Browse Definitions :

Getty Images/iStockphoto

Top 9 cryptocurrency hacks of 2022

Top 9 cryptocurrency hacks of 2022

2022 was a record-breaking year for cryptocurrency attacks. Several of these cryptocurrency hacks occurred on the cross-chain exchange bridges.

Cross-chain bridges are protocols that let users move their cryptocurrency from one blockchain to another, typically by locking the user's cryptocurrency into a smart contract. Then the equivalent assets are minted on the second chain.

Cryptocurrency scams were up in 2022. A total of $3.1 billion was stolen by bad actors in 2022, and DeFi protocols accounted for 82.1% of the stolen cryptocurrency, according to a report from Chainalysis. The report also said a majority of these attacks were from North Korea cybercrime groups, such as the Lazarus Group, which stole more than $1.7 billion.

Here is a breakdown of some of the largest attacks in 2022. Losses are calculated based on the cryptocurrency value at the time of the attack.

1. Axie Infinity's Ronin Network

Ronin Network is a blockchain that supports the video game Axie Infinity, which is nonfungible token-based (NFT). In March 2022, bad actors attacked the nodes, which are computers used to process network transactions.

Bad actors used compromised private keys for fake withdrawals and drained 173,600 Ether and 25.5 USD Coin worth $625 million in two transactions. The Ronin sidechain -- a parallel blockchain off the main blockchain -- requires five signatures from authorized private keys for withdrawals. However, the bad actors gained control over all five of those private keys to complete these transactions.

The attack wasn't discovered until a user was unable to withdraw money and filed a report. The U.S. Treasury Department said this was the work of the North Korean hacking group Lazarus Group.

Learn how to avoid NFT scams.

Loss: $625 million

2. FTX

The FTX scam rocked the cryptocurrency world in November 2022. In addition to the collapse of the exchange, FTX wallets were drained of $415 million after CEO Sam Bankman-Fried filed bankruptcy. The money was moved, converted into different cryptocurrencies and never recovered.

FTX stored private keys in wallets that were unencrypted. Due to these poor security measures, it was easy to access the private keys in the wallet. The bad actor's identity is still unknown, but Bankman-Fried said it could be a former employee who stole the private keys.

Loss: $415 million

3. Wormhole

In February 2022, a threat actor found a vulnerability in cryptocurrency platform Wormhole, which is a bridge that lets users move cryptocurrencies and NFTs between various blockchains such as Ethereum, Solana, BNB Chain, Polygon, Oasis and Terra. The attacker found a fault in the code, enabling them to mint 120,000 wrapped ether tokens, which are on Solana blockchain. The hacker then redeemed these fraudulent tokens for ether on Ethereum and altcoins on Solana.

This equaled around $320 million at the time of theft. Unlike when other tokens are mined, the bad actor was able to create these tokens without the necessary collateral needed in a proof of stake.

Loss: $320 million

4. Nomad Bridge

In August 2022, Nomad -- another cross-chain bridge -- had $190 million drained. This exploit was different because it involved hundreds of addresses and not a single bad actor attack or group entity.

Due to a faulty smart contract, Nomad developers created an unsecure trusted root address in a generic form. This function meant anyone could withdraw funds from the bridge and bypass security through the contract check. Multiple users copied the original attacker's trusted address to funnel funds to their addresses.

More than 300 addresses gathered money through this exploit. Some of the addresses were ethical hackers, and they returned $22 million.

Loss: $190 million

5. Beanstalk Farms

Beanstalk Farms was attacked in April 2022 with a large governance hack, which is a method to manipulate the decentralized governance structure to change rules on the blockchain. Beanstalk Farms runs on Ethereum-based stablecoin protocol. A bad actor found a security loophole in Beanstalk's decision-making stablecoin project area. Stablecoins are tokens with values that don't fluctuate up and down -- their value stays stable.

The attacker used a flash loan attack to accumulate large amounts of Beanstalk's token, STALK. The attacker then used these tokens to propose and pass their own proposals, asking the community to send cryptocurrency assets to the hacker's address, including asking for money to donate to Ukraine. On Beanstalk, users can submit proposals and get them passed with majority votes from holders of Beanstalk's governance.

