Hacks, more, more and hacker – The year 2022 was the scene of a series of disappearances of funds and thefts, at the heart of crypto protocols. Insane sums, valued almost 3 billion dollars over the past year, it disappeared into the meanderings of the blockchain. As such, 2021 is also a small player next door, with its 2 billion fighting a duel. Back to a colorful 2022 and hacks of all kinds.
Bridges, real bridges between your funds and hackers
Wormhole – $326 million
The year has began at high speed with the hack of worm bridge. A bridge to transfer funds between the Ethereum blockchain and its Solana twin. A flaw in the code is allowed siphon hundreds of thousands of ETH user wallets in early February. Not less than 326 million dollars so it flew to other skies, like a rocket team propelled into the air by an angry Pikachu’s lightning attack.
Should we see the worm as half empty or half full? However, the hole was quickly filled 120,000 ETH appears out of nowhere to avoid a cataclysm that could have wiped out DeFi in Solana. Coincidence of the calendar or premonition? However, a few days ago, in mid-January, Vitalik Buterinco-founder ofEthereum, cast doubts regarding bridge safety cross chain. Such as Wormhole typically. The future was quick to prove him right.
Game over for Axie Infinity – $600 million
The following month, at the end of March, it is 173,600 ETH going up in smoke for the famous game Play to win Axie Infinity. It’s around 600 million dollars at the time of flight. By exploiting a flaw, hackers believed to be Lazar’s groupNorth Korean hackers mined the Ronin blockchain on which the game was running. To add another layer, two months later, it was the game’s Discord server that comes under attack.
The stolen funds would be later transformed into bitcoins.
Bridge hacks no shortage of Harmony – $100 million
To support the thesis of Vitalik Buterin, another crypto bridge is in the control of a hacker in June 2022. That of the Harmony blockchain. Without a doubt, transferring your cryptos to another blockchain is a risky process. Once again, there is a security breach allowed a hacker to obtain 85,860 ETHso close 100 million dollars at the time of the wrongdoing.
In words ? A vulnerability in the management of the multisig process responsible for guaranteeing the ETH bridge. A bug still identified a few weeks upstream by a user. However, he did not receive any feedback from the team at the time. They got it wrong.
Not being an isolated hacker, he becomes Nomad – $190 million
Poof, gone. Who is the new victim? I give you honey. A new bridge. Nomad. A bridge to transfer funds from Ethereum to chains like Evmos, Moonbeam or Milkomeda. At the beginning of August is the drama. of almost all deposited funds are stolen. It’s around 190 million dollars.
The flaw comes from the code, to be precise from the process() function. And unlike most hacks, no less than 41 addresses participated in the attack. So several hackers would have acted simultaneously. of the famous Tornado Cash protocol then made it possible to cover the tracks to the final destination of these funds.
Anyway, the next day the Nomad teams reacted. They announce that all hackers who return at least 90% of the stolen amount will be considered white hats. This means that no legal action would be taken against them. Even if this is not the whole story, the maneuver, which was reasonable to say the least, made it possible to recover $36 million quickly.
Wintermute, a mid-winter crypto hack – $160 million
Market making platform winter there is also is subject to major hacking last September. It is also the platform’s DeFi operations that have been affected. Their pendant CeFi AND OTC (Over The Counter) were spared. According to its CEO, Evgeny Gaevoy, this did not affect the solvency of the platform which still held more than twice the stolen amount in equity after the theft. Touched, but not sunk.
Moreover, of the assets extracted by the hackers, only two of them were obtained in amounts greater than 1 million dollars. It is not enough to have a strong impact on the prices of the cryptocurrencies in question.
Hacks to destruction, every blockchain is a hacker to deal with
The BNB chain, an open hacking operation – $500 million
It is the beginning of October Binance Token Hub is being targeted. Hackers are definitely not shy. This resulted in the theft of more than 2 million BNB tokens ie. at about that time 500 million dollars in crypto. Once again, this is a bridging problem. The developers need several hours to develop a patch before they are able to restart the blockchain, which was shut down during the analysis of the flaw.
A veritable hacker hunt ensues in which Binance analysts track down the thief. Funds are distributed quickly on 3 blockchains: Ethereum, Fantom and Polygon. However, $400 million, the bulk of the amount, may have been frozen before leaving the Binance blockchain.
Mango Markets, giant hake (bricot) fishery – $100 million
In October, it is also the turn of the Solana blockchain to pay the price of a great hack. And God knows then that this is not the end of his sorrow at this end of the year. Indeed, bankruptcy of FTX a month later it will have a significant impact on the ecosystem. Right now, that’s $112 million going up in smoke. An oracle-related flaw would have allowed the attacker to artificially inflate his collateral to borrow far more funds than he should have been able to.
The hacker will eventually be found two months later by the FBI in Puerto Rico. He who claimed to have acted within the legality and boundaries of the DeFi protocol will see if justice gives him reason or not. He is currently accused of fraud and market manipulation.
FTX, Hackers Blame for Bankrupt Exchange – $400 Million
What would a hacker series be without the FTX platform? The latter, not satisfied with the theft of funds from its clients, found itself yourself tricked by a malicious hacker. Time will tell if this was an internal company hack or not. The amount stolen is no less substantial, 400 million dollars. Therefore, mid-November is another nightmare for customers who are already deprived of their funds. Indeed, while any withdrawal remained impossible, FTX wallet addresses, closely watched by the crypto community, suddenly began distributing their funds through various networks.
However, the thief in all likelihood would far from being an expert on the subject. Not content with using a wallet address from the Kraken platform to maneuver, he would have also used platforms such as Uniswap, 1Inch or Cowswap to convert the stolen tokens. In particular, he would have lost a lot of money trying to move his loot from one place to another to cover his tracks.
A hack never ends – $6 million
The beginning of December is DeFi Protocol Ankr WHO suffer a great revenge. That’s 20 trillion aBNBc, an equivalent of BNB on the Ankr network, coming out of nothing, instantly reducing the price of the token to zero. The perpetrators were not able to convert the entire jackpot in time, however the perpetrators were able to get away with $6 million stolen and sent to Uniswap or Tornado Cash.
The crypto ecosystem remains a risky sector, at this point we are very much a hacker. However, it is also a very promising and future-oriented technological field. A domain in its teenage phase, in the grip of a destructive creation, which, according to the many innovations it updates, inevitably suffers attacks. The flip side of any emerging technology. This does not take anything away from blockchain and cryptos carrying huge value. The basics that may one day allow us to finally win financial freedom who keeps us so hacker.
Hacks are unfortunate risks, but not inevitable. Need peace of mind for your cryptos? Register quickly on the Binance platformthe gold standard in the industry and save 10% on your trading fees by following this link (trade link).