Cryptocurrencies have emerged as one of the most valuable innovations in recent times, albeit with the burden of uncertainties holding them back. Blockchain technology, the foundation of cryptocurrencies, serves as a formidable framework for ensuring many value advantages over conventional digital currencies. At the same time, blockchain has birthed a massive ecosystem of decentralized applications and smart contracts.
The growth of blockchain and crypto has also been inflicted with some of the largest crypto hacks that have stirred the foundations of trust in cryptocurrencies and blockchain applications. Can people entrust their valuable assets to crypto and blockchain platforms? The concerns of volatility affect the decisions of individuals interested in cryptocurrencies, and crypto hacks could discourage them further. The following post offers an outline of some of the biggest hacks in the domain of crypto so far.
The Necessity for Learning about Crypto Hacks
One of the foremost questions that come to mind when you search for the biggest crypto hacks revolves around blockchain technology. Isn’t blockchain supposed to offer cryptographic security? While blockchain has been tailored to offer decentralization, scalability, and security, it can struggle to balance all three value factors.
At the same time, blockchain applications such as cryptocurrencies impose the responsibility of application and asset security on the user itself. Therefore, a small error on behalf of users could lead to breaches and loss of assets. The sheer volume of crypto hacks every year showcases the urgency for learning more about them and determining safety measures.
On top of it, hackers also seek vulnerabilities in the code underlying blockchain and crypto applications. For example, hackers exploited the software vulnerability of a web3 music platform, Audius, and compromised $1.1 million worth of assets. Within the first half of 2022, crypto hacks had resulted in the loss of almost $2 billion. Alarmingly, the number has increased to $3 billion by October 2022, with around 125 crypto hacks. As cryptocurrency hacks continue to increase in magnitude and severity, the total losses to crypto hacks in 2022 might surpass the $3.2 billion mark set in 2021.
Renowned Crypto Hacks in Recent Times
The losses due to crypto hacks continue climbing higher with each passing year. According to the findings of Chainlist, centralized exchanges have always been the primary targets of crypto hacks. However, DeFi platforms emerged as the new victims of hackers, especially due to their dependence on smart contract codes.
Therefore, an overview of the notable crypto hacks could offer a clear impression of what went wrong with the protocols. In addition, you can also learn about the recovery of protocols from recent crypto hacks and obtain insights regarding security. Here is an outline of the notable crypto hacks so far, with a detailed description of all associated events.
Want to know more about DeFi? Enroll Now in our Introduction To DeFi – Decentralized Finance Course.
Axie Infinity Ronin Bridge
One of the most notable entries among crypto hacks in 2022 would refer to the $625 million hack on Ronin Network. Hackers compromised access to many of the cryptographic keys used for the security of the cross-chain bridge of Axie Infinity. Apparently, an Axie developer clicked on a fraudulent job offer in the form of a PDF. The attacker stole four out of the nine private keys used for authenticating transactions and transferred around 25.5 million USDC and 173,600 ETH to their wallets.
The network discovered the hack upon the efforts of a customer to make a legitimate withdrawal. According to Sky Mavis, the founders of Axie Infinity, they have employed the assistance of forensic cryptographers, law enforcement officials, and investors to avoid any further loss of funds. Following the attack, the Ronin Bridge introduced more validators, albeit with a humongous loss of user trust.
Another prominent example in the crypto hacks list would refer to the popular centralized exchange Crypto.com. It suffered a loss of $35 million in a cryptocurrency hack on January 17, 2022. What was the cause behind the Crypto.com hack? The answer was evident in the disabled two-factor authentication. Hackers had disabled the integral identity verification mechanism and transferred Bitcoin and Ether from the accounts of customers.
On the other hand, the CEO of Crypto.com had initially denied the loss of funds in the crypto hack. However, the exchange had to acknowledge the hack a few days later. In response to the attack, the company has planned to introduce multi-factor authentication for user credentials.
Want to become a bitcoin expert? Enroll Now in our Getting Started with Bitcoin Technology course.
The next addition among top crypto hacks in recent times would point to the case of the Binance exchange. With a loss of $570 million, the Binance exchange hack in October 2022 emerged as one of the high-profile attacks. The root of the hack was the BSC Token Hub, a cross-chain bridge. Hackers exploited the bridge and created additional BNB tokens, followed by withdrawing 2 million BNB tokens. The hack pointed out the necessity for refining blockchain security further with an emphasis on resolving security bugs in smart contract code.
IRA Financial Trust
The IRA Financial Trust also incurred a loss of almost $37 million in a crypto hack on February 8, 2022. It is a crypto-based retirement and pension disbursal system with the potential to encourage mainstream adoption of cryptocurrencies. However, hackers compromised assets on the platform by accessing a master key, which helped them overcome all the security measures.
The response of IRA Financial Trust towards the hack was directed toward Gemini. Apparently, the IRA Financial Trust used the services of Gemini crypto exchange for storing customer funds. The crypto exchange has been accused of negligence leading to the hack, thereby calling for security improvements.
Want to become a Cryptocurrency expert? Enroll Now in Cryptocurrency Fundamentals Course
The list of largest crypto hacks so far would also draw the limelight on Wormhole, a DeFi application. Wormhole worked as a Solana to Ethereum bridge and incurred losses worth $325 million in a crypto hack on February 2, 2022. Hackers had exploited the smart contracts on the platform for minting and cashing out wrapped Ether without any collateral deposits.
The smart contract vulnerability was possible due to an upgrade to the GitHub repository of the protocol, which had not been implemented in the live project. The Wormhole hack apparently qualified as the biggest theft of Solana, one of the notable competitors to Ethereum, with a loss of $47 million worth of SOL tokens.
