Connect with us

Blockchain

The top 10 largest cryptocurrency hacks and exploits in 2022 saw $2.1 billion stolen

Avatar

Published

on

It’s been a turbulent year for the cryptocurrency industry – market prices have seen a major drop, cryptocurrency giants have crashed and billions have been stolen in cryptocurrency exploits and hacks.

It wasn’t until halfway through October when Chainalysis announced 2022 will be “the biggest year ever for hacking activity.”

As of December 29, the top 10 exploits for 2022 saw $2.1 billion worth of cryptographic protocols stolen. Below are these glitches and hacks in order from smallest to largest.

Advertisement

10: Exploitation of Bean Plantations – $76 million

Stablecoin protocol for Beanstalk farms He suffered $76 million from the exploit on April 18th from an attacker who used flash loans to buy governance tokens. This was used to pass two proposals that included malicious smart contracts.

The exploitation was in the beginning It is believed to have cost about $182 million As the Beanstalk was drained of all his collateral but in the end, the attacker only managed to get away with less than half of that.

9: Kibbit Bridge Exploitation Funding – $80 million

Qubit Finance, a decentralized finance (DeFi) protocol on the BNB Smart Chain, had it More than 80 million dollars from BNB (BNB) was stolen on January 28 in a bridge breach.

The attacker tricked the protocol’s smart contract into thinking that they had deposited collateral that allowed them an asset instrument representing pegged ether (ETH).

They repeated this several times and borrowed several cryptocurrencies against the unbacked bridge’s ETH, draining the protocol’s funds.

Advertisement

8: Rare Views Exploitation – $79.3 million

Another DeFi protocol called Rari Capital was exploited on April 30th with an amount of approximately $79.3 million.

The attacker A Double re-entry In the protocol’s Rar Fuse liquidity pool smart contracts, making it invoke a function of a malicious contract to drain the pools of all cryptocurrencies.

In September, the Tribe DAO, which includes Rari Capital, and other DeFi protocols voted Compensation for affected users from penetration.

7: Harmony Bridge hack – $100 million

In another bridge hack, the Horizon Bridge connecting Ethereum and Bitcoin (BTC), and BNB Chain to Harmony’s layer-1 blockchain was drain of about $100 million in multiple cryptocurrencies.

Elliptic Blockchain Forensics Company Proven hack on North Korean cybercriminals syndicate Lazarus Group, where money was laundered in a similar manner to other known Lazarus attacks.

Advertisement

Lazarus is understood to have targeted the login credentials of Harmony employees, breaching the platform’s security system and gaining control of the protocol before deploying automated laundering programs to transfer their ill-gotten gains.

6: BNB Chain Bridge Exploitation – $100 million

BNB Chain was paused on October 6 due to “erratic activity” on the network, which was later revealed to be to exploit which drained about $100 million from its cross-chain bridge, BSC Token Hub.

Initially, it was believed that the attacker was able to make around $600 million due to a vulnerability that allowed the creation of nearly two million BNB, the on-chain native token.

Unfortunately for the attacker, they had close to $400 million in digital assets frozen on the blockchain and possibly more were stuck in cross-chain bridges on the BNB blockchain side.

5: Wintermute Breakthrough – $160 million

UK cryptocurrency market maker Wintermut has suffered from a Hot wallet at risk That saw nearly $160 million across 70 tokens moved out of the wallet.

Advertisement

An analysis from blockchain cybersecurity firm CertiK claimed that A Weak private key It was attacked which was most likely generated by Foul Language – an application that allows users to generate cryptographically distinct addresses, which have a known exploit.

According to CertiK, this allowed the attacker to use a function with the private key that allowed the hacker to change the platform’s exchange contract to the hacker’s.

Conspiracy theories The claim that the hack was an “insider job” is due to how it was implemented been debunked by blockchain security firm BlockSec, which said the allegations were “not convincing enough”.

4: Exploitation of the Nomad Token Bridge – 190 m

On August 2, the Nomad token bridge, which allows users to exchange cryptocurrencies across multiple blockchains, was hacked by multiple attackers. amounting to $190 million.

A smart contract vulnerability that failed to properly validate transaction inputs was the cause of the exploit.

Advertisement

Several users, apparently malicious and benevolent, managed to copy the original attacker’s moves to transfer money to themselves. About 88% of titles Participation in the exploit was identified as “imitators” in a report.

Just About $32.6 million in funds They are intercepted and brought back to the protocol by the white hat hackers.

3: Exploiting the Bridge of a Hole – $321 million

The distinctive bridge of a wormhole suffered from exploitation On February 2, it resulted in the loss of 120,000 cryptocurrencies worth $321 million.

The wormhole allows users to send and receive cryptocurrencies between multiple blockchains. An attacker found a vulnerability in the protocol’s smart contract and managed to mint 120,000 vulnerabilities in Solana (sol) was not backed by collateral and was then able to exchange this for ETH.

At the time, it ranked as the largest exploit in 2022 and is the third largest overall protocol loss for the year.

Advertisement

2: FTX wallet hack – $477 million

During the commencement of FTX’s bankruptcy proceedings on November 11 and 12, A.J A series of unauthorized transactions It happened on the exchange, where Elliptic indicated that about $477 million in cryptocurrency was stolen.

Sam Bankman Fried he said in an interview on November 16 that it believed it was “either a former employee or someone somewhere installed malware on a former employee’s computer” and narrowed the perpetrator down to eight people before he was removed from the company’s systems.

Related: The 7 biggest cryptocurrency crashes of 2022 that the industry would like you to forget

According to reports, on December 27 in the US Department of Justice I launched an investigation At the whereabouts of about $372 million in missing cryptocurrency.

1: Ronin Bridge Breakthrough – $612 million

The biggest exploit that happened in 2022 happened on March 23, when it happened Ronin Bridge exploited For about $612 million – 173,600 ETH and $25.5 million USD Coin (USDC).

Advertisement

Ronin is an Ethereum side chain created for Axie Infinity, a non-fungible token (NFT) game to play to earn. said Sky Mavis, developers of Axie Infinity Hackers gained access to private keys, compromised validator nodes, and authorized transactions that drained funds from the bridge.

The U.S. Department of the Treasury updated its list of Specially Designated Nationals and Blocked Persons (SDN) on April 14 to reflect possibility That the Lazarus Group was behind the exploit of the bridge.

The Ronin Bridge hack is the largest cryptocurrency exploit ever.