Browse Definitions :

Getty Images/iStockphoto

Top 9 cryptocurrency hacks of 2022

Top 9 cryptocurrency hacks of 2022

2022 was a record-breaking year for cryptocurrency attacks. Several of these cryptocurrency hacks occurred on the cross-chain exchange bridges.

Cross-chain bridges are protocols that let users move their cryptocurrency from one blockchain to another, typically by locking the user's cryptocurrency into a smart contract. Then the equivalent assets are minted on the second chain.

Cryptocurrency scams were up in 2022. A total of $3.1 billion was stolen by bad actors in 2022, and DeFi protocols accounted for 82.1% of the stolen cryptocurrency, according to a report from Chainalysis. The report also said a majority of these attacks were from North Korea cybercrime groups, such as the Lazarus Group, which stole more than $1.7 billion.

Here is a breakdown of some of the largest attacks in 2022. Losses are calculated based on the cryptocurrency value at the time of the attack.

1. Axie Infinity's Ronin Network

Ronin Network is a blockchain that supports the video game Axie Infinity, which is nonfungible token-based (NFT). In March 2022, bad actors attacked the nodes, which are computers used to process network transactions.

Bad actors used compromised private keys for fake withdrawals and drained 173,600 Ether and 25.5 USD Coin worth $625 million in two transactions. The Ronin sidechain -- a parallel blockchain off the main blockchain -- requires five signatures from authorized private keys for withdrawals. However, the bad actors gained control over all five of those private keys to complete these transactions.

The attack wasn't discovered until a user was unable to withdraw money and filed a report. The U.S. Treasury Department said this was the work of the North Korean hacking group Lazarus Group.

Learn how to avoid NFT scams.

Loss: $625 million

2. FTX

The FTX scam rocked the cryptocurrency world in November 2022. In addition to the collapse of the exchange, FTX wallets were drained of $415 million after CEO Sam Bankman-Fried filed bankruptcy. The money was moved, converted into different cryptocurrencies and never recovered.

FTX stored private keys in wallets that were unencrypted. Due to these poor security measures, it was easy to access the private keys in the wallet. The bad actor's identity is still unknown, but Bankman-Fried said it could be a former employee who stole the private keys.

Loss: $415 million

3. Wormhole

In February 2022, a threat actor found a vulnerability in cryptocurrency platform Wormhole, which is a bridge that lets users move cryptocurrencies and NFTs between various blockchains such as Ethereum, Solana, BNB Chain, Polygon, Oasis and Terra. The attacker found a fault in the code, enabling them to mint 120,000 wrapped ether tokens, which are on Solana blockchain. The hacker then redeemed these fraudulent tokens for ether on Ethereum and altcoins on Solana.

This equaled around $320 million at the time of theft. Unlike when other tokens are mined, the bad actor was able to create these tokens without the necessary collateral needed in a proof of stake.

Loss: $320 million

4. Nomad Bridge

In August 2022, Nomad -- another cross-chain bridge -- had $190 million drained. This exploit was different because it involved hundreds of addresses and not a single bad actor attack or group entity.

Due to a faulty smart contract, Nomad developers created an unsecure trusted root address in a generic form. This function meant anyone could withdraw funds from the bridge and bypass security through the contract check. Multiple users copied the original attacker's trusted address to funnel funds to their addresses.

More than 300 addresses gathered money through this exploit. Some of the addresses were ethical hackers, and they returned $22 million.

Loss: $190 million

5. Beanstalk Farms

Beanstalk Farms was attacked in April 2022 with a large governance hack, which is a method to manipulate the decentralized governance structure to change rules on the blockchain. Beanstalk Farms runs on Ethereum-based stablecoin protocol. A bad actor found a security loophole in Beanstalk's decision-making stablecoin project area. Stablecoins are tokens with values that don't fluctuate up and down -- their value stays stable.

The attacker used a flash loan attack to accumulate large amounts of Beanstalk's token, STALK. The attacker then used these tokens to propose and pass their own proposals, asking the community to send cryptocurrency assets to the hacker's address, including asking for money to donate to Ukraine. On Beanstalk, users can submit proposals and get them passed with majority votes from holders of Beanstalk's governance.

The attacker was able to get away with about $80 million in cryptocurrency assets. However, the effects of this attack caused the BEAN stablecoin to collapse and cost Beanstalk $182 million in protocol losses.

Loss: $182 million

6. Wintermute

Wintermute is a United Kingdom cryptocurrency market maker. In September 2022, its DeFi operations were hacked due to a smart contract vulnerability. A compromised private key was used to attack the platform.

There is also speculation that the threat actor used a Profanity tool, which generates cryptocurrency vanity wallet addresses used on the blockchain. Vanity wallets are customer addresses with a string of characters to identify a user's identity. The bad actor found a defect in the algorithm and was able to directly attack compromised private keys of users.

Loss: $162 million

7. Mango Markets

In October 2022, Mango Markets wasn't hit by an attack but rather a pump and dump scheme that exploited users through market manipulation. The threat actor -- identified as Avraham Eisenberg -- was arrested for the scam and admitted his involvement. First, Eisenberg bought millions of Mango tokens to deposit as collateral.

Next, he drove up the price of the Mango tokens by using two addresses. To do this, he sold large amounts of Mango tokens and used a separate account to purchase them. Eisenberg used the Mango token for large purchases to drive up the value.

With the increased collateral value, Eisenberg borrowed $116 million in cryptocurrency assets with no plans to repay the loan. Eventually, authorities were able to track the attack to Eisenberg, who admitted his involvement.

Loss: $116 million

8. Harmony Horizon

Harmony Horizon is a cross-chain bridge that connects multiple blockchains to exchange coins, including Ethereum and Binance Smart Chain. In June 2022, a bad actor stole around $100 million after compromising private keys authorized to the administrators that control the bridge. The attacker had access to two private keys and was able to approve these unauthorized transfers.

The attacker may have gotten access to those private keys through a phishing attack. Lazarus Group has also been tied to this attack.

Loss: $100 million

9. Binance Smart Chain

In October2022, threat actors found a loophole in Binance's cryptographic proof system and gained access to about $550 million worth of BNB tokens.

The exploit happened due to a vulnerability in the smart contract that let threat actors forge transactions and send the tokens to their accounts without the necessary approval.

The threat actors were unable to pocket all these tokens, as Binance CEO Changpeng Zhao said they caught the hack and prevented 80%-90% of the transfers from going to them. The chain network stopped this transfer by freezing the network. However, the bad actors did manage to get $100 million in funds to other chains before the network froze, and no Binance customers lost money.

Loss: $100 million

Dig Deeper on Security

  • talent pipeline

    A talent pipeline is a pool of candidates who are ready to fill a position.

  • recruitment process outsourcing (RPO)

    Recruitment process outsourcing (RPO) is when an employer turns the responsibility of finding potential job candidates over to a ...

  • human resources (HR) generalist

    A human resources generalist is an HR professional who handles the daily responsibilities of talent management, employee ...

Customer Experience
  • churn rate

    Churn rate is a measure of the number of customers or employees who leave a company during a given period.

  • marketing campaign management

    Marketing campaign management is the planning, executing, tracking and analysis of direct marketing campaigns.

  • sales-qualified lead (SQL)

    A sales-qualified lead (SQL) is a prospective customer that has been researched and vetted -- first by an organization's ...