The cryptocurrency landscape continues to face relentless assaults, with hackers exploiting vulnerabilities across both centralised and decentralised platforms. In September alone, over $120 million was siphoned off through more than 20 successful attacks, making it one of the costliest months of 2024 for crypto-related thefts. While this figure marks a significant reduction compared to August's staggering $314 million loss, the damage remains substantial—particularly for centralised exchanges.
Centralised Crypto Exchanges: The Prime Targets
Centralised crypto exchanges continue to be the Achilles' heel of the digital currency market. By design, they offer hackers single points of attack, and the numbers highlight just how much is at stake.
BingX and Indodax, two prominent centralised exchanges, were the hardest hit in September. Combined, these platforms accounted for more than half of the total losses. BingX suffered the most, losing $44 million in a single attack, while Indodax reported a $21 million loss. These platforms have long been targeted by hackers due to the wealth of user assets and sensitive data they hold. The sheer volume of funds exchanged on such platforms makes them high-value targets, and September's breaches serve as another reminder of the inherent risks they carry.
PeckShield, a blockchain investigation firm, revealed that these incidents are part of a broader trend of increasing hacks that have plagued the crypto ecosystem throughout 2024. Despite enhanced security measures, centralised exchanges remain a primary target for cybercriminals.
Decentralised Finance Also Under Pressure
Although centralised exchanges bore the brunt of September’s losses, decentralised finance (DeFi) platforms were not spared. DeFi protocol Penpie suffered a devastating $27 million loss due to an exploit, while other decentralised entities like Delta Prime and Truflation were hit for $6 million and $5.6 million, respectively.
Even smaller platforms felt the sting, with the crypto liquid restaking protocol Bedrock losing $2 million to hackers. These attacks demonstrate that while DeFi offers some protection through decentralisation, it remains vulnerable to exploits capable of draining millions from protocols in mere moments.
A Ray of Hope: Partial Fund Recoveries
Amidst the wave of attacks, a few platforms managed to recover portions of their losses. Crypto lender Shezmu, which had been hacked for $5 million, retrieved some of the stolen funds through on-chain negotiations with the hacker—a rare positive outcome in a landscape typically defined by total loss. Meanwhile, Telegram bot Banana Gun refunded crypto traders after suffering a $3 million breach, offering a glimmer of hope that even after devastating losses, there are ways to mitigate the damage.
WazirX’s Ongoing Struggles After Historic Hack
While September’s hacks drew attention, one of the most significant breaches of 2024 occurred in July, when Indian crypto exchange WazirX was hit for a staggering $235 million. The attack on one of WazirX’s Safe Multisig wallets on Ethereum remains the largest crypto hack of the year, and the platform is still grappling with its aftermath.
Following the attack, WazirX suspended all crypto and cash withdrawals, leaving millions of users in limbo as the platform conducted an internal investigation. Three months later, there has been little progress towards remediation. Affected users remain uncompensated, and WazirX recently confirmed that 43% of customer funds are now irrecoverable.
In a new development, rival exchange CoinSwitch has launched legal action against WazirX to recover 2% of its assets, valued at approximately $6.2 million. As WazirX scrambles to resolve its issues, the exchange's troubles serve as a stark reminder of how quickly trust can erode when security measures fail.
An Increasing Trend of Crypto Vulnerability
As the crypto space continues to grow, so do the risks. The sophisticated nature of recent attacks illustrates that despite advances in security, both centralised and decentralised platforms are struggling to keep pace with evolving threats. September's loss tally may be lower than August’s, but it underscores an unsettling trend—no platform, no matter how secure it claims to be, is immune.
The total amount lost to crypto hacks in 2024 has already reached alarming levels, and the year is not over yet. For users and investors, the mounting losses serve as a stark reminder to remain vigilant and question the security of the platforms they entrust with their assets.
As centralised exchanges like BingX and Indodax work to recover from their September losses and WazirX continues to address the aftermath of its July hack, the crypto world must face a harsh reality: the battleground for control over digital assets is far from secure, and the fight is only intensifying.