In summary
- Losses from DeFi hacks decreased to $424,000 in the third quarter of 2024, a 38% reduction from the previous year.
- Professional attackers have turned DeFi hacks into a sustainable business, employing more sophisticated techniques such as social engineering.
- ImmuneFi launched the Ethereum Protocol Attackathon with $1.5 million in prizes to strengthen Blockchain security.
Decentralized finance (DeFi) hacks have become a “full-time job” for professional attackers, according to the founder of blockchain security firm ImmuneFi.
Speaking with Decrypt at Web Summit 2024, ImmuneFi founder Mitchell Amador said that DeFi hacks have become “an infinitely sustainable and viable business,” although the crypto ecosystem is “undoubtedly” more secure.
According to Amador, DeFi hackers are “looking to cause more damage than ever, and their skills are also applicable in several different areas.” He explained that, “even if they aren’t making sustainable hacks in the short term, they could be doing MEV, or other ways to monetize their unique skill set.”
Despite that, Amador told Decrypt that the crypto ecosystem “is becoming much more secure, and at a very rapid pace.” He pointed to the results of ImmuneFi’s Q3 2024 report, which found that losses from Cryptocurrency hacks had decreased 38% year-over-year, to just under $424,000.
So far this year, Amador said cryptocurrency losses from hacks have reached “just over $1 billion,” compared to about $3 billion in 2022 and about $1.8 billion in 2023. “This is despite the rise in value of the industry as a whole, and of the increasing value of on-chain assets as well. Therefore, in per capita terms, the risk per dollar of value is plummeting. Although hacking incidents are on the rise, he said, “we are seeing very few large cases.”
He highlighted the October 2024 $50 million hack of Radiant Capital as an example of the growing sophistication of DeFi hacks, pointing to North Korean hackers. “They went after the private keys by compromising the underlying machines and falsifying transactions in this type of man-in-the-middle attack, which is very exotic.” Hackers are increasingly using social engineering to exploit vulnerabilities in DeFi protocols, he said, adding that “humans are always the weakest link.”
To harden the world’s largest smart contract blockchain against attacks, ImmuneFi is hosting the Ethereum Protocol Attackathon, “the world’s largest code contest,” with a $1.5 million prize at stake.
“We have hundreds and hundreds of hackers,” Amador said. “They will all jump into the Ethereum codebase with $1.5 million at stake to prove they can find mission-critical bugs and reveal them in time.”
“This is a new type of procedure that the Ethereum Foundation has never done before,” he said, expressing hope that the contest will become a regular event, “strengthening each new major iteration of the blockchain.”
While blockchain security is “the most stable and fundamental part of the cryptocurrency industry,” Amador expects the sector to be an “indirect beneficiary” of the incoming Trump administration and its cryptocurrency-friendly positioning.
Trump’s proposed strategic Bitcoin reserve, Amador said, is “creating pressure” on European ministries to “start adopting cryptocurrencies more aggressively and become much friendlier as a result,” adding that, “I’ve seen this with my own eyes”.
“It looks like it’s going to be a big net benefit for the industry in terms of overall growth and friendliness,” he said, adding, “This is going to boost security activity in turn.”
For its part, ImmuneFi plans to expand into “automated technologies,” including a “fairly large AI agent” that will coordinate collaboration in obtaining “proactive security measures,” Amador said.
“We’re taking the next logical step for bug bounties,” he added, “but they’ll look completely different in two or three years than they do today, and it should be pretty amazing.”
Edited by Andrew Hayward
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
For the Latest Crypto News, Follow ©KeynoteUSA on Twitter Or Google News.
Disclaimer: Please note that the information provided on this page is for News purposes only and should not be considered investment or trading advice. ©Crypto.keynoteusa.com strongly recommends that you conduct independent research and/or consult with a qualified professional before making any investment decisions.
