In the second quarter of this year, the cryptocurrency industry faced significant security challenges, with losses from hacks and scams amounting to $572.7 million across 72 incidents, according to a recent report by Immunefi, a web3 bug bounty and security services platform.
Impact on Decentralized Finance (DeFi) Platforms
This marks a substantial increase of 70.3% from the $336.3 million in losses recorded in the first quarter and more than doubles the $265.5 million stolen in the same quarter the previous year.
To date, the cumulative losses for the year have surged by 24% to over $900 million compared to the same period in the previous year.
Decentralized finance (DeFi) platforms, which collectively hold nearly $100 billion in value according to data from DeFiLlama, were heavily targeted by cybercriminals.
While DeFi accounted for all the exploits tracked by Immunefi in the first quarter, the focus shifted in the second quarter with centralized finance (CeFi) platforms suffering the majority of the financial damage.
Out of the total losses in the second quarter, CeFi accounted for $401.4 million or 70%, with the remaining 30% or $171.3 million attributed to DeFi.
Two major incidents dominated the headlines this quarter, together accounting for $360 million or 62.8% of the total losses.
The largest of these was a $305 million breach of the Japanese cryptocurrency trading platform DMM Bitcoin, followed by a $55 million theft from the Turkish crypto exchange BtcTurk on June 23.
The month of May alone saw the highest monthly losses, totaling $358.5 million. Despite the high losses, only $28.7 million—or 5% of the quarter’s total stolen funds—were recovered from four separate exploits involving companies like Bloom, ALEX Lab, Gala Games, and YOLO Games.
Expert Insights and Infrastructure Compromises
Mitchell Amador, founder and CEO of Immunefi, highlighted the devastating impact of infrastructure compromises, noting that the shift towards targeting CeFi infrastructure led to a significant increase in losses.
He emphasized the importance of robust security measures across the entire ecosystem to prevent such large-scale financial damages.
He stated that the second quarter underscored how a single infrastructure compromise could lead to millions in losses, making the protection of the entire ecosystem crucial.
The vast majority of financial losses this quarter were due to hacks, which represented 98.5% or $564.2 million of the total, occurring over 53 incidents. In contrast, fraud, scams, and rug pulls accounted for only 1.5% or $8.5 million, spread over 19 incidents.
The most targeted blockchain networks were Ethereum and BNB Chain. Ethereum was the most affected with 34 incidents, constituting 46.6% of the total losses on these networks, while BNB Chain followed with 18 incidents making up 24.7% of the losses.
Other networks like Arbitrum, Blast, Optimism, Solana, Polygon, Fantom, Linea, Mantle, and TON also experienced incidents but to a lesser extent.
The Role of Immunefi in Crypto Security
Immunefi’s role in the crypto security landscape has become increasingly pivotal. Earlier this month, the platform reached a milestone of over $100 million in payouts to ethical hackers and researchers over the past three years, derived from more than 3,000 bug bounty reports.
This achievement underscores the critical role of the ethical hacking community in safeguarding the blockchain ecosystem.
Immunefi claims to operate the largest blockchain security community with over 45,000 researchers and credits these efforts with saving more than $25 billion in user funds across various protocols such as Polygon, Optimism, Chainlink, The Graph, Synthetix, and MakerDAO from potential thefts.
The high-profile payouts facilitated by Immunefi demonstrate the value of vigilance in the crypto space. The highest bounty facilitated by the platform was a $10 million reward for identifying a vulnerability in the Wormhole cross-chain protocol.
This substantial payout highlights the importance of continuous monitoring and the crucial role that ethical hackers play in identifying and mitigating potential threats before they can be exploited by malicious actors.
The second quarter of this year has underscored the ongoing vulnerabilities within the cryptocurrency industry, particularly within centralized finance platforms. The significant increase in losses from hacks and scams reflects the persistent and evolving threat landscape.
Credit: Source link