The cryptocurrency industry faced staggering losses in 2024, with an estimated $2.2 billion stolen across 303 hacking incidents, according to a new report from Chainalysis. This represents a 21% rise from 2023, highlighting ongoing security issues in the crypto industry despite increased awareness and investment in protections.
According to Chainalysis, while decentralized finance (DeFi) platforms have historically been prime targets, centralized exchanges took the brunt of attacks in the second and third quarters of the year.
Major incidents included the breach of DMM Bitcoin in May, resulting in a $305 million loss, and WazirX in July, which saw $234.9 million stolen. These attacks revealed the critical need for better protection of private keys, as such compromises were responsible for 44% of the total losses.
Looking deeper, the report revealed that North Korean hackers played a significant role, stealing $1.34 billion in 47 incidents—more than double the value stolen in 2023. The stolen funds are believed to finance the country’s weapons programs.
However, activity by these groups notably decreased after July, potentially linked to shifting geopolitical strategies following a summit between North Korean leader Kim Jong Un and Russian President Vladimir Putin.
The impact of these attacks is profound, with some companies, such as DMM Bitcoin, forced to shut down operations after suffering major breaches. DMM Bitcoin was a prominent Japanese cryptocurrency exchange. It announced its closure after suffering a significant security breach in May 2024.
The hack resulted in the theft of approximately 4,503 BTC, valued at over $300 million at the time. Despite substantial recovery efforts, including raising $365 million through loans and investments, the exchange struggled to regain stability. Ultimately, it decided to shut down and transfer its assets and customer accounts to SBI VC Trade, a subsidiary of SBI Group, by March 2025.
The breach highlighted the vulnerabilities of the platform, with investigations attributing it to the notorious Lazarus Group. Attempts to recover the stolen funds, which were partially laundered through various platforms, were unsuccessful.
More intuitive tools to detect hacks
In the midst of the rise of hacks in 2024, Chainalysis noted that the year also saw promising advancements in predictive tools designed to detect and prevent such incidents. This led to the chainalysis acquisition of Hexagate. Hexagate is a Web3 security and risk analytics platform designed to protect decentralized systems from cyber exploits, financial risks, and governance vulnerabilities.
The platform offers real-time threat detection and prevention services, safeguarding assets, smart contracts, exchanges, and protocols. It also provides tools to analyze blockchain activity and prevent phishing, fraud, and malicious transactions.
This acquisition integrates Hexagate’s cutting-edge technology into Chainalysis’s suite of compliance and security tools, enabling better protection for Web3 organizations, including Polygon, Coinbase, Uniswap, and ConsenSys.
According to Chainalysis, Hexagate’s system has already safeguarded over $1 billion in customer funds. This was achieved by enabling its clients—such as protocols, exchanges, and asset managers—to act quickly based on real-time notifications and automated security measures. These interventions help block malicious activities before they escalate, reducing the risk of financial loss and operational disruption.
