Decentralized finance (DeFi) security experienced a 40% reduction in financial losses in 2024 compared to the previous year, thanks to enhanced protocols, stronger bridges, and advanced cryptographic measures.
According to the annual Web3 Security Report by block security firm Hacken, the improved security measures in DeFi throughout 2024 stood in contrast to the challenges faced by centralized finance (CeFi) during the same period. CeFi saw a more than doubling of breaches, with losses reaching $694 million as centralized exchanges became prime targets for access control vulnerabilities and other security risks.
The report’s findings underscore the significant difference in progress between DeFi and CeFi, shedding light on the vulnerabilities of centralization.
In the realm of DeFi, the Hacken report revealed a significant decrease in financial losses in 2024, dropping from $787 million in 2023 to $474 million this year. The report also highlighted a notable decline in bridge-related exploits, from $338 million in 2023 to $114 million in 2024. Despite advancements like multiparty Computation (MPC) and zero-knowledge proofs (ZKPs), access control vulnerabilities remain a major challenge, accounting for nearly half of all DeFi losses.
On the CeFi front, the Hacken report painted a different picture, with financial losses surpassing $694 million in 2024, more than double the losses incurred in 2023. Breaches were largely attributed to access control exploits, exemplified by incidents like the DMM Exchange hack and the WazirX hack, which resulted in thefts of $305 million and $230 million, respectively.
Dyma Budorin, the co-founder and CEO of Hacken, emphasized the need for stricter key management practices and automated monitoring systems in CeFi to address the critical gaps in operational security.
The stark contrast in financial losses between DeFi and CeFi sectors underscores the need for improvements in security practices in both industries. Budorin stressed the importance of closing security gaps to mitigate risks posed by attackers. These risks were further highlighted by Chainalysis’ report on North Korean hackers stealing over $1.3 billion in crypto assets across 47 incidents in 2024.