Last year was one of the biggest years for hackers stealing cryptocurrency with over $2.8 billion in cryptocurrency stolen in 2022.
A new report from CoinGecko, which analyzed data from DeFiYield’s REKT Database, reveals that cybercriminals used various methods to siphon funds through hacks and exploits, resulting in losses of over $2.8 billion in 2022.
Almost half of the total crypto stolen in 2022 was obtained through a range of methods, including market manipulation, ‘crowd looting,’ and smart contract and bridge exploits.
The biggest hack of the year came in March when North Korean hacking group Lazarus gained access to five private keys that were used to sign transactions from five Ronon Network validator nodes, draining 173,600 ETH and 25.5 million USDC from the bridge. This type of attack is referred to as an “access control exploit”.
CoinGecko explains that an access control exploit occurs when attackers gain access to wallets or accounts through compromised private keys, networks, or security systems. Cross-chain bridge hacks were prevalent in 2022, with 65% of funds stolen from these types of attacks alone.
The second largest exploit of 2022 took place in February, with attackers bypassing verification with a forged signature on the Wormhole token bridge before minting $326 million worth of crypto. This was due to Wormhole’s failure to validate “guardian” accounts, allowing hackers to mint tokens without the required collateral.
In August 2022, Nomad, a bridging protocol supporting Ethereum, Moonbeam, and other chains, was a victim of a “crowd looting” incident. A security issue in Nomad’s smart contract let people withdraw funds without proper verification, which led to the third-largest exploit in crypto history. This incident resulted in a loss of $190 million and attracted many people who took advantage of the vulnerability.
Following the initial breach, news of the event spread, and hundreds of users joined in, ultimately looting $190 million.
In October 2022, Mango Markets, a crypto exchange built on the Solana blockchain, suffered a major hack, resulting in the loss of over $116 million in funds. The hacker, later identified as Avraham Eisenberg, took advantage of the project’s lack of liquidity to carry out the attack.
Eisenberg employed a technique known as market manipulation, whereby he purchased and artificially inflated the price of Mango (MNGO) tokens. He then took out large under-collateralized loans from the project’s treasury, ultimately stealing millions of dollars in funds.
The attack on Mango Markets underscores the need for increased security measures to protect against market manipulation and other forms of cybercrime in the cryptocurrency space.
Top methods used by crypto hackers
Flash loan attacks
The third most common method used by crypto hackers, flash loan attacks, resulted in the theft of $24 million in funds, making up 8.7% of the total losses in the previous year. These attacks involve borrowing funds without collateral, manipulating a cryptocurrency’s price on one exchange, and reselling it on another to make a profit.
Flash loan attacks are popular among hackers because they’re quick and easy, requiring no initial investment or technical knowledge.
Reentracy attacks
After the flash loan attacks, the next most successful methods used by hackers to steal cryptocurrency were reentrancy attacks. This type of malicious attack involves attackers making use of a malicious smart contract that makes multiple withdrawals from a target, leading to over $81 million being stolen in 2022 alone.
Hackers using oracle issues managed to gain access to an oracle service and manipulate its price feed data in order to enforce smart contract failure or gain from flash loan attacks, resulting in around $54 million being stolen.
Phishing attacks
Lastly, phishing attacks were least prevalent but still saw a total of $17 million worth of cryptocurrency illegally obtained through social engineering techniques such as stealing login credentials and private keys.
The report shows that cybercriminals continue to find new and innovative ways to exploit vulnerabilities in the crypto space, causing significant losses to investors.
As the crypto market grows, it is essential for individuals and companies to take necessary precautions to protect their assets from these types of attacks.
In February 2023, an oracle attack on AllianceBlock resulted in the theft of an estimated $120 million. This is the largest hacking incident to date in the new year and serves as a reminder of the importance of remaining vigilant in the ever-evolving crypto landscape.