Crypto Ecosystem Lost $269M to Hackers in July, 87% Stolen in Single CeFi Hack

In July 2024, the crypto ecosystem lost nearly $269.5 million in 14 specific hacking incidents, according to the latest report by major bug bounty and security services platform Immunefi.

Notably, centralized finance (CeFi) surpassed decentralized finance (DeFi) with a single incident.

Crypto Hacks Stay in the Lead

Immunefi found that July saw $269,439,252 stolen in fourteen specific hacks and fraud incidents.

This is a 90% increase month-over-month.

Additionally, it’s a 15.9% decrease from July 2023, when registered losses stood at $320,498,660.

Source: Immunefi

The majority of the stolen sum is the result of only two projects.

Indian crypto exchange WazirX lost $235 million in a hack, while LI.FI protocol , a platform to swap and bridge across major blockchains and protocols, lost $10 million in a security breach.

Hacks were still the predominant cause of losses in July. Hackers stole $266,481,700 across 12 incidents.

On the other hand, fraudsters stole $2,957,552 across two incidents.

Therefore, fraud accounted for only 1.1% of the total losses in July, while hacks accounted for 98.9%.

Meanwhile, the report found that the space lost $1,190,379,330 to hacks and rug pulls in 2024 year-to-date (YTD) in 149 specific incidents.

This is a 16.3% increase when compared with the same period in 2023. The sum at the time stood at $1,023,463,722.

Centralized Finance and North Korean Crypto Hackers in Focus

Immunefi found that CeFi again surpassed DeFi in July.

DeFi suffered $34,439,252 in total losses in July across eleven incidents.

However, CeFi represented 87% of the total volume of funds lost. It lost 235,000,000 in a single incident.

“Most of the losses in 2024 are attributed to attacks targeting CeFi infrastructure,” the report noted.

Over $636 million of the $1.19 billion stolen in 2024 YTD is attributed to CeFi.

Source: Immunefi

Additionally, the infamous North Korean Lazarus Group made a major comeback.

It seems that this group is behind the WazirX hack.

Also, the DMM Bitcoin hack in May has been linked to the Lazarus Group . The hackers began laundering the funds in July.

Overall, Lazarus – affiliated with the North Korean government – has been linked to some of the largest attacks within the crypto ecosystem, the report said.

This includes Atomic Wallet, CoinEx, Alphapo, Stake, and CoinsPaid.

Main Targets: Ethereum and BNB Chain

Unsurprisingly, Ethereum and BNB Chain were the most targeted chains in July.

These represent 71.4% of the total losses across targeted chains.

Source: Immunefi

Ethereum suffered the most individual attacks. It saw seven incidents, representing 50% of the total losses across targeted chains.

At the same time, BNB Chain saw three incidents, which is 21.4% of the losses.

Scroll and Base suffered one incident each. They represent 7.1% of the total losses.

Meanwhile, Immunefi offers over $157 million in available bounty rewards.

So far, it has paid out over $100 million in total bounties while saving over $25 billion in user funds, the team noted.