Security is one of the biggest challenges for crypto users and service providers in the digital asset industry. In recent years, numerous hacks, scams, and other security breaches have occurred targeting cryptocurrency exchanges, wallets, and other related platforms.
Unsurprisingly, 2021 and 2022 have witnessed the biggest single hacks by value, in the history of cryptocurrencies. A majority of these attacks targeted Decentralised Finance (DeFi) protocols, with the malicious players taking advantage of this nascent ecosystem.
Given how rampant crypto security breaches have become, it is important for both crypto natives and firms to be aware of these potential risks and take steps to protect their assets.
In this article, we will review in detail the current state of security in the crypto industry.
Most Common Vulnerabilities and Hacks Associated with Defi
While the philosophy of decentralization is the anchor to the DeFi ecosystem, smart contract codes are not error-free. All it takes is a small bug or vulnerability for attackers to take over the protocol. Below are some of the most common attacks in De-Fi:
1. Flash Loan Attacks
A flash loan attack is one of the most common types of exploit in the DeFi (Decentralised Finance) space. It is a type of malicious attack that allows an attacker to borrow a large amount of funds from a DeFi protocol in a very short amount of time, usually in a single transaction, and then use those funds to manipulate the market.
The attacker can then quickly return the loaned funds, with the profits from their market manipulation, before the loan is even registered on the blockchain. Flash loan attacks are particularly dangerous because they can be executed without the attacker having to put up any of their own funds, and the attack can be executed almost instantaneously.
2. 51% Attacks
A 51% attack is a type of attack that occurs when a single entity (or group of entities) assumes control of more than 50% of the computing power of a decentralized network. This entity can then manipulate the consensus rules of the network, including double spending, halting transactions, and changing the ledger in any way they see fit. This type of attack is especially concerning in decentralized finance (DeFi) protocols, as it can be used to steal funds from users and disrupt the network.
3. Bug Exploitation Attacks
Bug exploitation attacks in blockchain refer to the use of vulnerabilities or weaknesses in the code of a blockchain network or decentralized application (DApp) to gain unauthorized access or control. These attacks can be used to steal cryptocurrency or personal data, disrupt the normal functioning of the network or DApp, or manipulate data stored on the blockchain. These attacks can occur at different levels in a blockchain system, such as the protocol, smart contract, or application levels. For example, an attacker may exploit a vulnerability in the protocol to create fraudulent transactions, block legitimate transactions, or exploit a weakness in a smart contract to manipulate its behavior or steal assets.
Biggest DeFi Hacks of 2022
According to crypto intelligence firm Chainalysis, 2022 holds by far the largest number of cryptocurrency heists recorded, totaling $3 Billion as of October 2022. Interestingly the top 10 biggest cryptocurrency hacks of 2022 were all DeFi, surpassing the total value stolen in 2020 and 2021 combined.
Below is a summarised breakdown of the biggest DeFi hacks in 2022;
1. Wormhole
On February 2, a hacker successfully exploited a security flaw in the Wormhole protocol, a cross-chain crypto network connecting Solana, Ethereum, Avalanche, and other major networks. According to analytics firm Elliptic, the vulnerability stemmed from the protocol's lack of "guardian" account validation, which allowed the attacker to create 120,000 wETH without any Ethereum backing. The hacker then converted 93,750 wETH into Ethereum and the rest into Solana, resulting in a total loss of nearly $320 million.
On February 2, a hacker successfully exploited a security flaw in the Wormhole protocol, a cross-chain crypto network connecting Solana, Ethereum, Avalanche, and other major networks. According to analytics firm Elliptic, the vulnerability stemmed from the protocol's lack of "guardian" account validation, which allowed the attacker to create 120,000 wETH without any Ethereum backing. The hacker then converted 93,750 wETH into Ethereum and the rest into Solana, resulting in a total loss of nearly $320 million.
2. Ronin Exploit
The Ronin Validator suffered a major security breach in March 2022 where 173,600 ETH and 25.5 million USDC ($615.5 million) were stolen. The hackers, who are believed to be part of the Lazarus Group, compromised the Sky Mavis's Ronin and Axie DAO validator nodes, allowing them to steal private keys and make fake withdrawals. This is considered the largest DeFi hack to date.
The Ronin Validator suffered a major security breach in March 2022 where 173,600 ETH and 25.5 million USDC ($615.5 million) were stolen. The hackers, who are believed to be part of the Lazarus Group, compromised the Sky Mavis's Ronin and Axie DAO validator nodes, allowing them to steal private keys and make fake withdrawals. This is considered the largest DeFi hack to date.
3. Beanstalk Attack
On April 18th, 2022, the Beanstalk attack occurred, becoming one of the largest flash loan attacks. By exploiting a one-day delay in the $BEAN governance proposal contract, the hacker was able to take out a flash loan and gain control of over 70% of all seeds. This gave them access to 350 million DAI, 500 million USDC, 150 million USDT, 32 million BEAN, and 11.6 million LUSD. Eventually, the hacker was able to transfer $182 million although Beanstalk claims they only made away with $80 million.
On April 18th, 2022, the Beanstalk attack occurred, becoming one of the largest flash loan attacks. By exploiting a one-day delay in the $BEAN governance proposal contract, the hacker was able to take out a flash loan and gain control of over 70% of all seeds. This gave them access to 350 million DAI, 500 million USDC, 150 million USDT, 32 million BEAN, and 11.6 million LUSD. Eventually, the hacker was able to transfer $182 million although Beanstalk claims they only made away with $80 million.
