Cumulative losses from cryptocurrency hacks exceeded $120 million in September, marking 2024’s second-lowest monthly loss from hacks after April. Centralized exchanges remain frequent targets for crypto hackers, leading to significant losses month after month. In September, crypto exchanges BingX and Indodax accounted for more than half of the losses. Blockchain investigation firm Peckshield noted that the total losses of $120.23 million were spread across more than 20 hacks.September saw a 61.7% decrease in losses from hacks compared with August, when the crypto ecosystem lost nearly $314 million. Of the two crypto exchanges hacked in September, BingX recorded the highest loss of $44 million, while Indodax lost $21 million. Several decentralized entities were also affected, including the decentralized finance protocol Penpie, which lost $27 million to an exploit. Other prominent DeFi hacks included DeFi platform Delta Prime ($6 million), inflation data platform Truflation ($5.6 million) and crypto liquid restaking protocol Bedrock ($2 million). Crypto lender Shezmu, initially hacked for $5 million, managed to recover part of the stolen funds through onchain negotiation with the hacker. Telegram bot Banana Gun announced a refund to crypto traders impacted by its $3 million hack. Indian crypto exchange WazirX remained the biggest victim of a 2024 hack as of Oct. 1. On July 18, WazirX lost $235 million after one of its Safe Multisig wallets on Ethereum was compromised. Following the breach, the exchange suspended all crypto and cash withdrawals to conduct an internal investigation. Three months later, WazirX has yet to issue any remediation plans to compensate affected users.

Full report : Cryptocurrency hacks in September totaled over $120 million, with centralized exchanges BingX and Indodax accounting for more than half.

OODA has been compiling a comprehensive Web3 incident database from the start of the cryptocurrency age based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.