Hackers have drained US$ 1.4 billion worth of crypto so far in 2022
A research conducted by Chanalysis shows that hackers have stolen approximately US$ 1.4 billion worth of crypto between January 2022 and now. The popular method is to target cryptocurrency bridges.
Cryptocurrency bridges link blockchains together to enable interactions between them. In turn, users can send and receive cryptocurrency from one chain to the other. It has become vulnerable to hacks as it allows bad actors to bypass a centralized exchange and its security measures to access the funds.
‘Blockchain bridges have become the low-hanging fruit for cyber-criminals, with billions of dollars worth of crypto assets locked within them. Hackers have breached these bridges in various ways, suggesting that their level of security has not kept pace with the value of assets that they hold,’ at Elliptic’s co-founder and chief scientist Tom Robinson said in an interview.
According to Chainalysis’ data, the amount stolen in bridge hacks account for 69% of funds stolen in crypto-related hacks since the beginning of 2022.
Most recently, hackers drained almost US$ 200 million in cryptocurrency from Nomad, a tool that lets users swap tokens from one blockchain to another in early August.
Back in February, Wormhole, one of the most popular bridges linking the Ethereum and Solana blockchains and endorsed by Wall Street high-frequency trading company Jump Trading, lost over US$ 320 million as a result of a bridge hack.
The biggest hack in history also occurred in March this year, which saw a record US$ 615 million stolen from the Ronin bridge, which supports the popular NFT game Axie Infinity. Several institutions conducted an investigation to trace the hacker, results by the US Federal Bureau of Investigation (FBI) identified the North Korean collective – the Lazarus Group as the culprits.
Hackers only needed to manipulate the validators whilst they were approving transactions on the bridge. They only needed to compromise five out of nine validators to give over their private keys they needed to gain access to the crypto funds locked inside the network.
Sky Mavis, the company that operates the sidechain subsequently reimbursed all victims of the hack and reopened the Ronin bridge at the end of June.