In 2024, Web3 faced significant security challenges, losing $2.1 billion. Hacks, scams, and access control vulnerabilities posed major challenges for the ecosystem. Let's examine how this year unfolded for Web3.
$2.1B Lost: Most Vulnerable Year
2024 proved to be a real test for Web3, with $2.1 billion lost due to hacks, scams, and rug pulls. May 2024, the heaviest month, brought losses of $350 million. Ethereum was a major target, suffering total losses of $465 million due to numerous incidents. Some of the largest attacks included a $300 million breach at DMM Bitcoin, $290 million at Playdapp, and $230 million at WazirX. Additionally, the Solana platform, popular among memecoins, saw numerous rug pulls.
Access Control Exploits: Major Threat to Web3
Access control exploits were the main villain of 2024, resulting in $1.73 billion in losses, accounting for 78% of all crypto hacks. These vulnerabilities, caused by inadequate protection of access mechanisms, lead to major losses, including thefts on Playdapp and Ronin Network platforms. The DeFi sector alone saw $219 million drained due to access control issues, significantly impacting CeFi as well, where losses reached $694 million.
DeFi Strengthens, CeFi Falters
Despite increasing pressure on CeFi, the DeFi sector showed a significant reduction in losses by 39%, from $653 million in 2023 to $477 million in 2024. This was achieved thanks to improved auditing measures and new technological solutions such as multisignature mechanisms and advanced cryptography. Meanwhile, CeFi faced increased threats due to security weaknesses and fund concentration.
The year 2024 served as a lesson for Web3, highlighting access control issues and vulnerabilities in centralized platforms. However, progress is on the horizon: improved security measures and the adoption of new technologies could change the game in the future.
