DeFi Hacks Drop by 40% in 2024, While CeFi Breaches Surge to $694 Million Says Hacken

In a heartening development for the DeFi space, blockchain security firm Hacken’s annual ‘Web3 Security Report’ reveals that DeFi has experienced a 40% decrease in dollars lost to security incidents from 2023 to 2024. This impressive improvement can be attributed to enhanced protocols, stronger bridges, and advanced cryptographic measures.

Table of Contents

The Contrast Between DeFi and Centralized Finance (CeFi)

While DeFi’s strengthened security measures have contributed to its improved standing, the report highlights a stark difference between DeFi and CeFi. Centralized finance has faced a bleak year, with breaches more than doubling while losses surged to $694 million as centralized exchanges became primary targets for access control vulnerabilities and other critical security risks.

DeFi’s Security Progress

According to Hacken’s 2024 report, financial losses in DeFi have plummeted from $787 million in 2023 to $474 million this year. Bridge-related exploits, a historical major vulnerability in DeFi, have dramatically declined from $338 million in 2023 to just $114 million in 2024.

Key Factors Contributing to DeFi’s Improved Security

Multiparty Computation and Zero-Knowledge Proofs: These advanced cryptographic measures have significantly reduced the risk of security breaches.
Improved Protocols: Enhanced protocols have helped strengthen DeFi’s bridges, reducing the vulnerability to exploits.
Advanced Cryptographic Measures: Hacken’s report highlights the effectiveness of these measures in securing DeFi transactions.

Challenges Persist in DeFi

Despite the progress made by DeFi in terms of security, challenges persist. Access control vulnerabilities accounted for nearly half of all DeFi losses, such as the $55 million Radiant Capital hack. This emphasizes the need for continued improvement and vigilance in DeFi’s security measures.

CeFi Breaches: A Bleak Year

Contrary to DeFi’s improved standing, CeFi has faced a bleak year with breaches more than doubling while losses surged to $694 million as centralized exchanges became primary targets for access control vulnerabilities and other critical security risks. The surge in breaches is attributed largely to access control exploits and notable incidents like the DMM exchange hack in the second quarter and the WazirX hack in the third quarter.

Notable CeFi Breaches

DMM Exchange Hack: Compromised private keys and multisignature vulnerability exploits facilitated the theft of $305 million.
WazirX Hack: Similar exploits resulted in the loss of $230 million.

Dyma Budorin’s Insights

According to Dyma Budorin, co-founder and CEO of Hacken:

‘Critical gaps’ in CeFi operational security mainly driven by ‘poor private key management, weak multisig setups, and centralized control vulnerabilities.’

This emphasizes the need for immediate attention to these issues in order to prevent further breaches.

Lessons to be Learned

The significant difference in financial losses between DeFi and CeFi highlights an opportunity for improvement in both industries. It is critical ‘to adopt stricter key management practices and automated monitoring’ systems to mitigate these risks. This can be seen in the recent North Korean hackers stealing over $1.3 billion in crypto assets this year across 47 incidents, according to a Dec. 19 Chainalysis report.

Key Takeaways

DeFi’s improved security measures have led to a 40% decrease in dollars lost to security incidents from 2023 to 2024.
CeFi breaches have more than doubled, with losses surging to $694 million as centralized exchanges became primary targets for access control vulnerabilities and other critical security risks.
Access control vulnerabilities remain a significant threat in DeFi, accounting for nearly half of all DeFi losses.

By adopting stricter key management practices and automated monitoring systems, both DeFi and CeFi can mitigate these risks and improve their overall security.