The Biggest Cryptocurrency Project Hacks Of 2022

The collapse of the crypto market before the update of multi-month local lows was not the only unpleasant event in 2022. In the past year, many cryptocurrency projects have been subject to devastating hacks.

The damage from the theft of cryptocurrencies reached $ 3 billion, which is a third more than in 2021. In general, 2022 has every chance to go down in the history of the crypto market as the worst year.

Hackers are getting more and more inventive and are using very advanced exploit tactics to break decentralized applications. Among the most high-profile security incidents, successful attacks on cross-chain bridges and decentralized financial protocols stood out in particular.

Cross-chain bridges partially solve the problem of blockchain fragmentation and simplify operations like TRX to BNB exchange. However, the specifics of their functioning make them attractive targets for hackers.

The damage of especially successful attacks was estimated at hundreds of millions of dollars. Using vulnerabilities in smart contracts, they gained access to crypto assets and stole them without authorization.

Ronin – $625 million

In the last days of March, the Ronin sidechain was hacked, which hosted the popular Sky Mavis game Axie Infinity. Hackers stole $625 million in various crypto assets. This incident was the largest single theft of cryptocurrencies by hackers to date. During the investigation, it was possible to identify the attackers, the theft of the century was carried out by the North Korean hacker group Lazarus.

To gain access to the Sky Mavis IT infrastructure, hackers launched a phishing attack on the email of a former employee of the company. When they managed to gain access to the validators’ keys, the attackers took control of the network and withdrew more than 173,600 Ethereum (ETH) and 25.5 million USDC stablecoins.

SkyMavis said most of those affected have received full damages.

FTX – about $400 million

In the twisted story of the collapse of the centralized FTX exchange, hackers played a significant role. Shortly after former CEO Sam Bankman-Fried filed for Chapter 11 bankruptcy protection, about $400 million was withdrawn from the exchange’s wallets.

This incident was confused by many media outlets with another transfer of approximately the same amount, which was carried out under the order of the Bahamas Securities Commission for custody of assets.

The new head of FTX, John J. Ray III, said that these were two different translations. The hack and another major transfer of assets ordered by Bahamas regulators coincided in time but were unrelated. This is also confirmed by the analytical company Chainalysis, which is partnering with FTX in search of assets.

The theft was also possible because FTX used very weak security controls and kept the private keys to its wallets in plain text.

Wormhole – $325 million

The Wormhole cross-chain bridge protocol links the Ethereum and Solana blockchains. Using it, users can lock ETH and receive a pegged asset called Wormhole ETH (wETH) for transactions on the Solana network. In the early days of feral, an unknown hacker forged some of the bridge’s security signatures, materialized non-existent 120,000 wETH worth $325 million, and exchanged them for real coins on the Ethereum network.

The work of the bridge was stopped for some time, it seemed that the project had come to an end. However, Wormhole recovered all the stolen coins a few days later and reopened the bridge.

Nomad – $190 million

The Nomad multi-chain bridge connects the Ethereum, Moonbeam, Avalanche, and Evmos blockchains. The attack became possible due to an update error when a null address was specified as a trusted root. When the problem became known to the general public, the owners of over 300 addresses rushed to steal funds. About $190 million was withdrawn from Nomad, and this is very bad news.

However, there is better news: some addresses belong to white hat hackers, who soon returned some of the funds. 22 million out of 190 is certainly not much, but better than nothing.

TRX to MATIC conversion on LetsExchange is performed without the use of cross-chain bridges. The platform does not store client funds in any form, which ensures the highest possible level of security for cryptocurrency transactions.