The cryptocurrency industry faced another challenging year in 2024, as hacking incidents reached new heights, with $2.2 billion in digital assets stolen.
This marks a 21.07% year-over-year (YoY) increase, reinforcing concerns about the vulnerabilities of the rapidly growing sector. Crypto hacking incidents also surged, from 282 in 2023 to 303 in 2024, highlighting the persistent threat to decentralized and centralized platforms alike.
The first half of 2024 saw an alarming spike in crypto theft. Between January and July, hackers stole $1.58 billion, an 84.4% increase compared to the same timeframe in 2023.
Analysts initially feared that 2024 might rival the record-breaking $3 billion+ thefts of 2021 and 2022. However, hacking activity slowed significantly after July, maintaining a relatively steady pace through the remainder of the year.
Experts suggest that geopolitical factors may have influenced this shift, particularly after a notable June summit between Russian President Vladimir Putin and North Korean leader Kim Jong Un.
The meeting, which strengthened military and economic ties between the two nations, coincided with a 53.73% decline in funds stolen by North Korea-linked hackers in the second half of the year.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
Decentralized vs. Centralized Platforms: A Changing Target
Historically, decentralized finance (DeFi) platforms have been prime targets for hackers due to their rapid growth and often insufficient security measures.
However, 2024 marked a shift, with centralized services surpassing DeFi as the most targeted platforms in the second and third quarters. Two high-profile attacks underscored this trend:
- DMM Bitcoin (May 2024): Hackers stole $305 million, exploiting vulnerabilities in private key management.
- WazirX (July 2024): A $234.9 million hack further emphasized the need for centralized platforms to improve private key security.
Private key compromises accounted for 43.8% of all stolen crypto in 2024, making it the most exploited attack vector. Hackers laundered stolen funds through a variety of methods, including decentralized exchanges, mixing services, and cross-chain bridges, complicating efforts to trace illicit transactions.
North Korea: A Major Player in Crypto Hacking
North Korean-affiliated hackers escalated their activities in 2024, stealing $1.34 billion across 47 incidents—a 102.88% increase from the $660.50 million stolen in 2023.
These attacks accounted for 61% of the total value of stolen crypto in the year. The stolen funds are widely believed to fund North Korea’s weapons of mass destruction programs, raising significant international security concerns.
Notably, North Korea’s hackers exhibited increasing efficiency. Attacks yielding $50 million or more occurred more frequently, with a growing number of smaller exploits, often attributed to North Korean IT workers infiltrating Web3 companies.
These workers employed sophisticated tactics, including false identities and remote work setups, to gain access to sensitive systems.
High-Profile Case Study: DMM Bitcoin Hack
According to a Chainanalysis report, One of the most devastating hacks of the year targeted Japanese cryptocurrency exchange DMM Bitcoin. In May 2024, the platform lost 4,502.9 Bitcoin (valued at $305 million) due to a breach that compromised its infrastructure.
The attackers siphoned funds through mixing services and cross-chain bridges, eventually depositing a portion with Huione Guarantee, a controversial entity tied to cybercrime.
DMM Bitcoin covered customer losses using internal resources but subsequently decided to shut down operations. The exchange’s assets and accounts will transition to SBI VC Trade, a subsidiary of SBI Group, by March 2025.
The Need for Stronger Security and Regulation
The continued rise in crypto theft emphasizes the urgent need for enhanced security measures and regulatory oversight. Collaboration between the public and private sectors is crucial to address the evolving threat landscape. Key recommendations include:
- Stronger Security Protocols: Platforms must prioritize private key hygiene, smart contract audits, and robust identity verification.
- Data Sharing: Real-time information exchange between industry players and law enforcement can accelerate threat detection and response.
- Regulatory Compliance: As crypto regulations evolve, platforms must align with new standards to protect customer assets and enhance accountability.
The cryptocurrency industry faces a critical turning point. Strengthening defenses against cyber threats is not just essential for safeguarding individual assets but also for fostering trust and stability in the digital economy.
Through innovation, vigilance, and collaboration, stakeholders can rise to meet these challenges and secure the future of crypto.
2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide