FTX, Axie Infinity and other crypto hacks and scandals that took over $3 billion from victims this year
By Anushree Dave
From January to November, crypto hackers stole over $3 billion from victims, reports show
A year of headline-grabbing hacks and scandals made 2022 a tough year for securing digital assets.
Victims lost $3 billion to crypto hacks in 2022, according to Chainalysis, up from $2 billion lost in 2021.
Another estimate shows that victims of major hacks and scandals have lost a total of $4.3 billion, according to data security firm Privacy Affairs. The same report shows that Americans lost $329 million in the first quarter of 2022 alone, long before the collapse of crypto exchange FTX, where hackers allegedly drained wallets after it filed for bankruptcy.
Here is a list of many of the most important and notable hacks of 2022 and how they happened, listed in chronological order:
Wormhole Crypto Bridge — $320 million
In February, Wormhole, the name of a protocol that helped facilitate the movement of digital assets from one blockchain to another blockchain network (a blockchain is a digital database that underpins cryptocurrencies), was hacked for over $320 million worth of crypto. The hacker found a vulnerability in Wormhole’s smart contract, which allowed the attacker to abuse a large number of crypto-tokens.
Jump Crypto, a trading and VC firm, eventually replaced the stolen 120,000 ETH, to support Wormhole.
Axie Infinity — $625 million
In March, hackers stole $625 million worth of cryptoassets from gaming-focused Ronin Network, which hosted a game called Axie Infinity. At its peak in 2021, Axie Infinity’s play-to-earn game model allowed players in Southeast Asia to earn a living playing the game.
But Sky Mavis, the team behind Axie Infinity, noted in a blog post that hackers were able to steal validator keys, allowing them to take control of the Ronin network. They stole about 173,000 ether, or about $597 million at the time, and $25 million worth of stablecoin USDC, for a total of about $625 million, in what is considered the largest decentralized finance exploit to date.
In April, the FBI attributed the hacking to North Korea’s Lazarus hacking group. That same month, Sky Mavis ended up raising $150 million led by Binance to return the stolen funds to users.
Beanstalk Farms — $182 million
In April, blockchain analytics company Peck Shield noticed a hack of Beanstalk Farms, a decentralized financial protocol that aimed to balance supply and demand of cryptocurrency assets.
The hacker exploited the project’s governance system, which, like most DeFi projects, operates with a majority. The creators of Beanstalk made it so that participants can vote to make changes to the code. Participants were given voting rights based on the ratio of the value of the tokens they held, which created an opportunity for the hackers.
The attack was facilitated using a DeFi product called a “flash loan” that allows people to borrow a large amount of crypto for a short period of time, sometimes just minutes or seconds. Usually these are meant to provide liquidity for price arbitrage opportunities, but in the case of Beanstalk it was used to gain majority voting rights and approve the execution of code that transferred assets to their own wallet. The hacker immediately repaid the flash loan and made around $80 million in profit. In PeckShield’s analysis, the firm found that Beanstalk Farms had lost $182 million in total from the hack.
In October, a flash loan was also used in another attack on Solana-based lending platform called Mango Markets to funnel over $100 million in customer deposits from the platform. Avraham Eisenberg was arrested in Puerto Rico and is charged with merchandise fraud and manipulation, according to a file released Tuesday.
Eisenberg claimed as recently as October, via Twitter, that his actions were legal:
Nomad Bridge Attack — $190 million
In August, Nomad, a bridge connecting different blockchain networks, was hacked for $190 million in crypto assets, in the second largest cross-chain bridge attack of the year, and the fourth largest DeFi hack at the time. The hack was the result of a flaw in Nomad’s smart contract, where attackers found a vulnerability. Just a few days before the event, Nomad had revealed in a blog post that major investors such as Coinbase Ventures, OpenSea and Crypto.com Capital had participated in a funding round in April for $22 million to help develop a security-first solution.
Wintermute Hack — $160 million
In September, crypto market maker Wintermute was hacked for $160 million in its DeFi operations, and the news was tweeted out by Evgeny Gaevoy, founder and CEO of Wintermute.
“We are solvent with twice as much equity left,” he said at the time.
Later, Gaevoy explained to Forbes that the hack likely originated with a service called Profanity, which generates “vanity addresses” for accounts to make them easier to access (otherwise, crypto accounts are normally accessed through a wide variety of letters and numbers). There was a security vulnerability with Profanity’s code, which could have allowed a hacker with enough computing power to hack possible keys and passwords.
FTX wallets hacked — $400 million
After crypto exchange FTX filed for bankruptcy in November, on-chain data showed that the exchange’s wallets lost funds ranging between $370 million and $400 million. Sam Bankman-Fried, former CEO of FTX, said in an interview that a former employee or bad actor, who likely stole private keys to FTX’s crypto wallets, was behind the drain of the funds. It was later revealed by new FTX CEO John J. Ray III that FTX had stored private keys that were not encrypted, and generally lacked security.
In congressional testimony in December, Ray said, “never in my career have I seen such a complete failure of corporate controls at every level of an organization, from a lack of accounting to a complete failure of any internal controls or governance whatsoever.”
Overall, $1 billion to $2 billion of FTX customers’ funds remain unaccounted for. Bankman-Fried has been charged with eight criminal counts, including fraud, money laundering and campaign finance offenses.
Ray said in his testimony that while the investigation is ongoing and detailed findings will take time, the collapse of the FTX group appears to stem from the absolute concentration of control in the hands of a very small group of grossly inexperienced and unsophisticated individuals who failed to implement practical in other words, all the systems or controls necessary for a company entrusted with the money or assets of others.”
(END) Dow Jones Newswires
Copyright (c) 2022 Dow Jones & Company, Inc.