Subsequently, the network had to replenish the assets on the project in the lack of recovery of the funds. The venture capital firm backing the Wormhole protocol, i.e., Jump Crypto, maintained the solvency of the affected Solana-based platforms. In addition, Wormhole also changed the name of its bridge to “Portal.” As of now, the DeFi platform holds around $480 million worth of assets.
Want to learn about Ethereum Technology? Enroll now in The Complete Ethereum Technology course.
The Qubit QBridge hack also garnered headlines in January 2022, with losses amounting to almost $80 million. It is one of the notable recent crypto hacks which showcase the exploitation of vulnerabilities in smart contract code. Hackers manipulated the smart contract bug on QBridge by Binance-based Qubit Finance, like the case of the Wormhole hack.
The hackers were able to mint wrapped Ether tokens without having to deposit any collateral. On the other hand, the response of Qubit Finance to the hack serves as a proven reference for recovering from hacks. The Qubit Finance developer team reduced the staff behind the protocol and reimagined the platform as a DAO or decentralized autonomous organization.
The overview of different cryptocurrency hacks noted in recent times would also include the hack on Beanstalk. As a matter of fact, the exploitation of Beanstalk showed how ‘flash loans‘ can serve as a vulnerability for DeFi platforms. The hacker exploited the Beanstalk DeFi platform by borrowing a flash loan of $1 billion. Flash loans are an innovative and helpful DeFi product that helps users in borrowing cryptocurrency for smaller periods of time. The hacker introduced a proposal for donating funds to Ukraine and passed it, inviting users to deposit collateral in the project.
Then, the hacker used the $1 billion flash loan to assume a 67% controlling stake in the project. After gaining a majority stake, the hackers approved fund transfers to the crypto wallets without loan repayment. Interestingly, the time required for the execution of the hack was only 13 seconds. The response of developers to the hack focused on pausing the protocol operations alongside conducting audits. In addition, Beanstalk is also working on collecting the required amount of funds with plans for reopening deposits.
Learn more about crypto wallets with our FREE presentation on Crypto Wallet Types Explained
Nomad Token Bridge
The Nomad Token Bridge hack also accounts for one of the biggest crypto hacks, with a loss of almost $190 million. The cross-chain protocol bled cryptocurrencies within a few hours and led to formidable damage. Apparently, the hack was traced back to vulnerabilities introduced in the protocol through a routine update. Hackers exploited the vulnerability for transferring assets only by editing the code associated with a prior transaction.
The problem with the attack on Nomad Token Bridge is evident in how it started with one hacker, and many others followed suit. As a matter of fact, it even qualified as the first decentralized crowd looting for a major cryptocurrency bridge. On top of it, the chaotic turn of events in the Nomad Token Bridge also presents proof of how crypto hacks have evolved. The Nomad protocol has repositioned its identity as a ‘security-first cross-chain messaging protocol’ in response to the hack.
The examples in the crypto hacks list would also include the mention of the attack on Harmony Bridge. It resulted in losses worth $100 million and presented another lesson in crypto security. The cause of the hack was the Lazarus Group, which has connections with North Korea.
Apparently, the Lazarus Group took over two of the five security keys of the Binance-Ethereum Bridge. As a result, the malicious agency could approve transactions and siphon assets away from the bridge. In response to the incident, Harmony Bridge needs four of the five validator keys to achieve consensus regarding transactions. On the other hand, it has not come up with any specific plans for compensating the users.
Learn how to design and secure blockchain systems and distributed applications with our Certified Blockchain Security Expert (CBSE) Certification Course today!
The recent additions among renowned crypto hacks also feature Cashio. It lost around $52 million to a hack in March 2022 with a unique exploit. Hackers used the infinite mint glitch through a collection of fake accounts for depositing collateral without any value for the CASH stablecoin on Cashio. As a result of the hack, the peg for the CASH stablecoin crashed down to zero. The more alarming detail in the case of the Cashio hack refers to the fact that the platform has not been able to recover from it.
Want to learn the basic and advanced concepts of Stablecoin? Enroll in our Stablecoin Fundamentals Masterclass Now!
The Fei protocol hack is also one of the notable crypto hacks in 2022, which deserve everyone’s attention. The hack took place on April 30, 2022, and resulted in a loss of $80 million worth of assets. Hackers exploited a reentrancy bug within the crypto lending protocol for taking out loans alongside withdrawing the collateral for concerning loans.
Fei users came up with an interesting proposal as their response to the hack. The proposal focused on empowering investors by enabling repayment for the bad loan by hackers. Subsequently, the FEI stablecoin has been able to maintain its dollar peg after recovering from the hack.
The final addition among the recent crypto hacks would point at Wintermute, the popular cryptocurrency market maker. The DeFi platform encountered losses of almost $162 million in the recent hack in September 2022. With over $200 million owed to other participants in the DeFi market, Wintermute has a lot to deal with. After the hack, Wintermute announced a 10% bounty to the hacker for returning the funds.
Interested in Defi? Get our FREE eBook today on An Introduction to Dcenteralized Finance (DEFI)
The outline of the most notable crypto hacks in recent times paints a grim picture for crypto enthusiasts. Even the cryptographic security of blockchain fails to safeguard cryptocurrencies from theft. You must have noted the different causes of top crypto hacks alongside the constantly evolving complexities.
At the same time, the details of the hacks also showcase how protocols could recover from any potential hacks. Most important of all, the list of crypto hacks encourages the urgency for learning the best practices for blockchain security. Develop your expertise in blockchain and crypto security now.
*Disclaimer: The article should not be taken as, and is not intended to provide any investment advice. Claims made in this article do not constitute investment advice and should not be taken as such. 101 Blockchains shall not be responsible for any loss sustained by any person who relies on this article. Do your own research!