According to the Immunefi platform, in 2024 the number of successful and partially successful attacks decreased by 28% to 232 cases, which allowed to reduce the total losses by 17% compared to 2023. At the same time, most of the $1.47 billion in losses came from attacks, while fraud caused only $28 million in losses.
Decentralized financial protocols (DeFi) remain the main target of hackers, accounting for more than 51% of attacks. However, hackers are starting to turn their attention to centralized financial platforms (CeFi) such as WazirX and Bitcoin DMM, which suffered significant losses for the first time since 2021, accounting for 36% of the total. The North Korean hackers responsible for the attacks on WazirX and Radiant Capital, which caused $285 million in losses, played a particularly important role in cybercrime. Their modus operandi includes social engineering, such as using malware-infected PDF files to compromise developers’ devices.
The Ethereum blockchain remains the most vulnerable, accounting for 44% of attacks; in 2024, Immunefi also reported $116 million in recoveries in 14 cases, representing approximately 8% of all losses. Hackers focus on compromising the infrastructure of projects and “hot wallets” because this allows them to steal all the funds they control.
Although overall losses have decreased, the increasing sophistication of hacking attacks shows the need for increased security in both DeFi and CeFi; in 2025, strengthening the protection of infrastructure and private keys will be a key challenge, as hackers will be able to steal all the funds they control.