Wednesday, December 11, 2024
banner


The year 2022 was another turning point for the digital asset industry. From bipartisan legislation in the United States to the European Union’s landmark regulation of markets for crypto-assets (MiCA), the entry of cryptocurrencies into the mainstream continues apace.

However, one issue that has spooked governments, regulators, law enforcement and others is the alarming number of crypto hacks, which are increasing in intensity. Elliptic research found that the total amount stolen in exploitation in 2022 was around $3.3 billion – up from $2 billion the previous year.

According to ours The state of cross-crime In the report, in 2022, hackers are increasingly using decentralized finance (DeFi) platforms such as decentralized exchanges (DEX) and cross-chain bridges to facilitate cryptocurrency theft. These services have removed many barriers to the free flow of capital between cryptoassets.

As a result, the daily average amount stolen from the DeFi protocol has now exceeded a record $7.6 million, according to Elliptic research.

Now, hardly a week goes by without some sort of crypto hack hitting the news. In October 2022 alone, blockchain security firm Peckshield estimated that there were at least 44 exploits involving 53 protocols.

Below is a list of the highest-grossing hacks of 2022 – ranked by the amount stolen in each attack.

BSC Token Hub: $569 million

In October 2022, Binance confirmed an exploit on the Binance Smart Chain (BSC) that resulted in the minting of $569 million worth of BNB.

The attacker(s) became the transmitter for Binance Bridge (BSC Token Hub) before exploiting the proof-of-verification vulnerability, allowing them to deposit two million BNB to BSC address 0x489A8756C18C0b8B24EC2a2b9FF3D4d447F79BEc.

According to Twitter user @FrankResearcher, attackers managed to find a way to forge the proof of block 110217401 – the block confirmed two years ago. Based on their findings, the vulnerability was exploited by forging arbitrary messages to create new tokens.

The newly created BNB tokens were then exchanged for other assets on and off the BNB smart chain, including Ethereum, Polygon, Fantom, Avalanche, Optimism and Arbitrum.

With Elliptic’s new Holistic Screening tool, compliance teams can screen crypto transactions and wallets regardless of asset or blockchain. This significantly simplifies and reduces the burden on compliance resources.

Ronin Network: $540 million

In March 2022, the Ronin network announced that 173,600 ether and $25.5 million in coins had been stolen from the Ronin cross-chain bridge. The total value of digital assets at the time of the theft was $540 million, making it the second largest cryptocurrency theft of all time.

The breach reportedly occurred as a result of an attacker hacking Ronin Bridge’s “validation nodes.” Funds can be moved out if five out of nine validators approve.

The attacker was able to obtain the private cryptographic keys belonging to the five validators, which was enough to steal the cryptoasset. Ronin’s post-mortem claims that “all evidence points to this attack being social engineering, not a technical flaw”.

The incident happened six days before Ronin announced the exploit. Amid the confusion over the delayed response, he announced that the exploit was only discovered after an attempt to withdraw 5,000 ETH from one of their users failed. At the time of discovery, the stolen funds were worth more than $615 million.

Two weeks after Ronin’s announcement, the US Treasury’s Office of Foreign Assets Control (OFAC) announced new sanctions against the thief’s Ethereum address and named the owner of this address as the Lazarus Group – a North Korean state hacking organization.

FTX: $477 million

In November 2022, just 24 hours after filing for Chapter 11 bankruptcy in the US, $477 million of cryptoassets were siphoned from FTX’s wallet, through what was believed to be a series of “unauthorized” transfers.

Within hours, most of the tokens taken from FTX were exchanged for ETH via decentralized exchanges. This is a tactic commonly seen in large-scale hacks, where thieves seek to avoid seizure of stolen assets such as stablecoins, which can be frozen by their issuers.

Although it was only recently that approximately $100 million USDT (Tether) and Paxos Gold (PAXG) tokens taken from FTX were frozen by their issuers.

On the morning of November 20, the ETH in the account began to convert to RenBTC, before being bridged to Bitcoin via the RenBridge service. Ren was acquired by Alameda Research – FTX’s parent company – last year.

The use of RenBridge in this way has often been seen to launder the proceeds of hacks. Elliptical research has shown how the service has previously been used to launder hundreds of millions of dollars in crypto.

However, RenBridge will be shut down after the collapse of FTX. With Alameda being bought by Ren, and with both Alameda and FTX filing for bankruptcy, the bridge has no choice but to be scrapped.

However, the group behind RenBridge has announced plans to launch a fully decentralized version 2.0, so this may not be the last you hear of it.

Wormhole Portal: $325 million

In February, Wormhole Portal – the DeFi bridge between Solana and other blockchains – suffered an exploit that led to the theft of 120,000 Ether (worth $325 million at the time).

The exploit allowed the attacker to mine 120,000 Wrapped ETH on the Solana blockchain, of which 93,750 ETH was then transferred to the Ethereum blockchain.

According to Blockworks, Wormhole’s parent company Jump Crypto recovered all the Ether lost in the attack that same month.

