Blockchain analytics firm Chainalysis found $36.7 million lost from four exploits targeting unverified DeFi contracts since January 2024. Hackers stole funds from decentralized finance applications where smart contract code wasn't publicly verified. Users couldn't see what the code actually did before depositing money.
Four Separate Breaches
Exactly four security incidents made up the $36.7 million total. Each one happened after the new year started. Chainalysis didn't name the affected platforms or the hackers involved. The firm also didn't break down individual loss amounts for each exploit.
Unverified Contracts Explained
When a DeFi project's smart contract is unverified, its code stays hidden on blockchain explorers like Etherscan. Users interact with a black box—they can't review functions before connecting wallets. This lack of transparency creates openings for hidden malicious code. Most serious DeFi platforms verify their contracts to build trust, but some cut corners.
Time Frame of Losses
Every hack occurred between January and June 2024. The first breach happened right after New Year's. The fourth happened in early summer. Chainalysis' report covers only this six-month window. It doesn't include earlier or later incidents.
What Users Should Know
These losses show why verification matters in DeFi. Checking for that green checkmark on blockchain explorers isn't just a formality—it's a basic safety step. Many users skip this because they're rushing to use new platforms. The report doesn't say if any stolen funds were recovered through investigations.
Chainalysis hasn't announced when it will update these figures next. The company's full breakdown is available in its current security publication.
