Crypto Hackers Siphon Over $300 Million in Q1 2024, Immunefi

Immunefi reveals that the DeFi industry, boasting over $100 billion in TVL, remains a hunting ground for crypto hackers.

Man pointing at a giant hacker with robotic spider fingers sitting on a beach.
Created by Gabor Kovacs from DailyCoin
  • Hackers are still running rampant in the crypto industry. 
  • The crypto industry has so far incurred over $300 million in losses due to hacks and scams. 
  • Immunefi’s latest report reveals that while losses remain significant, there has been a notable decrease in events compared to last year.

The crypto industry, while brimming with immense potential, is also teeming with hackers and scammers looking for their next victim. This is particularly true now, as many tokens, including Bitcoin, have reached new all-time highs after enduring a two-year bear market. 

As more investors enter the fray to ride the crypto hype, scammers are ramping up their methods, siphoning off millions in just the first quarter of this year. 

Crypto Hacks Run Rampant in the DeFi Industry

The crypto industry has so far incurred a total of $336 million in losses due to hacks and scams during the first quarter, with nearly half of that capital stolen in January of this year, according to the latest report from Immunefi, a web3 bug bounty and security solution platform.


The report reveals that the DeFi industry, boasting over $100 billion in total value locked (TVL), remains a lucrative hunting ground for scammers and hackers, given the wide array of decentralized exchanges. Immunefi notes that the DeFi industry accounted for 100% of the exploits identified by the web3 bug bounty platform in Q1, compared to zero for CeFi platforms. 

The Main Culprit? Crypto Hackers

Immunefi also detailed that hacks were the predominant cause of losses at 95.6%, in contrast to fraud, which only accounted for 4.4% of the total losses. The two most targeted chains in Q1 2024 were Ethereum and BNB Chain. Ethereum suffered the most individual attacks with 33 incidents, followed by BNB Chain with 14 incidents, and Arbitrum with six incidents.

Crypto losses to crypto hacks.

A majority of the losses were incurred by two projects alone, accounting for a combined $144.5 million, or 43%, of the total. An $81.7 million exploit of the cross-chain bridge protocol Orbit Bridge, occurring during New Year’s celebrations, represented the largest attack. January witnessed the highest monthly losses in Q1 overall at $133 million.


The recent $62 million exploit of the Blast-based NFT game Munchables added to the total losses, marking the second-largest attack.

Nevertheless, while scammers have been actively filling their pockets with users’ funds, the industry has since implemented measures to recover these funds.

A Recovery From Crypto Hacks and Scams

Immunefi reports that over $73.9 million, or 22% of the total funds in Q1, were recovered from seven exploits. A significant portion came from the Munchables hack, with the NFT game recovering over $62 million from the exploit.

The web3 bug bounty platform also noted that the number of attacks, in contrast to last year, has dropped significantly from 74 in Q1 2023 to 61 in Q1 this year, a 17.6% drop. Additionally, the $336.3 million in losses this year represents a 23% decrease compared to last year’s $437 million in the same quarter. 

Not Users But Platforms to Blame

Another interesting finding Immunefi reported is that most of the losses weren’t due to user error, such as clicking on shady links or participating in unnecessary rug pulls. Instead, the ecosystem suffered due to protocol infrastructure lacking the strength to counteract hacks.

Immunefi founder and CEO Mitchell Amador emphasized. “The ecosystem witnessed a considerable volume of losses due to private key compromises, emphasizing the critical need to secure both code and protocol infrastructure.”

On the Flipside

  • Crypto users lost a total of ​​$1.8 billion to hacks in 2023. 
  • This year Tether implemented a wallet-freezing policy enabling the freezing of USDT obtained through illicit means. The stablecoin issuer has averted several hacks this year with this feature. 

Why This Matters

Immunefi’s latest report is a stark reminder that hackers remain active in their pursuit of illicitly gaining funds, showing no signs of slowing down. Therefore, users should take proactive measures and exercise due diligence to protect themselves.

Learn more about the ASI alliance:

What is ASI? SingularityNet, FetchAI, and Ocean’s $7.6B Merger

Top AI players in the blockchain industry merge to take on Big Tech:

SingularityNet Confirms Groundbreaking AI Merger to ASI Token

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Insha Zia

Insha Zia is a senior journalist at DailyCoin covering crypto developments, especially in the Cardano ecosystem. With a Bachelor of Science in Computer Systems Engineering, he delivers high-quality articles with his technical background and expertise in data analysis and programming languages, aiming to educate and inform readers accurately, transparently, and engagingly. Insha believes education can drive mass adoption of the crypto space, and he is committed to giving DailyCoin readers a better understanding of the technology.