Q1 2024 Web Security Report
Discover the biggest hacks, scams, and emerging trends in our Q1 2024 Web3 Security Report. Don’t miss out—access it now!
🇺🇦 Hacken stands with Ukraine!
Learn moreWith several landmark events occurring in the crypto space this quarter, indicating a path towards a regulated future, we continue to closely monitor hacks and scams to assess the industry’s state of security and observe emerging trends. This time, we teamed up with the HackenProof research team to analyze the data and provide the community with valuable insights. In the second quarter, we have seen both promising signs of major fund recoveries and the continuation of alarming trends where projects neglect security best practices.
Hackers and bad actors continue to employ a wide range of attack vectors, with access control attacks causing the industry’s biggest losses, totaling $397M. Notably, rug pulls that were prevalent in 2023 are the least damaging type of attack this quarter.
The CeFi category, which includes projects combining FinTech and DeFi elements, suffered the most significant financial damages. Just two incidents in this category resulted in greater losses than all other project types combined.
For the second consecutive quarter, the industry has managed to recover over half of the stolen funds. While this may seem promising, the total losses for the two quarters of 2024 are nearly equivalent to the losses for the entire year of 2023. Thus, the seemingly positive trend becomes alarming when viewed from a broader perspective.
Despite nearly half of the affected projects having undergone audits, only four of these audits were relevant. In the majority of cases, there was a concerning absence of adequate security measures. This indicates that the industry is still far from overcoming the safety crisis in crypto.