Web3 Security Report 2024: DeFi Strengthens as CeFi Struggles

Key Points:

  • According to the Web3 Security Report by Hacken, crypto hack losses remained at $2.3 billion in 2024.
  • DeFi reduced losses by 40% due to stronger protocols and fewer bridge-related exploits.
The Web3 Security Report by Hacken highlights a mixed year for blockchain security, with total crypto hack losses remaining steady at $2.3 billion, excluding phishing. However, significant differences emerged between decentralized finance (DeFi) and centralized finance (CeFi) sectors.
Web3 Security Report 2024: DeFi Strengthens as CeFi Struggles

Read more: Rumours About Gate.io Security Breach Are Not True

Web3 Security Report: Access Control Exploits Dominate Blockchain Security Threats

Access control exploits dominated the landscape, accounting for 75% of all crypto hack losses. These vulnerabilities impacted DeFi, CeFi, and gaming/metaverse platforms, underscoring the ongoing challenges in operational security and access management.

According to the Web3 Security Report, DeFi showed notable improvement in security, reducing financial losses by 40% compared to 2023.

Total losses dropped from $787 million in 2023 to $474 million in 2024 thanks to stronger protocols, secure bridges, and cryptographic advancements like multiparty computation (MPC) and zero-knowledge proofs (ZKPs). Bridge-related exploits, a major historical weakness, declined sharply from $338 million to $114 million this year.

Despite these advancements, DeFi remains vulnerable to access control weaknesses and is responsible for nearly half of its losses. Notable incidents include the Radiant Capital hack, which resulted in a $55 million loss.

CeFi Struggles as Breaches and Financial Losses Surge

In contrast, CeFi faced a difficult year, with breaches more than doubling and financial losses surging to $694 million from $305 million in 2023.

Centralized exchanges became primary targets for access control vulnerabilities, with major incidents like the DMM Exchange hack and WazirX breach facilitating the theft of $305 million and $230 million, respectively.