In addition to being one of the most difficult years for the cryptocurrency market, 2022 was, unfortunately, a record year for crypto hackers. Last year alone, more than $3.5 billion worth of cryptocurrencies were stolen, driving the total amount of stolen crypto to shocking numbers.
Hackers stole more crypto in 2022 than in 2019, 2020 and 2021 combined
Cryptocurrency thefts have taken off in the last five years, from just nine thefts in 2017 to 132 in 2021.
In August 2021 alone, nearly $730 million was lost. Of that amount, $610 million was stolen in a single Polynetwork heist, the second largest heist ever.
According to Comparitech data, hackers stole more than $2.7 billion in 132 crypto heists in 2021. However, last year, the number of attacks increased by 45%.
The statistics show that in 2022 alone there were 192 thefts while hackers stole $3.57 billion – more than in 2019, 2020 and 2021 combined.
Since 2011, there have been 500 cases of theft in the crypto market worldwide and almost 65% of them have taken place in the last two years.
Three of the five biggest robberies occurred in 2022
In addition to the largest number of thefts so far, 2022 also recorded some of the largest crypto heists, as three of the five largest robberies of all time occurred last year.
In March 2022, crypto network Ronin Network announced that its systems had been breached and a total of $620 million had been stolen, in the largest crypto market heist to date.
Several months later, hackers stole $570 million from Binance’s BNB, in the third largest crypto heist to date.
In November, hackers stole approximately $477 million worth of cryptocurrency from the crashing FTX exchange, making it the fifth largest heist in the cryptocurrency space.
Statistics show that hackers stole nearly $1.7 billion worth of crypto assets from these three attacks alone.
Read Also: TOP 5 Biggest Crypto Hacks 2022
Top 10 Hacks 2022
Let’s see the biggest crypto heists that occurred in 2022 in more detail
Ronin Network: $625 million
In the biggest heist of the year, more than half a billion dollars in Ethereum and USDC (the stablecoin whose value moves based on the US dollar) were stolen from the Ronin Network, the blockchain that powers the Axie Infinity video game.
According to the company, the perpetrators managed to hack into the servers that processed the network’s transactions.
The activity went undetected until one user was unable to withdraw funds and filed a report. The US Treasury Department later linked the heist to the Lazarus Group hacker group allegedly backed by North Korea.
FTX Network: $447 million
Hackers stole around $477 million worth of cryptocurrency from the collapsed exchange FTX and have begun to launder the funds into bitcoin. The majority of the funds were converted into ether, which is then being converted into bitcoin using a bridge.
Elliptic researchers have said that RenBridge has been used to launder “hundreds of millions” of dollars in cryptocurrency suspected of being sourced from ransomware attacks or hacks.
It is unclear how much the assets that Bahamian regulators took into custody are worth, and the hackers are likely to use mixers to cover their blockchain trail.
Wormhole Network: $325 million
On February 2, a hacker exploited a vulnerability in the Wormhole Network, a “bridge” protocol that allows users to move cryptocurrencies and NFTs between multiple pairs of blockchains.
According to Chainalysis, the perpetrator appears to have found a bug in Wormhole’s code that allowed him to create 120,000 wETH – an equivalent of ether on the Solana blockchain, worth approximately $325 million at the time of the theft in question.
The company did not ransom the hackers and subsequently parent company Jump Crypto made up for the stolen funds.
Nomad: $190 million
A hacker exploited a vulnerability in Nomad’s code on August 1, creating a message that tricked the cross-chain protocol into sending tokens without proper authorization.
The bug was so simple that it didn’t even require programming skills to exploit. Soon, dozens of “copycats” were taking part in the heist. Nomad managed to recover over $20 million after begging users to return the money.
Beanstalk Farms: $182 million
In April, a hacker managed to siphon over $150 million worth of cryptocurrency from Beanstalk Farms, an Ethereum-based stable coin project.
According to blockchain security firm CertiK, the attacker used a flash loan – which allows users to borrow large amounts of cryptocurrency for very short periods of time – obtained through the decentralized Aave protocol to borrow nearly $1 billion worth of cryptocurrency and exchanged it to gain a 67% stake in Beanstalk.
With the majority stake in his possession, the hacker was able to transfer Beanstalk’s tokens into his own digital wallet. Using Aave’s flash loan, the whole process took less than 13 seconds.
Wintermute: $160 million
The London-based cryptocurrency market maker lost $160 million in a cyberattack that took place on September 20.
Founder and CEO Evgeny Gaevoy said the attack likely came from a service Wintermute had used called Profanity, which creates “vanity addresses” for digital asset accounts.
These trading accounts were part of Wintermute’s DeFi business, which it uses to make quick trades on decentralized exchanges like Uniswap and SushiSwap.
It appears that the hackers were able to use brute-force computing to generate all possible passwords to a company “vanity address”.
Maiar Exchange: $113 million
The Maiar Exchange hack is yet another incident in an undoubtedly continuous string of hacks in the crypto world. The decentralized exchange (DEC) suffered a massive loss of $113 million worth of Elrond eGold (EGLD).
According to Foudres, a blockchain researcher, the hackers used a smart contract, using three wallets to loot a substantial stake of assets from the exchange wallet, all summing at $113M.
Foudres stated that the hackers were able to sell 800,000 EGLD, which is approximately worth $54M. The CEO, however, implied that a notable amount of stolen assets had already been recovered.
Mango Markets: $112 million
Avraham Eisenberg squeezed the liquidity of the Mango Markets exchange in mid-October, siphoning off $112 million worth of tokens and forcing the company to use the assets in its treasury to fund bad debt it took on to bail out an investor in 2022.
The theft took place through two USDC accounts that Eisenberg maintained on the platform, according to Mango.
Eisenberg opened long shorts on futures contracts on the currency by selling from one account and buying in the other by manipulating the price of the token.
As the price increased tenfold on other decentralized exchanges, Eisenberg raised about 420 million dollars in unrealized gains and then proceeded to withdraw over $116 million from all cryptocurrencies available on Mango, effectively withdrawing all funds deposited in the decentralized economy protocol.
BNB Smart Chain: $110 million
Hackers managed to siphon approximately $110 million from Binance’s BSC Token Hub on October 6.
The cross-chain bridge between two blockchains connected to Binance – the BNB Smart Chain (BSC) and the BNB Beacon Chain – was exploited after a planned update.
According to analysts and blockchain data, hackers exploited a bug in the bridge’s verifications that allowed them to forge approval messages and deposit the money into their account.
They managed to cut 2 billion BNB tokens, attempting to siphon $560 million from the “bridge”, but in the end the hackers managed to steal $110 million.
Harmony Horizon Bridge: $100 million
Harmony’s key bridge between the Ethereum and Binance blockchains was breached in June, with hackers removing $100 million worth of cryptocurrency.
Although the protocol did not disclose how the funds were extracted, the cyberattack appears to have hit a series of 14 transactions.
Prior to the June cyberattack, blockchain officials were concerned about the security mechanisms of the “bridge” as they estimated that the multi-signature wallet was vulnerable to hacking.
With information from Forbes