, price manipulation schemes caused ~ $0.45 Mn in losses, rounding out the diverse tactics used to exploit the crypto ecosystem.
Top 3 Hacks of 2024
- DMM Bitcoin (May 2024):
- Loss: 4,502.9 BTC
- Cause: Likely compromised keys or signing processes
- Takeaway: Custodial security remains a critical vulnerability
- WazirX (July 2024):
- Loss: ~ $230Mn in ETH
- Cause: Attackers exploited a multisig address using a malicious smart contract
- Takeaway: Even multi-layered defenses can fail under sophisticated attacks
- Munchables (March 2024):
- Loss: ~$62.5Mn, (largely recovered ~$60.5Mn)
- Cause: An insider manipulated an upgradeable proxy contract
- Takeaway: Insider threats continue to plague decentralized systems
Chains Under Siege
Ethereum-based protocols witnessed the maximum exploits as it accounted for ~ 43% of all exploits in 2024, followed by BNB Chain, which accounted for 26% of all exploits. Smaller chains like Arbitrum, Solana, and Blast saw fewer incidents but remained persistently targeted.
Outlook for Web3 Security in 2025
2024’s major breaches laid bare critical vulnerabilities, and sparked urgent calls for action. As we venture into 2025, smart contract audits, tighter access controls, and improved oracle designs are now non-negotiables. On the operational side, we are likely to see a greater emphasis on multi-signature wallets, and multi-layer security strategies.
The Web3 ecosystem is likely to further embrace zero-knowledge proofs and AI-driven security tools to combat exploits. We could also see an increased adoption of Decentralized identity solutions, as they can help to enhance privacy and reduce dependency on centralized systems.
Projects would need to focus on community education and developer training to promote a security-first culture. Apart from this, increased emphasis on recovery mechanisms, such as new insurance frameworks and more agile incident response could also be an area of focus.
Why Check Out Our Full Report?
Our comprehensive report, “Crypto Outlook 2025”, provides an in-depth analysis of the evolving crypto landscape. It features deep insights into key verticals, & emerging narratives, along with expert opinion on different sectors.
Read the full report here: Link
