2022 is going to be the biggest year for crypto hacks

While crypto entered a bear market during 2022, digital currencies continue to remain money machines for hackers, with investors losing over $3 billion in 125 hacks this year so far.

October alone has become the worst month ever for crypto-related crimes, with over $718 million in total losses. Data pointed out by Chainalysis last week noted the amount stolen from several decentralized finance (DeFi) protocols across 11 different attacks.

The blockchain research firm said 2022 “will likely surpass 2021 as the biggest year of hacking ever.”

“Despite the current bear market, we are seeing a lot of activity among hackers, targeting various protocols,” said Jasper Lee, an audit technical lead at crypto audit firm Sooho.io.

“For these protocols or dapps [decentralised apps] which are not thoroughly audited, they provide easy and reliable short-term profits. Poorly protected protocols are low-hanging fruit for hackers,” Lee added.

In 2021, attackers stole over $3.2 billion in hacks. The biggest heist of 2021 was a $613 million code exploit on the Poly Network.

2022 got off to a rocky start, with a $325 million takeover of popular cross-blockchain bridge Wormhole on the Solana-Ethereum ecosystem. That was followed by a sophisticated attack in March on crypto game Axie infinity’s Ethereum-based Ronin bridge, which saw $625 million worth of crypto stolen from the protocol.

In August, hackers broke into Nomad, a program that allows users to exchange tokens from one blockchain to another, and stole about $190 million in bitcoin.

According to Chainalysis, three different bridges were breached this month. This included an attack on a BNB Chain-based bridge, which saw exploiters illegally obtain over $100 million; a tier 1 blockchain QAN platform that was hacked and saw nearly $1 million in tokens stolen.

Last Tuesday, $100 million in liquidity was drained from Solana’s popular Mango Markets trading protocol after a rogue trader manipulated spot token prices to borrow the entire protocol’s assets against their position.

Among the primary attack vectors in the crypto sector range from exploiting “bridges” – which is a blockchain-based tool that allows users to trade between different networks – to market manipulation, where rogue traders spend millions of dollars to shift thinly traded markets in their favor to net multiples of the initial capital deployed.

Back in 2019, most of the hacks targeted centralized exchanges; now, a large majority of the targets are DeFi protocols, whose extensive smart contract capabilities powering the platforms have thrown up newer and deeper vulnerabilities. Centralized exchanges fell out of favor probably due to the embrace of AML and KYC procedures among major exchanges.

Historically, cryptocurrency thefts have largely been the result of security breaches where hackers gain access to victims’ private keys – the crypto equivalent of pickpocketing. These keys can be acquired through phishing, keylogging, social engineering, or other techniques.

In terms of transaction volume, fraud was the largest form of crypto-based crime, with over $7.7 billion from victims worldwide in 2021.

Overall, crypto-based crime in 2021 was at an all-time high, with over $14 billion in value received by illegal addresses.

However, these figures must be put into perspective.

Given the high adoption rate of crypto (in 2021 it was up 567 percent from 2020), the growth of legitimate crypto use far outpaces the growth of criminal use (up 79 percent from 2020), and illegal activity’s share of crypto transaction volume has never been lower.

Source: TRT World