Ethereum Ecosystem Lost $400 Million From Hacking in First 6 Months of 2024: Report

Hacking losses across the entire blockchain ecosystem jumped by 50 percent from last year.
Ethereum Ecosystem Lost $400 Million From Hacking in First 6 Months of 2024: Report
A man conducted a transaction at a cryptocurrency shop in Hong Kong on Nov. 21, 2022. (Sung Pi-Lung/The Epoch Times)
Naveen Athrappully

Among blockchain ecosystems, Ethereum suffered the most losses in hacking incidents during the first half of 2024, according to a recent report by cybersecurity firm SlowMist.

There was a total of 223 blockchain security incidents in the first half of 2024, up from 185 in the same period last year, the July 2 report states. Losses from these incidents have totaled $1.43 billion so far this year, up by more than 50 percent from 2023. Of these, the Ethereum blockchain ecosystem suffered the most with $400 million in losses, followed by Arbitum at a distant second with $72.46 million in losses.

The main reason for the security breaches was found to be vulnerabilities in blockchain contracts, which can include issues such as bugs in the code. The second top reason was “rug pull,” a type of exit scam by which a crypto team raises money from investors and the public by selling digital tokens only to disappear with the funds.

Decentralized finance (DeFi) entities were found to be the “most frequently attacked” compared to centralized finance (CeFi) counterparts. In CeFi, all crypto trades are handled via a central exchange. This stands in contrast to DeFi, in which there is no exchange involved in the trade.

“In the first half of 2024, there were 158 DeFi security incidents, accounting for 70.85 percent of the total Incidents, with losses amounting to $659 Million. Compared to the First Half of 2023 (111 incidents with losses of approximately $480 Million), this represents a 37.29 percent year-on-year increase in losses,” the report reads.

Security incidents on trading platforms alone accounted for $524 million in losses during the first half. The attack on Japanese crypto platform DMM Bitcoin on May 31 was the largest trading platform security incident during this period. More than 4,500 bitcoins were illegally transferred from the company’s official wallet, leading to losses of about $305 million.

A key reason that Ethereum ranks No. 1 in terms of the number of security incidents could be its popularity. Ethereum is one of the leaders in DeFi projects. DeFi accounted for the majority of security incidents in the January-to-June period. As such, the Ethereum blockchain was targeted most by hackers.

Hacking Incidents

In May, two brothers were arrested by law enforcement in the United States for attacking the Ethereum blockchain and stealing $25 million.

The brothers, who studied math and computer science at a prestigious university, were accused of tampering with and manipulating the processes and protocols by which transactions in the Ethereum blockchain are validated and added, according to a statement from the Department of Justice.

“In doing so, they fraudulently gained access to pending private transactions and used that access to alter certain transactions and obtain their victims’ cryptocurrency. Once the defendants stole their victims’ cryptocurrency, they rejected requests to return the stolen cryptocurrency and took numerous steps to hide their ill-gotten gains,” the department stated.

The Ethereum exploit carried out by the brothers was the “very first of its kind,” according to the department.

Another attack targeted the Ethereum Foundation, a nonprofit supporting Ethereum and related technologies.

On June 23, the foundation’s email account was used by criminals for a scam directed at its members. The hackers sent emails to 35,794 members, encouraging them to click on a link. Those who clicked the link were sent to a malicious website.

The website was running a “crypto drainer,” meaning that if someone were to initiate their crypto wallet and sign a transaction as requested by the website, the funds in their wallet would be drained.

The foundation stated that it took back control of the situation and prevented hackers from sending additional emails. It also shut down the access path that threat actors used to access the mailing list provider.

The organization’s analyses “appear to show that no victims lost funds during this specific campaign sent by the threat actor,” according to the foundation.

“As we continue working on this incident, we have taken additional measures such as migrating some mail services to other providers, to further help reduce the risk of this happening again,” it stated.