In total, Chainalysis counted 125 incidents related to attacks on crypto companies in 2022

​Analysts estimate the damage from hacker attacks on crypto projects in 2022 at $3 billion

29.12.2022 - 13:45

323

6 min

Pretty much everywhere you looked in crypto and blockchain last year there was some glaring problem. But ultimately falling crypto prices or company bankruptcies aren’t the worst problem for digital assets. Beyond the billions of dollars lost from the collapse of the Terra LUNA3 +0.1% stablecoin and the failures of crypto financial firms Celsius CEL 0.0% Network, Voyager Digital and FTX Trading, more than $3 billion was outright stolen in 125 hacks, accordinging to Chainalysis.

Trust is essential to any new financial system and all of the hype and promise surrounding “immutable” ledgers and cutting out the middlemen has done little to slow down the den of thieves that has plagued crypto markets since its inception. In 2022, the five top steals accounted for $1.48 billion of the purloined funds, all involving decentralized finance (DeFi), which comprised 49% of the overall total.

Despite the fact that protocols are praised for their transparency, they lost 75% of total value locked over the last 11 months, according to blockchain analytics firm Elliptic. Data from decentralized finance dashboard DeFi Llama shows that total value locked in DeFi protocols shrank from 166.58 billion in the beginning of the year to $39 billion in mid-December.

Blockchain bridges were the main target, accounting for 70% of all losses this year and siphoning nearly $2 billion stolen from decentralized finance protocols, according to Elliptic. Cross-chain bridges became popular as one of the main ways to connect two blockchains, allowing users to move tokens from one chain to another. But in order to do so, blockchain bridges have to temporarily hold the value of the transaction in each of the tokens involved, making them tempting to hackers.

“In retrospect, there were a lot of cutting corners for expediency,” says Sam Williams, CEO of blockchain security firm Arweave AR -6.2%, referring to the inherent risks in so-called blockchain bridges.

“Private keys to multi-signature wallets, says Williams, were another example of ecosystem vulnerabilities because of their distribution. Multi-signature wallets exist to spread decision-making power across different parties, making it harder to hack one key to damage the ecosystem. But across several cross-chain hacks this year, including that of the Ronin Network and the Harmony HARMONY +0.1% Bridge, hackers were able to exploit multiple private keys held by single parties, giving them access to the bridges’ protocols.

“As an industry, we did not do well enough in calling out poor quality designs across the board,” he added.

The five largest crypto heists of 2022 range from cross-chain hacks to code exploits, stealing over $3 billion of investor funds.

Ronin Network: $625 million

In the biggest heist of the year, over half a billion dollars worth of ether and USD coin was stolen from the Ronin Network, a blockchain that supports the non-fungible-token-based video game Axie Infinity. According to Ronin, the attackers were able to hack nodes, the computers that process network transactions. The activity went unnoticed until a user was unable to withdraw funds and filed a report. The U.S. Treasury Department later linked the heist to North Korean state-backed hacking collective Lazarus Group.

Wormhole Network: $325 million

On February 2, an unknown hacker exploited a vulnerability in Wormhole Network, a bridging protocol that allows users to move cryptocurrencies and NFTs between multiple pairs of blockchains. According to Chainalysis, the attacker appears to have found a fault in Wormhole’s code that allowed them to create 120,000 wETH—an equivalent of ether tokens on the Solana SOL -0.3% blockchain, worth about $325 million at the time of the theft—without putting up the necessary collateral. After attempts to pay the hacker a bounty in return for the stolen funds were ignored, Jump Crypto, Wormhole’s parent company, replaced them.

Nomad: approximately $190 million

A hacker took advantage of a weakness in Nomad’s code on August 1 by crafting a message that tricked the cross-chain protocol into sending stored tokens without proper authorization. The bug was so simple that it didn’t even require any programming skills to exploit it. Soon enough, dozens of copycats joined the heist. Nomad was able to recoup over $20 million after pleading with users to return the funds.

Beanstalk Farms: $182 million

In April, an attacker managed to drain over $150 million worth of crypto from Beanstalk Farms, an Ethereum ETH +0.1%-based stablecoin project. According to blockchain security firm CertiK, the attacker used a flash loan–which allows users to borrow large amounts of cryptocurrency for very short periods of time–obtained through the decentralized protocol Aave AAVE -2.1% to borrow nearly $1 billion worth of crypto and exchanged that to gain a 67% voting stake in Beanstalk. With a supermajority, the hacker was able to have the Beanstalk tokens transferred to their own crypto wallet. Based on the duration of an Aave flash loan, the entire process took place in less than 13 seconds.

Wintermute: $160 million

The London-based crypto market maker lost $160 million in a September 20 hack. Founder and CEO Evgeny Gaevoy said that the attack likely originated with a service Wintermute had used called Profanity, which generates “vanity addresses” for digital-asset accounts to make them easier to work with than the roughly 30-character strings of varied letters and numbers that are typically used. These trading accounts were part of Wintermute’s DeFi business, with which it makes rapid trades on decentralized exchanges like Uniswap and SushiSwap. It appears that hackers were able to use brute-force computing to generate all the possible passwords to a company vanity address.

Mango Markets: $112 million

Avraham Eisenberg squeezed the liquidity out of Solana-based decentralized crypto exchange Mango Markets in mid-October, holding $112 million worth of tokens in ransom to force the organization to use the assets in its treasury to finance bad debt taken on to bail out a large investor earlier this year. The heist involved Eisenberg’s two accounts on the platform with the dollar-pegged USD coin, according to Mango, which took large positions in perpetual futures on the coin selling from one account and buying in another at an above-market price. As the token’s price spiked tenfold in other decentralized exchanges, he used the unrealized profit to borrow and withdraw a number of tokens from Mango itself.

BNB +0.1% Smart Chain XCN2 -5.6%: $110 million

Marking the beginning of 2022’s busiest month for crypto hacks, hackers were able to siphon an estimated $110 million from Binance’s BSC Token Hub on October 6. The cross-chain bridge between two Binance-affiliated chains—BNB Smart Chain (BSC) and BNB Beacon Chain—was exploited following a scheduled update. According to analysts and on-chain data, the hackers successfully exploited a bug in the bridge’s verified proofs that allowed them to forge approval messages and deposit the funds into their account. They were able to mint 2 billion BNB tokens as they attempted to drain the bridge of $560 million, but the hackers only successfully removed $110 million off-chain.

Harmony Horizon Bridge: $100 million

Harmony’s main bridge between the Ethereum and Binance Smart Chain blockchains was hacked in June, with hackers taking $100 million worth of cryptocurrencies. Though the protocol did not reveal how the funds were taken, the hack occurred over a series of 14 transactions across the chain. Even before the June hack, on-chain sleuths were concerned over the bridge’s safety mechanisms as a small number of validators on its multi-signature wallet made it vulnerable for exploits.

This material is taken from the website forbes.com.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy