DeFi Exploits Top $1.8B YTD, Though Security ‘Getting Better’ Immunefi Says

Immunefi’s CEO Mitchell Amador told Blockworks, “although things look bad, they are in fact getting better and better on the security side”

by Sebastian Sinclair /
article-image

Blockworks Exclusive art by axel rangel

share
  • DeFi hacks totaled more than $1.2 billion for the first quarter of this year alone, significantly more than Q1 2021, according to recent data
  • While the DeFi sector’s security appears bleak, Immunefi’s CEO told Blockworks the situation was improving

Hacks against decentralized finance protocols have increased almost eightfold when compared to the first quarter of last year, according to DeFi bug bounty platform Immunefi.

In Q1 of this year alone, over $1.22 billion has been identified as having been stolen or rugged from budding protocols. That’s a 7.9 times increase when compared to some $154.6 million in stolen funds for the same period in 2021, research from Immunefi’s quarterly crypto losses report shows.

More than 77% of the $1.22 billion figure stems from the Ronin Network’s $625 million hack — the Ethereum-linked sidechain used for blockchain game Axie Infinity — in March and blockchain bridge Wormhole’s $326 million hack in February.

The numbers might look bad on the surface, but Immunefi said it’s not as bad as it seems.

“The most important thing to keep in mind is that although things look bad, they are in fact getting better and better on the security side,” Immunefi’s CEO Mitchell Amador told Blockworks in an interview.

“Audits have become a stronger standard, every DeFi project is getting audits. You’re having formal character verification becoming the biggest standard. Almost everybody is running bug bounty programs,” Amador said.

Newsletter

Subscribe to The Breakdown

The second quarter this year has seen less-severe hacks against protocols. Amador said the $100 million theft on Harmony’s cross-chain bridge Horizon and algorithmic stablecoin protocol Beanstalk’s $180 million loss were outliers.

“We didn’t see any kind of dramatic event,” Amador said comparing to the ongoing liquidity crisis, lender contagion and sector-related layoffs impacting the wider industry.

“There were some close calls in things that could have happened. Bug reports that came through on consensus vulnerabilities that we saw on layer-1 blockchains but these were all successfully patched,” Amador added.

Despite the progress, though, the threat is not diminishing.

“This [continuous hacks] is fundamentally an unsolvable problem,” the Immunefi CEO said. “We knew things were going to go in this direction. The volatility is a part of crypto, the amount of money flowing in was going to increase. The number of people with the skills was going to increase, it needs an outlet.”

Compared to global trends, even a couple of billion dollars is a drop in the proverbial bucket, however.

Recent estimates of global losses solely from payment fraud are around $32.4 billion. The global market for fraud detection and prevention is in the order of $25 billion this year — not the fraud itself, but just trying to stop it.

Cybercrime as a whole will cost the world around $6.9 trillion in 2022, according to consultant Cybersecurity Ventures. So even if DeFi exploits net $3.5 billion by year’s end, it would represent 0.05% of the global cybercrime haul.

Guard duty

Immunefi, which views its business and function as a type of human immune system battling viruses, has grown to become the sector’s largest bug bounty platform, offering rewards to white hat hackers who identify vulnerable code.

Whitehats, as opposed to blackhats, attempt to identify security vulnerabilities for a given project and collect a reward for bringing it to attention. Black hats, meanwhile, are those with nefarious intent, often engaging in theft.

Immunefi’s bug bounty program offers white hats a chance to accept a reward — upwards of millions of dollars — review the code for potential bugs within a scope, submit their findings and get paid.

The platform, less than two years old, says it safeguards platforms housing cryptoassets worth more than $100 billion, including from the likes of Polygon, Chainlink and SushiSwap, among others.

When asked about the possibility of missed bugs and vulnerabilities resulting from a narrow scope within a bug bounty contract, Amador said the only way to deal with the issue was to broaden the bounty program as much as possible.

“You can’t totally get rid of [missed bugs] but you can partially get rid of that by looking at prioritizing impact, rather than out of scope or in scope,” he said. “The real thing most of these projects care about is material impact.”

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research Report Templates (20).png

Research

DeFi's Trifecta: Ethena, Pendle, & Aave

The dynamic between Ethena, Pendle and Aave exhibits a mutually-beneficial relationship, where the offerings of each business grows the top lines of every party in this exchange. Pendle sits at the intersection of YBA issuers (Ethena) and money markets (Aave), demonstrating heightened utilization rates of YBAs, where the PTs then exhibit profound utilization as collateral. YBA issuers see Pendle as a premier go-to-market venue, often underwriting incentives for liquidity on the market and solving for Pendle’s supply side, while money markets view PTs as attractive collateral types to lend against, solving for Pendle’s demand side. PTs represent a highly profitable collateral listing for Aave, with depositors maxing out the available borrow capacity. Pendle’s recent launch of Boros may now present the most material growth vector beyond what is currently exhibited on V2 markets, offering the ability to price yield, spreads, and duration risk across various points in time out into the future.

by Luke Leasure

/

news

article-image

The Breakdown

Friday charts: Investor’s crystal ball, cloudy with a chance of FOMO

If fear moves markets, there could be more all-time highs to come

by Byron Gilliam /
article-image

DeFiLightspeed Newsletter

Corporations don’t care about your blockchain

Stripe and Circle launch L1 chains

by Donovan Choy /
article-image

Business

DAT-a crunch: Momentum builds around ETH treasury companies

Ether-focused BitMine Immersion saw its daily trading volumes surge this week

by Ben Strack /
article-image

DeFi

Ronin rejoins Ethereum as rollup strategies diverge

From Ronin’s classic L2 pivot to Taiko’s based rollup and Puffer’s ultra-low-latency appchain testnet, Ethereum-aligned architectures are multiplying

by Macauley Peterson /
article-image

The DropWeb3

Winklevoss twins’ crypto exchange launches Gemini Wallet

The Gemini Wallet and Onchain hub are great for total beginners, but have a lot of room to grow

by Kate Irwin /
article-image

The Breakdown

Thursday links: Points, pancakes, DATs and merger arb

Airlines defend their rewards moat, Binance courts favor over breakfast, DAT fees pile up and systematic thinking

by Byron Gilliam /