Browse Definitions :

Getty Images/iStockphoto

Top 9 cryptocurrency hacks of 2022

Top 9 cryptocurrency hacks of 2022

2022 was a record-breaking year for cryptocurrency attacks. Several of these cryptocurrency hacks occurred on the cross-chain exchange bridges.

Cross-chain bridges are protocols that let users move their cryptocurrency from one blockchain to another, typically by locking the user's cryptocurrency into a smart contract. Then the equivalent assets are minted on the second chain.

Cryptocurrency scams were up in 2022. A total of $3.1 billion was stolen by bad actors in 2022, and DeFi protocols accounted for 82.1% of the stolen cryptocurrency, according to a report from Chainalysis. The report also said a majority of these attacks were from North Korea cybercrime groups, such as the Lazarus Group, which stole more than $1.7 billion.

Here is a breakdown of some of the largest attacks in 2022. Losses are calculated based on the cryptocurrency value at the time of the attack.

1. Axie Infinity's Ronin Network

Ronin Network is a blockchain that supports the video game Axie Infinity, which is nonfungible token-based (NFT). In March 2022, bad actors attacked the nodes, which are computers used to process network transactions.

Bad actors used compromised private keys for fake withdrawals and drained 173,600 Ether and 25.5 USD Coin worth $625 million in two transactions. The Ronin sidechain -- a parallel blockchain off the main blockchain -- requires five signatures from authorized private keys for withdrawals. However, the bad actors gained control over all five of those private keys to complete these transactions.

The attack wasn't discovered until a user was unable to withdraw money and filed a report. The U.S. Treasury Department said this was the work of the North Korean hacking group Lazarus Group.

Learn how to avoid NFT scams.

Loss: $625 million

2. FTX

The FTX scam rocked the cryptocurrency world in November 2022. In addition to the collapse of the exchange, FTX wallets were drained of $415 million after CEO Sam Bankman-Fried filed bankruptcy. The money was moved, converted into different cryptocurrencies and never recovered.

FTX stored private keys in wallets that were unencrypted. Due to these poor security measures, it was easy to access the private keys in the wallet. The bad actor's identity is still unknown, but Bankman-Fried said it could be a former employee who stole the private keys.

Loss: $415 million

3. Wormhole

In February 2022, a threat actor found a vulnerability in cryptocurrency platform Wormhole, which is a bridge that lets users move cryptocurrencies and NFTs between various blockchains such as Ethereum, Solana, BNB Chain, Polygon, Oasis and Terra. The attacker found a fault in the code, enabling them to mint 120,000 wrapped ether tokens, which are on Solana blockchain. The hacker then redeemed these fraudulent tokens for ether on Ethereum and altcoins on Solana.

This equaled around $320 million at the time of theft. Unlike when other tokens are mined, the bad actor was able to create these tokens without the necessary collateral needed in a proof of stake.

Loss: $320 million

4. Nomad Bridge

In August 2022, Nomad -- another cross-chain bridge -- had $190 million drained. This exploit was different because it involved hundreds of addresses and not a single bad actor attack or group entity.

Due to a faulty smart contract, Nomad developers created an unsecure trusted root address in a generic form. This function meant anyone could withdraw funds from the bridge and bypass security through the contract check. Multiple users copied the original attacker's trusted address to funnel funds to their addresses.

More than 300 addresses gathered money through this exploit. Some of the addresses were ethical hackers, and they returned $22 million.

Loss: $190 million

5. Beanstalk Farms

Beanstalk Farms was attacked in April 2022 with a large governance hack, which is a method to manipulate the decentralized governance structure to change rules on the blockchain. Beanstalk Farms runs on Ethereum-based stablecoin protocol. A bad actor found a security loophole in Beanstalk's decision-making stablecoin project area. Stablecoins are tokens with values that don't fluctuate up and down -- their value stays stable.

The attacker used a flash loan attack to accumulate large amounts of Beanstalk's token, STALK. The attacker then used these tokens to propose and pass their own proposals, asking the community to send cryptocurrency assets to the hacker's address, including asking for money to donate to Ukraine. On Beanstalk, users can submit proposals and get them passed with majority votes from holders of Beanstalk's governance.

