Crypto hacking escalated to alarming levels in 2024, with $2.2 billion stolen, according to Chainalysis’ latest report. This represents a 21% year-over-year increase and highlights a persistent challenge in the digital asset ecosystem. For the fifth time in a decade, the value of crypto thefts surpassed $1 billion, underscoring the vulnerabilities inherent in both decentralised and centralised platforms.
Centralised exchanges in the crosshairs
Hacking trends in 2024 revealed a shift from decentralised finance (DeFi) platforms to centralised exchanges as primary targets. While DeFi platforms dominated in Q1, centralised services became the main focus in Q2 and Q3. Notable incidents include the $305 million breach of DMM Bitcoin in May and the $234.9 million hack of WazirX in July.
Eric Jardine, Cybercrimes Research Lead at Chainalysis, stressed the importance of safeguarding private keys, which were compromised in 44% of incidents. “For centralised services, ensuring the security of private keys is critical, as they control access to users’ assets. Given that centralised exchanges manage substantial amounts of user funds, the impact of a private key compromise can be devastating,” Jardine stated.
These breaches often involve sophisticated laundering techniques. Hackers frequently use decentralised exchanges, mixing services and bridges to obscure stolen funds’ origins. Chainalysis observed distinct patterns: private key hackers favoured bridges and mixers, while other attackers leaned on decentralised exchanges.
North Korea’s growing influence
North Korea’s involvement in crypto crime surged dramatically in 2024, with state-affiliated groups responsible for $1.34 billion—61% of the total value stolen—across 47 incidents. This marks a 102% increase in stolen funds compared to 2023. North Korea’s cybercriminal operations fund weapons programs and circumvent international sanctions, posing a global security risk.
One significant case was the DMM Bitcoin exploit, resulting in $305 million in losses. The attackers exploited wallet vulnerabilities and utilised CoinJoin mixing services to launder funds. The fallout forced DMM Bitcoin to shut down operations, transferring assets to SBI VC Trade by March 2025.
Interestingly, North Korean hacking activity dropped significantly after July. This coincided with a June summit between Russian President Vladimir Putin and North Korean leader Kim Jong Un. Following the summit, the average daily value stolen by DPRK groups fell by 53.7%, suggesting a potential shift in priorities, possibly linked to geopolitical developments like the Ukraine conflict.
Emerging predictive technologies
Advanced tools are reshaping the fight against crypto crime. Predictive systems, such as Hexagate’s machine learning models, enable the real-time detection of suspicious activities. For instance, Hexagate identified a potential exploit contract two days before the $20 million UwU Lend attack in June. However, while early detection is promising, its effectiveness depends on the platforms’ ability to respond swiftly.
In the UwU Lend case, attackers manipulated price oracles to borrow millions within minutes. Hexagate’s detection underscored the need to integrate proactive measures with rapid response capabilities. Predictive technologies and robust security protocols could transform the industry’s approach to preventing hacks.
Laundering techniques
Hackers employ varied strategies to launder stolen funds. Chainalysis’ report highlights how private key exploiters rely on bridges and mixers while other attackers use decentralised exchanges. These methods complicate asset recovery efforts, making it imperative for platforms to enhance transaction monitoring and tracing capabilities.
Decentralised services, often praised for transparency, face unique challenges. Rapid growth and innovation sometimes outpace security measures, creating exploitable gaps. As decentralised platforms continue to evolve, balancing innovation with security will be crucial.
Enhanced security
Addressing the complexities of crypto crime requires collaboration between the public and private sectors. Data-sharing initiatives, advanced tracing tools, and targeted training can empower stakeholders to counter threats effectively. Jardine emphasised the importance of these partnerships: “By fostering stronger collaborations with law enforcement and equipping teams with the resources and expertise to respond rapidly, the crypto industry can reinforce its defences against theft.”
Regulatory frameworks are also evolving to enhance platform accountability. Clear regulations in regions like the UAE provide a foundation for creating a secure crypto ecosystem. Platforms must adopt best practices, including multi-factor authentication, regular security audits, and employee background checks. Such measures can mitigate risks, especially given incidents of North Korean IT workers infiltrating Web3 companies.
Role of regulatory scrutiny
As regulatory bodies increase scrutiny, platforms must prioritise customer asset protection and compliance. Proactive measures, such as adopting insurance coverage for stolen assets, can enhance trust among users. Additionally, transparent communication about security protocols and breach responses is essential for maintaining credibility.
Building trust in a vulnerable ecosystem
Securing the crypto industry is not solely about preventing theft; it’s about fostering trust. The rise in stolen funds underscores gaps in existing measures and highlights opportunities for innovation. Advanced tools, collaborative efforts and stringent regulations can collectively strengthen the ecosystem.
“Such efforts are not only critical for protecting individual assets but also for building long-term trust and stability in the digital ecosystem,” said Jardine. As crypto adoption grows, the industry must rise to the challenge of safeguarding user assets and ensuring a resilient future for digital finance.
