Key Takeaways
- Losses in DeFi dropped by 40% to $474 million, down from $787 million in 2023.
- Hacken highlighted that 44% of all DeFi-related losses in 2024 were linked to poor access control mechanisms.
The decentralized finance (DeFi) sector reported a significant reduction in financial losses from security breaches in 2024, according to blockchain security firm Hacken’s latest “Web3 Security Report.” Losses in DeFi dropped by 40% to $474 million, down from $787 million in 2023.
The report credits the decline to the adoption of multiparty computation (MPC) and zero-knowledge proofs (ZKPs) for the reduction in defi hacks. Further bridge-related exploits—a long-standing vulnerability in decentralized systems—saw a sharp reduction in associated losses, from $338 million in 2023 to $114 million this year.
These bridges, which facilitate the transfer of assets across blockchains, had previously been a primary target for cyberattacks. Earlier this year, Orbit Chain lost a staggering $81 million after hackers exploited the platform’s cross-chain bridge.
Hacken highlighted that 44% of all DeFi-related losses in 2024 were linked to poor access control mechanisms. Notable incidents, such as the $55 million hack on Radiant Capital, demonstrate that weaknesses in permission management still pose a significant risk to decentralized platforms.
While DeFi made strides in reducing financial losses, centralized finance (CeFi) platforms saw a starkly different trend. CeFi breaches more than doubled in 2024, with financial losses surging to $694 million—up from $320 million the previous year.
Hacken attributes these breaches to systemic issues, including inadequate private key management, vulnerabilities in multi-signature systems, and centralized control points.
Two high-profile incidents contributed significantly to CeFi losses. The DMM exchange breach in the second quarter led to a $305 million theft, while the Indian-crypto exchange WazirX hack in the third quarter resulted in $230 million in stolen assets. These cases illustrate the risks of centralization, where a single point of failure can have catastrophic consequences.
Hacken’s CEO, Dyma Budorin, emphasized the need for robust security measures to address CeFi’s growing vulnerabilities. “Attackers are exploiting gaps in key management and centralized controls. Stricter security practices and automated monitoring systems are essential to mitigate these risks,” Budorin stated.
The latest Hacken report comes amid a Chainalysis report that North Korean hackers were responsible for over $1.3 billion in losses across 47 incidents in 2024.
