Crypto, blockchain hacks cross $ 2 billion in first half year, to grow 3.2 times in 2022
The total amount of money lost due to hacks and breaches of web3 platforms has exceeded 2 billion dollars in the first half of 2022 – and thus exceeds the total volume of breaches seen globally in 2021. This could, according to the US-based cybersecurity firm CertiK see Crypto- and blockchain hack grows 3.23 times from year to year (YoY) this year – and shows little sign of giving up throughout the year.
According to CertiK’s Web3 Quarterly Security Report for Q2 2022, over $ 870 million was lost in the second quarter of the year due to web3 hacks and breaches. Interestingly, flash loan breaches saw a massive increase during this quarter – while Q1 lost $ 14.2 million in flash loan attacks, while the period between April and June lost over $ 308 million in similar attacks.
Flash loans are instant, unsecured cryptocurrencies offered by blockchain networks, which use smart contracts to present a set of conditions that a borrower must meet. Failure to do so will result in the smart contract failing – and the loan will be void.
Breaks such as the $ 182 million attack on the stablecoin project Beanstalk Farms, and the $ 79 million hacked by the other stablecoin project Fei Protocol, are among the biggest contributors to the sharp increase in flash loans.
The hacks represent a growing number of breaches of flash lending services offered by decentralized financial platforms (DeFi), which cyber security experts around the world have said are a growing concern due to code errors in these platforms.
Akshat Jain, co-founder and chief technology officer (CTO) of cybersecurity firm Cyware, told Mint that a key factor in the steady increase in such breaches is the lack of emphasis on security in DeFi platforms, blockchain networks and cryptocurrencies. .
“Over the last two years, a number of web3 platforms have grown at a furious pace, focusing largely on bringing in more users and adding features to their platforms. However, this also meant that apart from a select few, “Most of them put no effort into the security department. To date, some do not even have an information security officer,” Jain said.
This, he added, led to zero-day attacks being left for attackers to exploit at will.
Jain also added that although a select number of users have invested heavily, the amount that users have invested in web3 – especially in India – is largely small. “This often leads users to fall victim to social engineering attacks and phishing scams, where attackers promise ‘too good to be true’ returns to steal crypto wallet keys,” he said.
Such attacks are also reflected in CertiK’s report, which said that rug-pull, which sees attackers gaining a user’s trust before disappearing with their investments, amounted to $ 37.5 million in losses in Q2 this year.
