Share this article
Crypto Hackers Nabbed $409M in Q3: Immunefi
The figure is 40% less than in third-quarter 2023.
Updated Sep 26, 2024, 9:05 p.m. Published Sep 26, 2024, 1:00 p.m.
- $409 million stolen in the third quarter, 40% less than in the year-earlier period.
- The majority of stolen funds can be attributed to the hacks of WazirX and BingX, with $235 million and $52 million being stolen respectively.
- DeFi remains an unparalleled opportunity for blackhat hackers, Immunefi said.
Hackers stole $409 million worth of cryptocurrency in the third quarter, and an additional $3 million was lost to fraud, according to a report by Immunefi.
The figure is 40% less than in third-quarter 2023, the bug bounty platform said.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
The amount of capital locked on decentralized finance (DeFi) protocols represents an "unparalleled and attractive opportunity for blackhat hackers," Immunefi said. There is currently $87.2 billion in total value locked (TVL) across DeFi, according to DefiLlama.
Most the quarter's losses came from hacks of crypto exchanges, with India's WazirX losing $235 million and Singapore's BingX $52 million. The report said 32 other hacks accounted for 32% of total losses.
"We're seeing a higher number of incidents targeting DeFi, while CeFi experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit," said Mitchell Amador, founder and CEO of ImmuneFi.
"In CeFi, the biggest infrastructural issue is private key management, which is essential to maintaining the self-custody of crypto assets but is not typically subject to security audits. It requires rigorous key management policies, practices, and emergency plans."
WazirX lost funds after hackers compromised the exchange's private keys. The exchange halted withdrawals and froze trading on July 18, and is now seeking a moratorium from Singapore's courts to give it time to restructure.
The Ethereum blockchain was the most common target for hackers, with 15 incidents of theft reported compared with eight on BNB Chain and two on Base.
There were also two incidents of funds being recovered after being stolen. Ronin Network recouped $10 million from a $12 million hack and ShezmuTech clawed back all $4.9 million that was taken.
Mais para você
O que saber:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
Mais para você
USDC Issuer Circle Secures Abu Dhabi's ADGM License in Middle East Expansion
The license allows Circle to expand USDC payment and settlement tools across the United Arab Emirates.
O que saber:
- Circle has obtained a Financial Services Permission license from Abu Dhabi Global Market, allowing it to operate as a Money Services Provider in the UAE.
- The stablecoin issuer has appointed Dr. Saeeda Jaffar, former manager at payments firm Visa.
- The approval comes as part of the UAE's emergence as a global hub for regulated digital assets, following similar licenses granted to Binance.
Top Stories
