TL;DR
- DeFi reduces losses by 40% thanks to improved security measures, including robust bridges and advanced cryptographic techniques.
- Attacks on CeFi rise sharply, surpassing $694 million in total losses due to increased vulnerabilities in centralized systems.
- Access control vulnerabilities remain a critical concern in both DeFi and CeFi, with devastating financial consequences for the affected platforms.
The annual Web3 security report by Hacken revealed that in 2024, theft-related losses in the decentralized finance (DeFi) sector dropped by 40% compared to the previous year. This decline is attributed to enhanced security protocols, including more robust bridges and advanced cryptographic techniques. However, the report also highlights an alarming increase in security breaches within the centralized finance (CeFi) sector, with losses exceeding $694 million in 2024.
DeFi Shows Security Progress
Losses in DeFi dropped from $787 million in 2023 to $474 million this year. According to Hacken, this reduction is primarily due to improved bridge security, historically one of the sector’s most vulnerable points. Thefts, which amounted to $338 million in 2023, decreased to just $114 million in 2024. Despite these advancements, the report notes that access control vulnerabilities remain a significant issue. A clear example is the Radiant Capital hack, which resulted in a $55 million loss due to such weaknesses.
CeFi Faces a Bleak Outlook
In contrast, CeFi experienced a dramatic surge in security breaches, with losses more than doubling compared to the previous year. Hacks on centralized platforms, such as DMM and WazirX, led to losses of $305 million and $230 million respectively, stemming from attacks exploiting vulnerabilities in private keys and multi-signature systems. These incidents highlight the fragility of centralized control systems, which Hacken identifies as one of CeFi’s major weaknesses.
Dyma Budorin, CEO of Hacken, warned about the “critical gaps” in CeFi’s operational security, emphasizing the need for better private key management and more advanced monitoring systems. The growing threat from hackers, including North Korean groups, underscores the urgent necessity to improve security measures across both DeFi and CeFi sectors.