In Q3 2024, the cryptocurrency industry saw a significant decline in both the number of hacks and the recovery rate for stolen funds, reaching three-year lows. According to a report by cybersecurity firm Hacken, hackers stole approximately $460 million across 28 incidents during the quarter. Despite this relatively low number of exploits, the recovery rate was alarmingly low at only 5%.

The report highlights the most prevalent attack methods and their consequences, with access control vulnerabilities being the most significant. These attacks accounted for nearly 70% of the total stolen funds, amounting to $316 million. Hackers gain control of smart contract keys, allowing them to withdraw funds or alter the contract’s parameters to facilitate theft.

Smart contract vulnerabilities ranked second in terms of losses for Q3. One of the most common methods used by attackers is reentrancy attacks, where the same function is called repeatedly, draining liquidity pools before the contract’s state can update. In Q3, Minterest suffered a $1.46 million loss from this type of attack.

The highest losses were seen in centralized exchanges, with WazirX India being the biggest victim. On July 18, a hacker exploited the exchange’s Ethereum multisig wallet by obtaining the required signatures from both employees and a custody provider. The attack led to a $230 million theft, and the funds have not been recovered, raising suspicions of an inside job.

In addition to centralized exchanges, yield aggregators and cross-chain bridges were also targeted. Notably, the Ronin Bridge was compromised, though a white-hat MEV bot intervened to return the stolen funds.

Lending and borrowing protocols experienced losses of $19.6 million in Q3, with even major platforms like Aave falling victim to attacks. Aave’s exploit, which involved a periphery contract, resulted in a $56,000 loss. This attack was executed in a single transaction, making it difficult to detect in real time.

The report emphasizes that many of these attacks could have been prevented with proper monitoring and automated response systems. Hacken’s Automated Incident Response Strategy (AIRS) could have triggered protective measures such as pausing smart contracts or freezing suspicious transactions. Hacken estimates that 28.7% of DeFi-related losses could have been mitigated if such systems were in place.

The report also offers detailed case studies, including the Nexera exploit, where the attacker drained 47.2 million NXRA tokens, leading to a $1.5 million loss. With AIRS, the attack could have been halted as soon as the contract was upgraded. Similar incidents, such as the Penpie and Ronin Bridge hacks, would have been thwarted by the same system, potentially saving millions in stolen funds.

Ultimately, the report underlines the need for improved security measures, automated protections, and real-time response strategies to mitigate future cryptocurrency hacks.