The 10 largest crypto hacks and exploits in 2022 saw $2.1B stolen
It’s been a tumultuous year for the cryptocurrency industry – market prices have taken a huge tumble, cryptocurrency giants have collapsed, and billions have been stolen in crypto exploits and hacks.
It wasn’t even halfway through October when Chainalysis announced 2022 as “the biggest year ever for hacker activity.”
As of December 29, the 10 biggest exploits of 2022 have stolen $2.1 billion from crypto protocols. Below are those exploits and hacks, listed from smallest to largest.
10: Beanstalk Farm Exploitation – $76 million
Stablecoin protocol Beanstalk Farms suffered a $76 million exploit on April 18 by an attacker who used a flash loan to buy governance tokens. This was used to pass two proposals that introduced malicious smart contracts.
The exploit was originally thought to have cost around $182 million after Beanstalk was stripped of all of its collateral, but in the end, the attacker only managed to get away with less than half of that.
9: Leveraging the Qubit Finance Bridge — $80 million
Qubit Finance, a decentralized finance (DeFi) protocol on the BNB Smart Chain, had over $80 million worth of BNB (BNB) stolen on January 28 in a bridge exploit.
The attacker tricked the protocol’s smart contract into believing they had deposited collateral that allowed them to create an asset representing the associated Ether (ETH).
They repeated this many times and borrowed multiple cryptocurrencies against unbacked ETH, depleting the protocol’s funds.
8: Rari’s insurance utilization – $79.3 million
Another DeFi protocol called Rari Capital floated on April 30 for an amount of around $79.3 million.
The attacker exploited a re-entry vulnerability in the protocol’s Rar Fuse liquidity pool smart contracts, causing them to call a function in a malicious contract to empty pools of all crypto.
In September, Tribe DAO, which includes Rari Capital and other DeFi protocols, voted to refund users affected by the hack.
7: Harmony Bridge hack – $100 million
In another bridge hack, the Horizon Bridge connecting Ethereum, Bitcoin (BTC) and BNB Chain to Harmony’s layer 1 blockchain was emptied of around $100 million in multiple cryptocurrencies.
Blockchain forensics firm Elliptic has pinned down the attack on North Korean cybercrime syndicate Lazarus Group, after funds were laundered in a manner similar to other known Lazarus attacks.
Lazarus is understood to have targeted the login credentials of Harmony employees, breaching the platform’s security system and gaining control of the protocol before deploying automated scrubbing programs to move their illicit gains.
6: Leveraging the BNB chain bridge – $100 million
The BNB chain was shut down on October 6 due to “irregular activity” on the network, which was later revealed to be an exploit that siphoned off around $100 million from its cross-bridge, the BSC Token Hub.
Initially, it was thought that the attacker was able to get around $600 million due to a vulnerability that allowed the creation of approximately two million BNB, the chain’s original token.
Unfortunately for the attacker, they had about $400 million in digital assets frozen on the blockchain, and more were probably stuck in interlocking bridges on the BNB side of the blockchain.
5: Wintermute Hack – $160 million
UK-based crypto market maker Wintermute suffered a compromised hot wallet that saw approximately $160 million in 70 tokens transferred from the wallet.
Analysis by blockchain cybersecurity firm CertiK claimed that a vulnerable private key was compromised that was likely created by Profanity – an app that allows users to generate vanity crypto addresses, which has a known exploit.
According to CertiK, this allowed the attacker to use a function with the private key that allowed the hacker to change the platform’s exchange contract with the hacker’s.
Conspiracy theories claiming the hack was an “inside job” due to the way it was carried out were dismissed by security firm BlockSec, which said the allegations were “not convincing enough”.
4: Use of the nomad bridge – 190 m
On August 2, the Nomad token bridge, which allows users to exchange cryptocurrencies across multiple blockchains, was bled by multiple attackers to the tune of $190 million.
A smart contract vulnerability that failed to properly validate transaction inputs was the cause of the exploit.
Multiple users, seemingly malicious and benevolent, were able to copy the attacker’s original moves to funnel the funds to themselves. About 88% of the addresses participating in the exploit were identified as “copycats” in one report.
Only about $32.6 million of funds were captured and returned to the protocol by white hat hackers.
3: Wormhole Bridge Exploitation – $321 million
The Wormhole token bridge suffered an exploit on February 2 that resulted in the loss of 120,000 Wrapped Ether (wETH) tokens worth $321 million.
Wormhole allows users to send and receive crypto between multiple blockchains. An attacker found a vulnerability in the protocol’s smart contract and was able to create 120,000 WETH in Solana (SOL) unbacked by collateral and was then able to exchange this for ETH.
At the time it marked the biggest exploit in 2022 and is the third biggest loss of the protocol overall for the year.
2: FTX Wallet Hack – $477 million
During the start of FTX’s bankruptcy proceedings on November 11 and 12, a series of unauthorized transactions took place on the exchange, with Elliptic suggesting that around $477 million worth of crypto was stolen.
Sam Bankman-Fried said in a Nov. 16 interview that he believed it was “either an ex-employee or somewhere someone installed malware on an ex-employee’s computer” and had limited the perpetrator to eight people before he was kicked out of the systems of the company.
Related: 7 Biggest Crypto Collapses of 2022 The Industry Wishes to Forget
According to reports, on December 27, the United States Department of Justice launched an investigation into the whereabouts of approximately $372 million in missing crypto.
1: Ronin Bridge Hack – $612 million
The largest exploit to occur in 2022 occurred on March 23, when Ronin Bridge was mined for approximately $612 million — 173,600 ETH and $25.5 million USDC.
Ronin is an Ethereum sidechain built for Axie Infinity, a play-to-win non-fungible token (NFT) game. Sky Mavis, the developers of Axie Infinity, said hackers gained access to private keys, compromised verifier nodes and approved transactions that drained funds from the bridge.
The US Treasury Department updated its list of designated nationals and blocked persons (SDN) on April 14 to reflect the possibility that the Lazarus Group was behind the bridge exploitation.
The Ronin Bridge hack is the biggest cryptocurrency exploit ever.