Cryptocurrency Hacks of 2024: Over $2.2 Billion Stolen in a Year of Rising Cyber Threats

The crypto industry experienced a difficult year in 2024, with losses from hacks and exploits surging to $2.2 billion, according to data from Chainalysis. 

This marked a 21.07% increase from the $1.8 billion stolen in 2023. Both centralized exchanges and decentralized finance (DeFi) protocols were frequent targets, as hackers continued to exploit vulnerabilities in security systems and protocol designs.

Some attacks were financially motivated, while others, such as those attributed to the North Korea-linked Lazarus Group, appeared to be part of state-sponsored activities. 

Below, we examine some of the most notable incidents that impacted the crypto space in 2024.

Centralized Exchanges Hit Hard

DMM Bitcoin Loses $300 Million in Largest Hack of the Year

In May, Japanese exchange DMM Bitcoin suffered the largest cryptocurrency hack of 2024. The attack resulted in the theft of over 4,500 BTC, valued at approximately $300 million. Security analysts believe the breach may have been caused by stolen private keys or an “address poisoning” scheme.

Address poisoning involves creating fake transaction histories to mislead users into sending funds to fraudulent addresses. The incident ranks as the eighth-largest crypto theft ever recorded and raised serious concerns about the security of centralized exchanges. 

In the aftermath, DMM Bitcoin announced plans to transfer customer accounts and custodial assets to Japan’s SBI Group by early 2025 to rebuild trust.

WazirX Multi-Signature Wallet Exploit Results in $230 Million Loss

In July, Indian cryptocurrency exchange WazirX fell victim to a sophisticated attack that exploited vulnerabilities in its multi-signature wallet system. The attackers manipulated a third-party custody platform to trick authorized signatories into approving malicious transactions.

This breach allowed the attackers to bypass key security measures and siphon off $230 million worth of investor funds. Experts suspect the Lazarus Group was involved in the attack, given the group’s history of targeting cryptocurrency platforms. 

Following the incident, WazirX temporarily suspended withdrawals and launched an investigation to uncover the root cause.

BingX Hot Wallet Compromise Costs $43 Million

In September, Singapore-based exchange BingX lost $43 million in a breach that targeted its hot wallet infrastructure. Funds were stolen in multiple transactions, suggesting a well-orchestrated attack. The stolen assets were reportedly converted into ether, a common tactic used by cybercriminals to obscure the origins of stolen funds.

Although BingX referred to the hack as a minor incident, analysts consider it part of a broader trend of centralized exchanges being targeted in 2024.

DeFi Protocol Exploits Cause Substantial Losses

Munchables Game Exploit Steals $62 Million

In March, Munchables, a play-to-earn game built on the Blast Layer 2 blockchain, was exploited for $62.5 million. The attacker used a vulnerability in the game’s upgradeable proxy smart contracts to manipulate the code and siphon funds.

The exploit allowed the attacker to introduce a malicious backdoor in the smart contract, giving them control over funds deposited by users. Surprisingly, the stolen funds were later recovered after the rogue developer voluntarily surrendered the private keys to the compromised wallet.

Penpie Protocol Loses $27 Million in Reentrancy Attack

In September, yield farming platform Penpie suffered a $27 million exploit due to a reentrancy attack. This method allowed the attacker to repeatedly call a vulnerable smart contract function, creating fake tokens and draining funds.

The attacker created a fake market on Pendle Finance, linked to Penpie, and used it to exploit a flaw in token validation processes. Despite efforts by the Penpie team to negotiate the return of the funds, the attacker laundered the stolen cryptocurrency through Tornado Cash, leaving the protocol’s users with significant losses.

UwU Lend Oracle Manipulation Results in $19.5 Million Loss

In June, decentralized lending platform UwU Lend was targeted in an attack that exploited a flaw in its price oracle. The attacker manipulated the price of the sUSDE stablecoin in a Curve Finance liquidity pool, borrowing undervalued tokens and profiting from the price adjustment.

🚨ALERT🚨Our system has detected a series of suspicious transactions involving @UwU_Lend!

Attacker has executed 3 transactions and was able to get around $19.5M. But hack is still ongoing! Amount might increase. Right now attacker is swapping stolen digital assets to $ETH.… https://t.co/8cAB2NWwKV pic.twitter.com/V2RrqYagD2

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) June 10, 2024

The exploit involved the use of flash loans to temporarily lower the stablecoin’s price, allowing the attacker to drain funds from UwU Lend before returning the borrowed assets. This incident underscored the risks of using oracles reliant on real-time data from liquidity pools.

Individual and Protocol-Specific Attacks

Dai Whale Targeted in $55 Million Phishing Scheme

In August, a crypto whale controlling $55 million in Dai stablecoins became the target of a phishing attack. The attacker gained access to the victim’s smart contract proxy and transferred ownership of their Maker Vault. This allowed the attacker to mint 55 million Dai into their wallet.

The phishing scheme likely involved tricking the whale into signing a malicious transaction or compromising the private keys associated with their account. Security experts recommend using hardware wallets and carefully verifying transactions to avoid similar attacks.

Radiant Capital Suffers Two Major Hacks in One Year

Radiant Capital, a decentralized lending protocol, endured two significant attacks in 2024. The first, in April, was a flash loan exploit that caused $4.5 million in damages. The second, in October, involved a more sophisticated breach of the protocol’s multi-signature wallet system, resulting in a $51 million loss.

🚨ALERT🚨
Our system has detected suspicious transactions involving @RDNTCapital on multiple chains.

It appears that the platform has suffered a private key compromise, leading to an ongoing attack. A malicious actor gained control of multi-sig wallets and has already drained… pic.twitter.com/Hf9qy4O0E8

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) October 16, 2024

In the second attack, the hackers manipulated transaction data displayed to wallet signers, tricking them into approving malicious transactions. Once approved, the attackers replaced smart contracts for lending pools with altered versions, gaining access to user funds.

Sonne Finance Exploited for $20 Million

In May, Sonne Finance, built on the Optimism Layer 2 network, lost $20 million due to a vulnerability in its Compound v2 fork-based design. The attacker took advantage of a rounding error in a low-liquidity market, withdrawing more assets than deposited.

This type of exploit has affected multiple platforms with similar designs and highlights the ongoing risks faced by DeFi protocols using legacy systems without sufficient safeguards.

Lazarus Group and Broader Security Challenges

Lazarus Group Linked to Multiple Attacks

The Lazarus Group, a North Korea-affiliated hacking organization, was suspected of involvement in several of 2024’s largest cryptocurrency heists, including those targeting WazirX, Radiant Capital, and BingX. The group has been linked to numerous high-profile cybercrimes and is believed to use stolen cryptocurrency to fund state activities.

Experts have observed an evolution in the group’s tactics, from exploiting multi-signature wallet systems to using malware to manipulate transaction interfaces. The rise in their activity has prompted calls for stronger cybersecurity measures across the cryptocurrency industry.

Rising Risks for Both Centralized and Decentralized Platforms

The attacks in 2024 revealed vulnerabilities across the cryptocurrency ecosystem. Centralized exchanges, with their high concentration of funds, remain prime targets for hackers, while DeFi protocols face risks from poorly designed smart contracts, insufficient audits, and exploitable price oracles.

Security firms and blockchain developers are working to address these issues, with an emphasis on enhanced wallet security, regular audits, and better user education. As the industry grows, the importance of adopting robust cybersecurity practices becomes increasingly clear.

The events of 2024 underline the need for ongoing vigilance in the cryptocurrency space. As hackers refine their methods and exploit new vulnerabilities, both companies and investors must prioritize security to protect their assets from future threats.