The security of blockchain projects has long been touted, but recent events in 2022 have exposed vulnerabilities, dispelling the notion of infallibility. In a series of successive attacks, the myth of impenetrable blockchain security was shattered. Startlingly, blockchain data platform Chainalysis reported that users lost over $3 billion worth of cryptocurrency in 2022 due to these breaches. Take a look at the largest crypto hacks to date.
Ronin Network — $625 million
In March, an incident unfolded where a hacker illicitly acquired user funds valued at $625 million from the Ronin Network. The Ronin Network is a side chain, serving as a subset within a larger blockchain ecosystem, specifically supporting the blockchain-based game Axie Infinity. Exploiting the theft by obtaining private keys, the hacker executed fraudulent withdrawals, transferring hundreds of millions from the network. Shockingly, this breach went undetected until a week after the attack took place.
According to U.S. officials, the theft was attributed to Lazarus Group, a hacking collective backed by the North Korean state. Binance, in a remarkable effort, managed to recover $5.8 million of the stolen funds approximately a month later. Nevertheless, this incident still stands as the most significant hack in history, considering the magnitude of the funds initially taken.
FTX — $477 Million
Amidst the initiation of FTX’s bankruptcy proceedings on November 11 and 12, a sequence of unauthorized transactions occurred within the exchange. According to Elliptic, an estimated $477 million worth of cryptocurrency was pilfered during this period. The incident marked a significant breach in the security measures of FTX, leading to substantial financial losses.
The crypto exchange confirmed the hack on its Telegram channel, saying: ”FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don’t go on FTX site as it might download Trojans.”
During an interview on November 16, Sam Bankman-Fried expressed his belief that the individual responsible for the unauthorized transactions at FTX was either a former employee or someone who had installed malware on a former employee’s computer. He further revealed that he had narrowed the list of potential perpetrators to eight individuals before being locked out of the company’s systems.
Wormhole Bridge — $325 million
In February, a hacker specifically targeted a cross-chain bridge called Wormhole. The Wormhole protocol facilitates the seamless transfer of funds across multiple chains, including Ethereum (ETH). Exploiting vulnerabilities within the protocol’s validation system, the hacker deceptively generated a substantial amount of wrapped Ethereum (WETH), a token pegged to the value of Ethereum. Subsequently, they utilized the Wormhole to convert the ill-gotten WETH into ETH, ultimately absconding with approximately $325 million worth of cryptocurrency.
Nomad Bridge — $190 Million
On August 2, the Nomad token bridge, a platform enabling users to exchange cryptocurrencies across various blockchains, fell victim to multiple attackers who drained approximately $190 million. The exploit was made possible due to a smart contract vulnerability, specifically a failure in properly validating transaction inputs. Differing from other hacks mentioned in this compilation, this particular incident involved the participation of numerous individuals. It is worth noting that this attack may not have been orchestrated by a coordinated group. Instead, upon learning about the exploit, many people hastily seized the opportunity, each independently capitalizing on the situation based on their own individual motivations and initiatives.
Beanstalk Farms — $182 million
Beanstalk Farms is a stablecoin protocol based on Ethereum. Within the protocol, a native governance token known as STALK was utilized. To facilitate the transfer of assets out of Beanstalk Farms, individuals were required to obtain approval from a majority of STALK token holders. This governance mechanism ensured that asset transfers underwent a democratic decision-making process, where the consent of a significant proportion of STALK holders was necessary to proceed with the transaction.
In a remarkable turn of events, the hacker acquired a controlling stake of 67% in the project by borrowing a staggering $1 billion. Exploiting this newfound control, they authorized a swift transfer of funds to their own wallet before promptly repaying the loan and vanishing into thin air. Astonishingly, the entire process, from executing the hack to completing the transaction, unfolded within a mere 13 seconds.
Wintermute — $162 million
During September, Wintermute, a prominent crypto market maker, experienced a substantial loss of $162 million in a significant hacking incident. The precise method employed in the attack remains unclear, although security firms have speculated that crucial private keys were either leaked or compromised through a brute-force attack. In the aftermath of the hack, certain cryptocurrency researchers suggested the possibility of insider involvement, although this assertion has yet to be verified or officially confirmed. The incident underscored the ongoing challenges and risks faced by entities operating within the crypto industry, prompting heightened awareness of the importance of robust security measures and constant vigilance against potential threats.