The blockchain security picture looks grim: Immunefi’s “Crypto Losses in 2024” report finds the industry lost $1,495,487,055 across 232 incidents — and early 2025 is already eclipsing last year’s damage. The headline: hacks continue to dominate, a handful of mega-breaches reshape the narrative, and centralized platforms are emerging as disproportionately expensive targets.
Key findings
- Total losses in 2024: $1,495,487,055 across 232 incidents.
- Attack type breakdown: hacks caused 98.1% of losses; fraud/scams/rug pulls made up 1.9%.
- Year-over-year: 2024’s total was ~17% lower than 2023’s >$1.8B, but that decline masks concentration risk — a small number of very large incidents skew results.
- Two mega-hacks (DMM Bitcoin — $305M in May; WazirX — $235M in July) together accounted for roughly 36% of 2024’s losses.
- CeFi vs DeFi: CeFi losses jumped 77.5% YoY to $726.2M from just 11 incidents; DeFi losses fell 44.8% to $769.3M across 221 incidents — revealing that fewer centralized compromises now produce higher-dollar damage.
- Quarter detail: Q2 2024 was the worst quarter with $572.7M lost in 72 incidents (a 115.7% rise vs Q2 2023); May alone saw $358.5M (driven by DMM).
- Most targeted chains: Ethereum and BNB Chain remained top targets.
Worse in 2025 so far
Immunefi’s more recent tallies show 2025’s start has been catastrophic: year-to-date losses through Q1 reached $1.64B, largely driven by a single $1.4B Bybit exploit — surpassing all of 2024’s losses within three months.
Beyond the dollar figure
Immunefi CEO Mitchell Amador warns the consequences of hacks extend past stolen funds. Nearly 80% of projects hit by major breaches never fully recover, facing operational paralysis and severe reputational damage. On the defensive side, Immunefi reports protecting over $190 billion in user funds via its programs and claims more than $25 billion in prevented losses through bug bounties, including a record $10M payout for a Wormhole vulnerability.
Why this matters
The data underscores a shifting threat landscape: attackers are targeting higher-value centralized infrastructure and executing ever-larger heists. As crypto markets grow, so do attackers’ resources and sophistication — making robust security, key management, and proactive bug-bounty programs more critical than ever for both CeFi and DeFi actors.
Read more AI-generated news on: undefined/news
