Markets Daily Crypto Roundup: Crypto Lost $1.49B to Hacks in 2024 – Securing Your Stack in 3 Steps

Release Date: January 8, 2025 | Host: Jen Sanasi | Guest: Mitchell Alle, Founder and CEO of Immunefi

Introduction

In the latest episode of Markets Daily Crypto Roundup, hosted by Jen Sanasi of CoinDesk, the focus centers on the significant developments in crypto security over the past year. The episode delves into the alarming statistics of crypto hacks in 2024, explores the dynamics between decentralized (DeFi) and centralized (CeFi) finance security, and offers practical advice for securing cryptocurrency assets. The conversation is enriched by insights from Mitchell Alle, the Founder and CEO of Immunefi, a leading platform in crypto security.

2024 Crypto Hacks: A Statistical Overview

Jen Sanasi opens the discussion by presenting key statistics from Immunefi’s report on crypto hacks and fraud in 2024:

• Total Losses: Over $1.4 billion lost to hacks and fraud, marking a 17% decrease from the $1.8 billion recorded in 2023.
• Major Attacks: Two significant breaches targeted DMM, a Japanese crypto exchange, and Wazrx, an exchange operating in India.
• DeFi vs. CeFi: While decentralized finance experienced fewer but more targeted attacks compared to centralized finance, CeFi faced higher losses primarily due to the increased returns attracting more significant breaches.
• Most Targeted Chains: Ethereum and BNB Chain were the focal points, with Ethereum accounting for 44% of total losses (104 incidents) and BNB Chain for 39% (71 incidents).

Jen Sanasi states at [00:29], "According to Immunefi, 2024 saw a loss of more than $1.4 billion due to hacks and fraud. The number marks a 17% decrease compared to 2023."

Mitchell Alle responds at [02:23], "It was a surprise because the number was so low. It was a surprise because the number was so good."

Decrease in Hacks: Underlying Causes

Despite the surge in DeFi Total Value Locked (TVL) by approximately 160% to $163 million in 2024, the total hack losses decreased. Mitchell Alle attributes this positive trend to enhanced security measures within the DeFi ecosystem:

• Improved Code Security: Significant advancements in audits and bug bounty programs have fortified on-chain security.
• Security Technologies: Adoption of cutting-edge security technologies has played a crucial role in mitigating vulnerabilities.

At [03:44], Alle notes, "We are seeing more effective security measures at the on-chain layer," emphasizing that DeFi platforms have become increasingly resilient against attacks that previously plagued the sector.

Rising Threats to Centralized Exchanges

Conversely, centralized exchanges have become more attractive targets for hackers, primarily due to private key management issues inherent in their operations. Mitchell Alle explains that while DeFi's attack vectors have diminished, CeFi exchanges are grappling with:

• Private Key Vulnerabilities: Centralized exchanges manage hot wallets that are susceptible to breaches.
• Human Element: The management of private keys involves human oversight, which introduces potential security gaps.

At [05:05], Alle elaborates, "Centralized exchanges have private key management issues… that are becoming almost, not quite, but almost the major attack vector."

Security Recommendations for Crypto Enthusiasts

Addressing the audience, Mitchell Alle provides a three-step strategy to secure cryptocurrency assets effectively:

1. Cold Wallet Setup: Store the majority of funds in a cold wallet, which remains offline and impervious to online threats.
2. Hot Wallet Utilization: Use hot wallets for regular transactions and interactions, ensuring that they hold only the necessary amount for daily activities.
3. Risk-On Wallet: Maintain a separate wallet for high-risk, speculative activities to prevent exposure of main holdings.

At [08:51], Alle advises, "Start with some kind of cold wallet… put all of your money stay safe at all times." He emphasizes the importance of segregating funds to minimize potential losses from breaches.

The Human Element in Crypto Security

Mitchell Alle underscores the persistent challenge of the human element in security. Despite technological advancements, scammers leveraging Large Language Models (LLMs) are increasingly sophisticated, targeting individuals through phishing and fraud. Alle expresses concern over the difficulty in combating human-centric attacks:

At [20:44], he states, "We're going to win the blockchain code security war. Can we win the human security war? Even so, that remains to be seen."

Personal Motivation: Mitchell Alle’s Commitment to Security

In a heartfelt segment, Alle shares his personal journey and passion for enhancing crypto security. Coming from a background with limited opportunities, he credits crypto with providing economic empowerment and a platform for wealth creation. This personal stake drives his dedication to ensuring robust security measures in the industry:

At [12:02], Alle explains, "Crypto has a lot to offer the world… The single greatest risk to the entire promise of our industry and this technology is code security."

Looking Ahead to 2025: Predictions and Expectations

As the conversation shifts to future prospects, Mitchell Alle shares his optimistic yet cautious outlook for 2025:

• Proliferation of Blockchains: The cost of launching blockchains is decreasing, leading to an expanded attack surface.
• Security Advancements: Continuous improvements in security technologies, boosted by AI, are expected to further reduce hack incidents.
• AI Integration: Artificial Intelligence will play a dual role, enhancing detection and mitigation of threats while also enabling more sophisticated scams.

At [15:58], Alle mentions, "We're going to start being able to talk about 99% hack prevention at least according to the raw technical developments for the most battle-hardened code bases."

The Dual Role of Artificial Intelligence

AI's involvement in crypto security presents both opportunities and challenges. While AI enhances threat detection and response capabilities, it also empowers scammers to execute more convincing and widespread attacks:

At [20:44], Alle states, "LLMs are a phenomenal threat that we, not just as an industry, but as a society have not figured out how to solve."

He highlights the necessity of balancing technological advancements with proactive measures to safeguard against AI-driven threats.

Conclusion

The episode concludes with a reflection on the critical importance of security in the crypto ecosystem. As the industry continues to evolve, the interplay between technological advancements and human behavior will shape its resilience against threats. Mitchell Alle’s insights provide a roadmap for both individuals and organizations to navigate the complexities of crypto security effectively.

Jen Sanasi wraps up at [23:24], emphasizing, "If you don't have security top of mind, I think you can only be so successful."

Key Takeaways

• Reduced Hack Losses in 2024: A notable decrease in total losses despite increased DeFi activity.
• Shift in Attack Targets: Centralized exchanges face heightened security challenges due to inherent vulnerabilities.
• Security Best Practices: Implementing cold, hot, and risk-on wallets can significantly enhance asset security.
• Human vs. Code Security: Technological solutions are advancing, but human-centric threats remain a significant concern.
• Future Outlook: Continued innovation in security technologies, particularly AI, is essential for safeguarding the crypto landscape.

For comprehensive insights and updates on cryptocurrency markets and security, subscribe to the CoinDesk Podcast Network available across all major platforms or visit their YouTube channel.