A look back at the major cryptocurrency hacks and breaches in 2024.
The cryptocurrency industry is synonymous with incredible growth, liquidity and freedom.
Unfortunately, these properties also make it an attractive target for hackers, who craft devious plans to target centers of capital and exfiltrate funds or user data.
Despite its rampant success, the cryptocurrency industry still faces the risk of potential hacks, deterring many would-be participants from using centralized platforms or on-chain protocols out of fear of being targeted next.
Join us in showcasing the cryptocurrency revolution, one newsletter at a time. Subscribe now to get daily news and market updates right to your inbox, along with our millions of other subscribers (that’s right, millions love us!) — what are you waiting for?
How Big Is the Problem?
More than $2.2 billion was stolen in 2024 alone — up 21% from last year’s figure.
Source: Chainalysis
Common targets include centralized exchanges and DeFi protocols due to the substantial funds they often hold.
Though there is likely a large number of blackhats operating in the cryptocurrency space, the North Korean threat actor, Lazarus Group, is thought to be responsible for $1.3 billion in thefts this year alone.
Let’s take a closer look at some of this year’s most significant hacking events.
Li.Fi Protocol: $11 Million Stolen
In July 2024, the Li.Fi protocol experienced a significant security breach, resulting in the loss of approximately $11 million in user funds.
The incident was triggered by the deployment of a new smart contract facet that contained a critical vulnerability. The exploit allowed attackers to make unauthorized calls to any contract without prior validation, leveraging the infinite approval settings on user wallets, primarily affecting those who had enabled this option.
This is the second time the protocol has been hacked, highlighting the potential risks associated with decentralized protocols.
>> Click here to read more.
Radiant Capital: $50 Million+ Stolen
In October 2024, the Decentralized Finance (DeFi) lending platform known as Radiant Capital suffered an exploit that allowed hackers to steal over $50 million in user funds across various blockchains.
The as-yet unmasked attackers used malware to manipulate the Gnosis safe wallet interface used by the multi-signature wallet signers, tricking them into approving malicious transactions that appeared legitimate.
This breach allowed the attackers to take control of the protocol's Pool Provider contract, upgrading it to a malicious version that facilitated the unauthorized draining of user funds.
Investigators, including the cybersecurity firm Mandiant, concluded with high confidence that the Democratic People’s Republic of Korea (DPRK) was behind the attack.
To date, no funds have been recovered.
>> Click here to read more.
Indodax: $22 Million+ Stolen
Back in September, Indodax — then Indonesia's largest cryptocurrency exchange — suffered an extensive hack that affected more than 6 million users.
The breach, which was first spotted by multiple blockchain security firms, including PeckShield and SlowMist, found that hackers got away with at least $22 million in funds comprising various different cryptocurrencies.
As of yet, the company has not clarified if, when or how it will reimburse affected parties.
Analysts suspect the Lazarus Group may be to blame for this one.
>> Click here to read more.
BingX: $43 Million+ Stolen
One of several cryptocurrency exchange hacks this year, BingX suffered a devastating $43 million across multiple blockchain networks. Blockchain security firm PeckShield traced $26.7 million in assets to one Ethereum wallet involved in the attack.
The initially modest loss figures escalated as more wallets were identified. Despite the significant losses, BingX assured that all user losses would be fully covered by their own capital. Security experts, including those from Cyvers and Beosin, helped freeze about $1 million of the stolen funds
>> Click here to read more.
WazirX: $235 Million Stolen
In July 2024, one of India's largest cryptocurrency exchanges — known as WazirX — was hacked to the tune of $235 million.
The attack saw the hackers make off with various amounts of over 200 different cryptocurrencies.
Though it is still unknown exactly how the exchange attack took place, it is thought that the parties responsible for handling the exchange's main multi-signature wallet were tricked into handing over control to the as-yet-unidentified attacker by inadvertently authorizing a malicious smart contract.
The platform currently aims to compensate affected users using Recovery Tokens (RTs). These represent each creditor’s share of the stolen assets and will be gradually bought back using various revenue streams.
In total, the hack affected 15 million users, and public sentiment surrounding the recovery token scheme is largely negative.
>> Click here to read more.
PlayDapp: $290 Million Stolen
One of the most significant hacks of this year occurred back in February, when a hacker exploited a vulnerability in PlayDapp's smart contracts to mint and steal a total of $290 million of PLA tokens.
The hack unfolded in two phases, with the hacker first minting 200 million PLA before minting an additional 1.59 billion the day after.
Despite attempts to negotiate the return of the assets, including offering a $1 million "white hat" reward, the attacker proceeded with their activities and collapsed the token price by offloading the newly minted tokens onto the market.
Subsequent actions taken by PlayDapp include pausing the vulnerable PLA smart contract and implementing a migration strategy to mitigate the effects of the attack. PLA tokens were later swapped 1:1 with a newly issued PDA token.
>> Click here to read more.
DMM Bitcoin: $305 Million Stolen
In yet another centralized exchange (CEX) hack, the Japanese cryptocurrency exchange DMM Bitcoin took a $320 million loss in May 2024.
Hackers got away with over 4500 Bitcoin, then worth around $305 million by breaching the exchange’s security layers to steal private keys. This allowed them to transfer a substantial amount of Bitcoin from DMM Bitcoin’s wallets.
Again, Lazarus Group is the suspected culprit.
Despite initially planning to reimburse users by taking out loans and procuring Bitcoin from its group company (DMM.com), the exchange faced significant challenges in recovering stolen funds and was unable to make its users whole. The platform will shut down operations in March 2025 and transfer all customer assets to SBI VC Trade.
>> Click here to read more.
Staying Safe
Though crypto hacks are a relatively rare occurrence, they are particularly damaging since funds are rarely recovered.
Indeed, only a handful of affected platforms and protocols have managed to recover most or all of the funds they initially lost — even with the use of retroactive bug bounties and whitehat rewards.
Euler Protocol remains one of the only platforms to achieve a near complete recovery, after it recovered 90% of more than $200 million assets lost due to a flash loan attack.
With that in mind, there are three simple security procedures you can take now to minimize your chances of being hacked.
Not Your Keys, Not Your Coins
Remember that if a third party holds custody of your assets, then you may lose your holdings if their security is breached. Most of these platforms do not offer insurance over your funds and are unlikely to reimburse you should they suffer an attack.
Consider holding your funds in a self-custody wallets, such as a hardware wallet or web wallet — being sure to securely back up your private keys/recovery phrases.
Consider Proof of Reserves
Following the fallout of the FTX meltdown in 2022, many exchanges began maintaining proof of reserves to demonstrate that they hold 100% of user deposits in reserve (and hence are not operating a bank-esque fractional reserve).
>> Click here to see how to learn more about Proof of Reserve (POR).
Perform Regular Security Audits
It is a good idea to regularly re-evaluate your security practices to identify and mitigate any potential risk vectors.
This can include regularly backing up new wallets, revoking permissions to unnecessary protocols, removing traces of recovery phrases/private keys on internet connected devices and withdrawing excess balances from centralized platforms.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap. CoinMarketCap is not responsible for the success or authenticity of any project, we aim to act as a neutral informational resource for end-users.