4. Nomad Bridge Attack
On Aug. 2, a group of hackers stole $190 million in cryptocurrency by compromising the Nomad token bridge, a platform that allows users to swap tokens between various blockchain ecosystems. The attack exploited a flaw in the platform's smart contract, allowing the hackers to repeatedly withdraw more assets than they had deposited. Unfortunately, the Nomad team was unaware of the breach until it was too late.
On Aug. 2, a group of hackers stole $190 million in cryptocurrency by compromising the Nomad token bridge, a platform that allows users to swap tokens between various blockchain ecosystems. The attack exploited a flaw in the platform's smart contract, allowing the hackers to repeatedly withdraw more assets than they had deposited. Unfortunately, the Nomad team was unaware of the breach until it was too late.
5. Maiar Hack
Hackers exploited a loophole in the decentralized exchange Maiar and stole approximately 1.65 million Elrond Egold (EGLD) tokens, worth approximately $113 million, in June. The attackers used a smart contract and three different wallets to execute the theft, then quickly sold 800,000 of the stolen EGLD tokens for a total of $54 million on the same DEX. The remaining EGLD was either sold on centralized exchanges or exchanged for Ethereum.
Hackers exploited a loophole in the decentralized exchange Maiar and stole approximately 1.65 million Elrond Egold (EGLD) tokens, worth approximately $113 million, in June. The attackers used a smart contract and three different wallets to execute the theft, then quickly sold 800,000 of the stolen EGLD tokens for a total of $54 million on the same DEX. The remaining EGLD was either sold on centralized exchanges or exchanged for Ethereum.
Centralized Exchanges: Crypto’s Biggest Honeypot
Self-custody is probably one of the most preached mantras in the crypto community. Beyond the paranoia of having a service provider handle your assets, the need for absolute control over one’s funds has been proven time and time again, especially given how susceptible CEXs are to attacks, even when the dev part of these CEXs is well-checked.
Centralized crypto platforms are susceptible to various types of security risks; of the major risks is exposure to cyber-attacks. In several instances in the past, hackers have compromised centralized crypto exchanges, resulting in the loss of millions of U.S. dollars worth of clients’ funds.
While there were only a handful of attacks on centralized exchanges this year, several high-profile players were caught unawares:
1. Crypto.com January 2022 Hack
On January 17, 2022, Crypto.com, one of the world's most popular crypto apps and well-known exchanges, experienced a data breach that resulted in 483 customer accounts being compromised. The exact cause of the breach is yet to be determined. However, the CEO of Crypto.com, Kriz Marszalek, confirmed the security breach, resulting in the exchange shutting down certain services for 13-14 hours. Reports indicate that 4,836.26 ETH, 443.93 BTC, and approximately US$66,200 in other currencies were stolen from the cryptocurrency exchange.
On January 17, 2022, Crypto.com, one of the world's most popular crypto apps and well-known exchanges, experienced a data breach that resulted in 483 customer accounts being compromised. The exact cause of the breach is yet to be determined. However, the CEO of Crypto.com, Kriz Marszalek, confirmed the security breach, resulting in the exchange shutting down certain services for 13-14 hours. Reports indicate that 4,836.26 ETH, 443.93 BTC, and approximately US$66,200 in other currencies were stolen from the cryptocurrency exchange.
2. Binance’s BNB Chain $570 million hack
At first, it was reported that $100 million had been hacked. However, soon the number rose drastically to $570 million after 2 million BNB tokens were withdrawn. Changpeng Zhao (“CZ”), the Binance co-founder and CEO, revealed that the hack occurred on a cross-chain bridge, BSC Token Hub, which enables users to move digital assets from one blockchain to another. The hackers were able to generate 2 million BNB tokens out of thin air by exploiting a security flaw in the bridge. The attacker then sent themselves one million BNB tokens twice in a row.
At first, it was reported that $100 million had been hacked. However, soon the number rose drastically to $570 million after 2 million BNB tokens were withdrawn. Changpeng Zhao (“CZ”), the Binance co-founder and CEO, revealed that the hack occurred on a cross-chain bridge, BSC Token Hub, which enables users to move digital assets from one blockchain to another. The hackers were able to generate 2 million BNB tokens out of thin air by exploiting a security flaw in the bridge. The attacker then sent themselves one million BNB tokens twice in a row.
3. FTX Hacked Amid Bankruptcy Process
On November 12, 2022, the embattled exchange FTX was hacked, resulting in the theft of approximately USD 60 million. The hack occurred as FTX was entering into Chapter 11 bankruptcy proceedings. The exact cause of the hack is unknown, though reports suggest that an inexperienced insider may have transferred the funds to a Kraken wallet.
On November 12, 2022, the embattled exchange FTX was hacked, resulting in the theft of approximately USD 60 million. The hack occurred as FTX was entering into Chapter 11 bankruptcy proceedings. The exact cause of the hack is unknown, though reports suggest that an inexperienced insider may have transferred the funds to a Kraken wallet.
Building a More Robust Crypto Security Framework
Cryptocurrency has become increasingly popular, with many uses and applications in recent years. However, as with any financial system, it is important to ensure that the system is secure and protected against potential threats. Building a more robust crypto security framework is essential for ensuring the safety and reliability of cryptocurrency transactions and protecting against unauthorized access or attacks.
Stakeholders need to implement several frameworks to help build a healthy crypto environment. Such frameworks include regular security audits, secured storage handling, regulators' ban on private crypto assets, pausing the chain, etc.
Finally, security in the digital asset industry is a complex and evolving issue. While significant progress has been made in improving security measures, the industry still faces challenges such as increasing sophistication of cyber threats and dApps that still require plenty of work in their functionality. To protect themselves and their assets from attacks, crypto users and investors can use stronger passwords, enable 2-factor authentication, use hardware wallets, and use reputable exchanges.
Also published here.