The attacker was able to get away with about $80 million in cryptocurrency assets. However, the effects of this attack caused the BEAN stablecoin to collapse and cost Beanstalk $182 million in protocol losses.

Loss: $182 million

6. Wintermute

Wintermute is a United Kingdom cryptocurrency market maker. In September 2022, its DeFi operations were hacked due to a smart contract vulnerability. A compromised private key was used to attack the platform.

There is also speculation that the threat actor used a Profanity tool, which generates cryptocurrency vanity wallet addresses used on the blockchain. Vanity wallets are customer addresses with a string of characters to identify a user's identity. The bad actor found a defect in the algorithm and was able to directly attack compromised private keys of users.

Loss: $162 million

7. Mango Markets

In October 2022, Mango Markets wasn't hit by an attack but rather a pump and dump scheme that exploited users through market manipulation. The threat actor -- identified as Avraham Eisenberg -- was arrested for the scam and admitted his involvement. First, Eisenberg bought millions of Mango tokens to deposit as collateral.

Next, he drove up the price of the Mango tokens by using two addresses. To do this, he sold large amounts of Mango tokens and used a separate account to purchase them. Eisenberg used the Mango token for large purchases to drive up the value.

With the increased collateral value, Eisenberg borrowed $116 million in cryptocurrency assets with no plans to repay the loan. Eventually, authorities were able to track the attack to Eisenberg, who admitted his involvement.

Loss: $116 million

8. Harmony Horizon

Harmony Horizon is a cross-chain bridge that connects multiple blockchains to exchange coins, including Ethereum and Binance Smart Chain. In June 2022, a bad actor stole around $100 million after compromising private keys authorized to the administrators that control the bridge. The attacker had access to two private keys and was able to approve these unauthorized transfers.

The attacker may have gotten access to those private keys through a phishing attack. Lazarus Group has also been tied to this attack.

Loss: $100 million

9. Binance Smart Chain

In October2022, threat actors found a loophole in Binance's cryptographic proof system and gained access to about $550 million worth of BNB tokens.

The exploit happened due to a vulnerability in the smart contract that let threat actors forge transactions and send the tokens to their accounts without the necessary approval.

The threat actors were unable to pocket all these tokens, as Binance CEO Changpeng Zhao said they caught the hack and prevented 80%-90% of the transfers from going to them. The chain network stopped this transfer by freezing the network. However, the bad actors did manage to get $100 million in funds to other chains before the network froze, and no Binance customers lost money.

Loss: $100 million

Next Steps

Top blockchain attacks, hacks and security issues explained

Worldcoin explained: Everything you need to know

Dig Deeper on Security

  • telecommunications (telecom)

    Telecommunications, also known as telecom, is the exchange of information over significant distances by electronic means and ...

  • remote infrastructure management

    Remote infrastructure management, or RIM, is a comprehensive approach to handling and overseeing an organization's IT ...

  • port address translation (PAT)

    Port address translation (PAT) is a type of network address translation (NAT) that maps a network's private internal IPv4 ...

  • multifactor authentication

    Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent ...

  • cyber insurance

    Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help ...

  • Protected Extensible Authentication Protocol (PEAP)

    Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.

  • digital innovation

    Digital innovation is the adoption of modern digital technologies by a business.

  • business goals

    A business goal is an endpoint, accomplishment or target an organization wants to achieve in the short term or long term.

  • vertical SaaS (software as a service)

    Vertical SaaS describes a type of software as a service solution created for a specific industry, such as retail, financial ...

  • employee onboarding and offboarding

    Employee onboarding involves all the steps needed to get a new employee successfully deployed and productive, while offboarding ...

  • skill-based learning

    Skill-based learning develops students through hands-on practice and real-world application.

  • gamification

    Gamification is a strategy that integrates entertaining and immersive gaming elements into nongame contexts to enhance engagement...

Customer Experience
  • virtual assistant (AI assistant)

    A virtual assistant, also called an AI assistant or digital assistant, is an application program that understands natural ...

  • Microsoft Dynamics 365

    Dynamics 365 is a cloud-based portfolio of business applications from Microsoft that are designed to help organizations improve ...

  • Salesforce Commerce Cloud

    Salesforce Commerce Cloud is a cloud-based suite of products that enable e-commerce businesses to set up e-commerce sites, drive ...