Hackers Steal $440 Million in 28 Exploits During Q3: A Deep Dive

A report reveals that hackers stole $440 million in 28 exploits during Q3 2024, with access control attacks being the most damaging. Centralized exchanges faced the highest losses.

The third quarter of 2024 witnessed a staggering $440 million stolen through 28 hacking incidents, marking a significant event in the cybersecurity landscape. Despite being the smallest losses recorded in the past three years, the recovery rate remains alarmingly low at just 5%. This report by cybersecurity firm Hacken sheds light on the types of attacks, the most affected sectors, and potential mitigation strategies.

Key Takeaways

  • Total losses from hacks in Q3: $440 million
  • Number of incidents: 28
  • Recovery rate: 5%
  • Access control attacks accounted for nearly 70% of losses
  • Centralized exchanges were the most targeted

Overview Of The Attacks

The report categorizes the various types of attacks that led to these losses, with access control exploits being the most damaging. These attacks allowed hackers to gain control over the keys that manage smart contracts, enabling them to withdraw funds at will.

  1. Access Control Attacks:
  2. Smart Contract Vulnerabilities:
  3. Centralized Exchanges:

Impact On Centralized Exchanges

Centralized exchanges faced the brunt of the losses, with WazirX's hack being the most significant. The incident raised questions about potential insider involvement, as independent audits found no security breaches. Other types of attacks, such as those on yield aggregators and cross-chain bridges, also contributed to the overall losses, although they were less frequent.

Losses Across Different Project Types

The report highlights the distribution of losses across various project categories:

  • Centralized Exchanges: Highest losses due to significant hacks.
  • Yield Aggregators: Followed closely behind in terms of losses.
  • Lending and Borrowing Protocols: Lost $19.6 million, with Aave being a notable victim.

Mitigation Strategies

Hacken emphasizes the importance of proactive measures to prevent such losses. Their Automated Incident Response Strategy can be customized to monitor smart contracts and trigger protective actions when suspicious activities are detected. The report suggests that approximately 28.7% of losses could have been avoided with better monitoring systems in place.

Case Study: The Nexera Exploit

One of the notable incidents involved the DeFi protocol Nexera, where a scammer drained 47.2 million NXRA tokens. The attacker managed to swap 15 million tokens before the team could pause the contract, resulting in a loss of $1.5 million. The report illustrates how the Automated Incident Response Strategy could have mitigated this loss by pausing the contract immediately upon detecting the exploit.

Conclusion

The third quarter of 2024 serves as a stark reminder of the vulnerabilities present in the crypto space. While the total losses were lower than in previous years, the low recovery rate and the sophistication of attacks highlight the need for enhanced security measures. As the industry continues to evolve, so too must the strategies to protect against these ever-present threats.

Sources

[ newsletter ]
Stay ahead of Web3 threats—subscribe to our newsletter for the latest in blockchain security insights and updates.

Thank you! Your submission has been received!

Oops! Something went wrong. Please try again.

[ More Posts ]

Revolutionizing Security: The Role of AI-Based Scam Detection in Modern Fraud Prevention
6.2.2025
[ Featured ]

Revolutionizing Security: The Role of AI-Based Scam Detection in Modern Fraud Prevention

Explore AI-based scam detection's role in modern fraud prevention, enhancing accuracy and reducing costs.
Read article
Innovative Strategies for Blockchain Exploit Prevention in 2025
5.2.2025
[ Featured ]

Innovative Strategies for Blockchain Exploit Prevention in 2025

Explore 2025's top strategies for blockchain exploit prevention, focusing on AI, cryptography, and security.
Read article
Innovative DApp Security Solutions: Protecting Your Decentralized Applications in 2025
4.2.2025
[ Featured ]

Innovative DApp Security Solutions: Protecting Your Decentralized Applications in 2025

Explore 2025's top DApp security solutions to protect decentralized applications from emerging threats.
Read article