Wintermute: $162 million

Crypto market maker Wintermute lost around $162 million after its DeFi operations were breached in September 2022.

According to blockchain security company Certik, a vulnerable private key was used to attack the platform, which is speculated to have been brute-forced or leaked. It added that a vulnerability in the Profanity gist address generator was likely the cause of the breach.

Nomad: $156 million

In August 2022, Nomad – a bridging network that allows users to convert their assets over the blockchain – mined more than $156.4 million.

As we wrote at the time: “Over 40 attackers used a code bug that allowed them to spoof transactions – draining Nomad’s Ethereum contract of most of its funds.

“The attack was enabled by a recent change in Nomad’s smart contract that allowed users to ‘spoof’ transactions – falsely claiming ownership of the collateral within the bridge. The original exploiter used the vulnerability to bridge 0.1 wrapped bitcoin (WBTC) through the Moonbeam blockchain – ending up with 100 WBTC ($2.3 million) on Ethereum.”

Users of our Elliptic Lens wallet verification tool and our Elliptic Navigator transaction tracker will be able to ensure that they are not processing funds stolen from crypto exploits. You can read our 2022 report “Preventing Financial Crime in Crypto Assets” or contact us for a demo.

Mango Markets: $118 million

In October 2022, trading platform Mango Markets lost $118 million after an attacker successfully manipulated the protocol’s price prophecy.

The exploit – which took place on the evening of October 11 – was triggered after two USDC-funded Solana accounts took an excessive position on the Mango (MNGO)-Perpetual Protocol (PERP) token pair, causing a short-lived spike in MNGO prices .

The Mango Markets attack took place over a 30-day period between mid-September and mid-October, in which nearly $900 million was stolen from the DeFi protocol.

As we noted at the time, attacks mainly targeted cross-chain bridges in 2022, due to their high level of liquidity and operations on less secure blockchains. Find out more by downloading our State of Inter-Chain Crime report here.

Horizon: $100 million

In June 2022, Horizon bridge – which runs on the Harmony, Ethereum and Binance Smart Chain blockchains – suffered a theft that resulted in a loss of $100 million.

As we reported at the time, the hacker stole various assets including ETH, BNB, USDT, USDC and Dai. The thief immediately used Uniswap – a decentralized exchange (DEX) – to convert the Ethereum-based funds into a total of 85,837 Ether. This is a common laundering technique used to avoid confiscation of stolen property.

The thief then transferred all the ETH to Tornado Cash over the next six days. By sending these funds through Tornado, the thief tried to trace the transaction back to the original theft – making it easier to withdraw the funds at the exchange.

However, Elliptic was able to use its Tornado demixing techniques to trace the stolen funds through Tornado Cash to a number of new Ethereum wallets.

We now believe it is likely that North Korea’s Lazarus Group is responsible for this theft, based on the nature of the hacking and laundering of the stolen assets.

Beanstalk Farms: $76 million

In April 2022, a series of malicious transactions targeting Beanstalk Farms – a decentralized Ethereum-based stablecoin protocol – was reported. This resulted in a loss of 25,000 Ether (ETH), which at the time was worth $76 million.

The exploiter stole various cryptoassets from the platform, including BEAN – the original stablecoin of the protocol. With most of its assets depleted, the protocol lost more than $182 million in value, and the price of BEAN dropped from $1 to $0.1.

Almost all of the stolen funds were sent through the now approved Ethereum-based smart contract mixer Tornado Cash, while $250,000 in USDC was donated to the Crypto Fund of Ukraine.

The attack started when an exploiter bought 212,858.50 BEAN with an initial investment of 73 ETH. The BEANs are then deposited into a “silo” – a protocol-specific term for a funding pool – where users can deposit funds in exchange for a reward. Silo funds maintain BEAN’s fixed price of $1.

The exploiter then proposed two “Bean Improvement Proposals” (BIPs) for Beanstalk’s smart contract code. Proposals for code changes are common in DeFi, and their approval is subject to the democratic consensus of protocol users.

The BIPs – disguised as proposals for donations to Ukraine – were malicious proposals to transfer protocol funds to the researcher’s own wallet, which were already causing controversy among confused users before the theft.

After borrowing nearly $1 billion in assets, the exploiter deposited them into a silo to accumulate roughly 67% of the “stalk position”—the protocol’s term for voting power.

Under the rules of the BIP acceptance protocol, the exploiter could then independently approve malicious proposals to transfer funds to their wallets – 24 hours after they were originally proposed. The stolen BEAN and associated liquidity pool units were then converted into ETH.

Do you find this interesting? Share on your network.



banner
crypto & nft lover

Johnathan DoeCoin

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar.

Follow Me

Top Selling Multipurpose WP Theme

Newsletter

banner

Leave a Comment

crypto & nft lover

John DoeCoin

Learn all about cryptocurrency and NFT, we publish news and interesting fauths from the world of crypto.

@2022 u2013 All Right Reserved. Designed and Developed by Evegal.com