The crypto ecosystem just had its second-lowest month for hacks in 2024, but that doesn’t mean the pain’s over. Cumulative losses from hacks still exceeded $120 million in September, even though it’s less brutal than previous months. It’s becoming a pattern—hackers targeting centralized exchanges like BingX and Indodax, where they scored big. Together, these exchanges coughed up over half of September’s losses.
Peckshield, a well-known blockchain sleuth, pegged the total damage at $120.23 million. And it wasn’t just one or two big hits; more than 20 separate hacks contributed to that tally.
Centralized Exchanges: The Usual Suspects
BingX and Indodax were hit hardest this September. BingX, bleeding $44 million, took the top spot for most brutal hack. Indodax, a close second, lost $21 million. These centralized exchanges, where users trust third parties with their funds, are honey pots for cyber attackers. Every month, it’s the same cycle. Even with improved security, centralized players remain in the crosshairs.
DeFi? They weren’t immune either. While decentralized finance protocols often claim to be safer, September said otherwise. Penpie, a DeFi protocol, saw $27 million vanish due to an exploit. But Penpie wasn’t alone. Delta Prime, a smaller DeFi platform, reported a $6 million loss, and the inflation data platform Truflation lost $5.6 million. Even the crypto liquid restaking protocol, Bedrock, wasn’t safe—it lost $2 million.
Shezmu and Banana Gun Fend Off Further Losses
Some projects fought back, though. Crypto lender Shezmu, initially out $5 million, managed to wrangle some funds back. Using onchain negotiation with the hacker, Shezmu clawed back a chunk of what was lost.
And then there’s Banana Gun, a Telegram bot that announced it would refund users who took a hit during its $3 million hack. When projects start negotiating with hackers, it’s clear we’ve entered the wild west of crypto finance.
WazirX’s $235M Blow Still Stings
India’s WazirX is still reeling from a $235 million hack back in July. Despite its efforts, WazirX has yet to announce any real compensation for its users. The wound remains fresh three months later, with no sign of healing. Competitor CoinSwitch took legal action to recover 2% of its assets, worth $6.2 million, but WazirX admitted that a painful 43% of its customers’ funds are permanently lost.
Crypto might be decentralized, but the hacks keep showing up centralized.
Leave a Reply
You must be logged in to post a comment.