This year has been pretty good for crypto hackers and they have collected $3 billion across 125 hacks so far and are likely to beat the previous year’s record of $3.2 billion. While crypto entered a bear market over the course of 2022, digital currencies continue to remain money-making machines for hackers, with investors losing over $3 billion across 125 hacks this year so far.
Only this month alone has become the worst-ever month for crypto-related crimes, with over $718 million in total losses. Data pointed out by Chainalysis last week noted the amount stolen from several decentralized finance (DeFi) protocols across 11 different attacks. The blockchain analytics expert, Jasper Lee, an audit tech lead at crypto auditing firm Sooho.io said;
“2022 will likely surpass 2021 as the biggest year for hacking on record. Despite the current bear market, we’re seeing a lot of activity among hackers, who are targeting various protocols. For those protocols or dapps [decentralized apps] which have not been thoroughly audited, they make for easy and reliable short-term profit. Poorly protected protocols are low-hanging fruit for hackers,”
Last year, hackers stole over $3.2 billion in hacks. The largest theft in 2021 was a code exploit amounting to $613 million on the Poly Network. 2022 was off to a rocky start, with a $325 million exploit of the popular cross-blockchain bridge Wormhole on the Solana-Ethereum ecosystem. That was followed by a sophisticated attack in March on crypto game Axie infinity’s Ethereum-based Ronin bridge, which saw $625 million worth of crypto stolen from the protocol.
In August, hackers broke into Nomad, a program that enables users to exchange tokens from one blockchain to another, and stole around $190 million in bitcoin.
According to Chainalysis, there were three different bridges that were breached just this month. This included an attack on a BNB Chain-based bridge, which saw exploiters illicitly gain over $100 million; a layer 1 blockchain QANplatform that was hacked and saw nearly $1 million in tokens stolen. Chainalysis Director of Research Kimberly Grauer discusses North Korea’s role in crypto hacks, saying the country is “a big part of this picture and responsible for about 60% of the value hacked.”
Then last Tuesday, $100 million in liquidity was drained from Solana’s popular Mango Markets trading protocol after a rogue trader manipulated spot token prices to borrow the entirety of the protocol’s assets against their position. Among the primary attack vectors in the crypto sector range from exploiting ‘bridges’ – which are a blockchain-based tool that allows users to transact between different networks – to market manipulation, where rogue traders utilize millions of dollars to move thinly traded markets in their favor to net multiples of the initial capital deployed.
Back in 2019, most hacks targeted centralized exchanges; now, a vast majority of targets are DeFi protocols, whose extensive smart contract capabilities that power the platforms have thrown up newer and deeper vulnerabilities. Centralized exchanges fell out of favor likely due to the embrace of AML and KYC procedures among major exchanges.
Historically, cryptocurrency thefts have largely been the result of security breaches in which hackers gain access to victims’ private keys – the crypto equivalent of pickpocketing. These keys could be acquired through phishing, keylogging, social engineering, or other techniques.
In terms of transaction volume, scams were the largest form of crypto-based crime, with over $7.7 billion worth taken from victims worldwide in 2021. In total, crypto-based crime in 2021 was at an all-time high, with over $14 billion in value received by illicit addresses.
Given the high adoption rates of crypto (in 2021 it was up 567 percent from 2020), the growth of legitimate crypto usage far outpaces the growth of criminal usage (up 79 percent from 2020), and illicit activity’s share of crypto transaction volume has never been lower.