The attacker was able to get away with about $80 million in cryptocurrency assets. However, the effects of this attack caused the BEAN stablecoin to collapse and cost Beanstalk $182 million in protocol losses.

Loss: $182 million

6. Wintermute

Wintermute is a United Kingdom cryptocurrency market maker. In September 2022, its DeFi operations were hacked due to a smart contract vulnerability. A compromised private key was used to attack the platform.

There is also speculation that the threat actor used a Profanity tool, which generates cryptocurrency vanity wallet addresses used on the blockchain. Vanity wallets are customer addresses with a string of characters to identify a user's identity. The bad actor found a defect in the algorithm and was able to directly attack compromised private keys of users.

Loss: $162 million

7. Mango Markets

In October 2022, Mango Markets wasn't hit by an attack but rather a pump and dump scheme that exploited users through market manipulation. The threat actor -- identified as Avraham Eisenberg -- was arrested for the scam and admitted his involvement. First, Eisenberg bought millions of Mango tokens to deposit as collateral.

Next, he drove up the price of the Mango tokens by using two addresses. To do this, he sold large amounts of Mango tokens and used a separate account to purchase them. Eisenberg used the Mango token for large purchases to drive up the value.

With the increased collateral value, Eisenberg borrowed $116 million in cryptocurrency assets with no plans to repay the loan. Eventually, authorities were able to track the attack to Eisenberg, who admitted his involvement.

Loss: $116 million

8. Harmony Horizon

Harmony Horizon is a cross-chain bridge that connects multiple blockchains to exchange coins, including Ethereum and Binance Smart Chain. In June 2022, a bad actor stole around $100 million after compromising private keys authorized to the administrators that control the bridge. The attacker had access to two private keys and was able to approve these unauthorized transfers.

The attacker may have gotten access to those private keys through a phishing attack. Lazarus Group has also been tied to this attack.

Loss: $100 million

9. Binance Smart Chain

In October2022, threat actors found a loophole in Binance's cryptographic proof system and gained access to about $550 million worth of BNB tokens.

The exploit happened due to a vulnerability in the smart contract that let threat actors forge transactions and send the tokens to their accounts without the necessary approval.

The threat actors were unable to pocket all these tokens, as Binance CEO Changpeng Zhao said they caught the hack and prevented 80%-90% of the transfers from going to them. The chain network stopped this transfer by freezing the network. However, the bad actors did manage to get $100 million in funds to other chains before the network froze, and no Binance customers lost money.

Loss: $100 million

Next Steps

Top blockchain attacks, hacks and security issues explained

Worldcoin explained: Everything you need to know

Dig Deeper on Security

  • subnet (subnetwork)

    A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP ...

  • secure access service edge (SASE)

    Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native...

  • Transmission Control Protocol (TCP)

    Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between...

  • cyber attack

    A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the ...

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or...

  • What is security information and event management (SIEM)?

    Security information and event management (SIEM) is an approach to security management that combines security information ...

  • product development (new product development)

    Product development -- also called new product management -- is a series of steps that includes the conceptualization, design, ...

  • innovation culture

    Innovation culture is the work environment that leaders cultivate to nurture unorthodox thinking and its application.

  • technology addiction

    Technology addiction is an impulse control disorder that involves the obsessive use of mobile devices, the internet or video ...

  • organizational network analysis (ONA)

    Organizational network analysis (ONA) is a quantitative method for modeling and analyzing how communications, information, ...

  • HireVue

    HireVue is an enterprise video interviewing technology provider of a platform that lets recruiters and hiring managers screen ...

  • Human Resource Certification Institute (HRCI)

    Human Resource Certification Institute (HRCI) is a U.S.-based credentialing organization offering certifications to HR ...

Customer Experience
  • contact center agent (call center agent)

    A contact center agent is a person who handles incoming or outgoing customer communications for an organization.

  • contact center management

    Contact center management is the process of overseeing contact center operations with the goal of providing an outstanding ...

  • digital marketing

    Digital marketing is the promotion and marketing of goods and services to consumers through digital channels and electronic ...