2022 turned out to be the biggest year in terms of crypto hacks, with as much as $3.8 billion stolen from cryptocurrency firms.
Crypto hacks: 2022 is the biggest year with $3.8 billion stolen
According to Chainalysis data, it appears that 2022 was the year with the highest volume of crypto hacks, with a total of $3.8 billion being stolen from cryptocurrency firms.
In general, the months that reported peaks in hacking activity were March and October. Specifically, October recorded $775.7 million stolen in 32 separate crypto hacks.
Not only that, leading such crypto hacks appears to have been hacks linked to North Korea, which broke their self-owned annual record for the most cryptocurrencies stolen.
In addition to the data, Chainalysis also pointed out how the vulnerability of DeFi’s protocols, already heralded in 2021, attracted and intensified crypto hacks in the year 2022.
This week we’re releasing a preview of the hacks section of our 2023 Crypto Crime Report.
$3.8 billion was stolen in hacks in 2022. What percent do you think came from #DeFi protocols?
— Chainalysis (@chainalysis) January 30, 2023
This week we published a preview of the “hacks” section of our Crypto Crime Report 2023. In 2022, $3.8 billion was stolen in hacks. What percentage do you think came from #DeFi protocols?
Crypto hacks: increasing attacks on DeFi protocols
From what emerged from the report, it appears that DeFi protocols were victims of 82.1 percent of all cryptos stolen by hackers during 2022. This is an increase from the 73.3% recorded in 2021.
Not only that, Chainalysis describes that most of the protocols attacked are cross-chain bridges, those that allow users to transfer their crypto from one blockchain to another, usually by locking the user’s activities into a smart contract on the original chain and then minting equivalent activities on the second chain.
It is especially in these smart contracts where seems to be concentrated the greatest vulnerability of the code, that has allowed hackers to make big hits.
In practice, DeFi aims for transparency and publishes the smart contract code governing the protocol so that users can know exactly what will happen to their funds when they use them.
Something that centralized exchanges are trying to do with their Proof-of-Reserves, especially after the FTX collapse in early November.
But while transparency is a guarantee for the user, it is also easier for the hacker to scan such DeFi code.
Search for the vulnerability, to strike at the perfect time to maximize the theft.
In this regard, David Schwed, COO of cybersecurity firm Halborn, said:
“A great protocol should have 10 to 15 people on the security team, each with a specific area of expertise” […] “The DeFi community generally isn’t demanding better security — they want to go to protocols with high yields. But those incentives lead to trouble down the road.“
North Korean hackers surpass $1.7 billion in crypto thefts
Dominating the crypto hack scene are North Korean hackers who have surpassed $1.7 billion in stolen cryptocurrencies. Again, $1.1 billion of this total was stolen in hacks of DeFi protocols.
Something that describes the behavior of these North Korean hackers is what they do after they steal. Most send much of what they steal to other DeFi protocols, this is because DeFi hacks often lead cybercriminals to acquire large amounts of illiquid tokens that are not listed on centralized exchanges. In fact, for this very reason, hackers must then turn to other DeFi protocols, usually DEXs, to exchange for more liquid assets.
Not only that, hackers linked to North Korea, could also send the robbed amounts to mixers, considered a milestone in their money laundering process. The most widely used mixer between 2021 and 2022 appears to be Tornado Cash, but it was later sanctioned in August 2022.
Sinbad is also a custodial Bitcoin mixer that was used by these North Korean hackers. Between December 2022 and January 2023, North Korean-linked hackers sent a total of 1,429.6 BTC worth about $24.2 million to the mixer.
The case of the Bridge Nomad
Last August 2022, news broke of the $200 million hacker attack on the Nomad cross-chain bridge.
While the DeFi protocol allows tokens to be moved between different blockchains via smart contracts, a hacker managed to find an exploit and drain the account.
The total sum involved the cryptos of WBTC, WETH, USDT, and USDC, as well as ETH, ADA, and AVAX.