By 2022, hackers have managed to steal approximately $3.8 billion from crypto investors. This is an increase of 13% from a year earlier and also marked a new record within the crypto industry.
Mainly DeFi protocols victimized
This confirms that crypto-related hacks are unfortunately becoming more common. It also indicates that security within the crypto industry, and in particular the DeFi industry, remains a major obstacle for the entire industry.
The DeFi protocols within the crypto industry have had by far the most breaches in the past year, with the highest amount of theft. Hackers reportedly stole $3.1 billion of the $3.8 billion total from DeFi protocols, accounting for some 82% of total crypto hacks over the past year.
A new part of the crypto industry, Defi relies on programmable software known as smart contracts, which when used on a public blockchain generally offer more transparency at both the code and transaction level than the rest of crypto.
This is also reflected in the amount held within DeFi protocols, which is approximately $53.7 billion. Yet DeFi is currently still very sensitive to hacks, something that should change. Several DeFi protocols are currently victims of cyber attackers.
Cross-Chain-Bridges are regularly operated
Several cross-chain bridges have also fallen victim to hackers. These bridges allow users to move digital assets from one blockchain to another quite easily. However, it does not appear to be completely safe, because several major hacks have taken place here in the past year.
To allow these assets to switch blockchains, a smart contract locks the assets on one blockchain, then stores an equivalent asset on another blockchain. This is comparable to a transaction on a foreign exchange exchange. However, this procedure has been found to be vulnerable to exploits. The blockchain research company Chainalysis said the following:
Bridges are an attractive target for hackers because the smart contracts essentially become huge, centralized repositories of funds that support the assets bridged to the new chain.
Such bridges must therefore be properly secured, because when they become large enough, any error can potentially cost an enormous amount of money. Bad actors will exploit the vulnerabilities whenever possible. We have seen this at various bridges, including Ronin, where $625 million could be stolen.
One of the largest hacker groups that carry out such attacks is the well-known ‘Lazarus Group’ from North Korea. After further research, it turned out that North Korea accounts for about 45% (approximately $1.7 billion) of the above attacks.
By then using crypto mixing services like Tornado Cash, the hackers make it more difficult for investigators to ever find the stolen funds.