It’s been a tumultuous year for the cryptocurrency industry – market prices have plummeted, crypto giants have collapsed and billions have been stolen through crypto exploits and hacks.
It wasn’t even mid-October when Chainalysis declared 2022 the “biggest year ever for hacking activity.”
As of December 29, the top 10 exploits of 2022 stole $2.1 billion from crypto logs. Below are these exploits and hacks, from smallest to largest.
10: Beanstalk Farms Exploit – $76 million
Stablecoin protocol Beanstalk Farms suffered a $76 million exploit on April 18 by an attacker using a flash loan to purchase governance tokens. This was used to pass two proposals that injected malicious smart contracts.
The exploit is said to have originally cost around 182 million US dollars when Beanstalk lost all of its collateral, but in the end the attacker got away with less than half of it.
9: Qubit Finance bridge exploit – $80 million
Qubit Finance, a decentralized finance (DeFi) protocol on BNB Smart Chain, had stolen over $80 million worth of BNB (BNB) in a bridge exploit on Jan. 28.
The attacker spoofed the protocol’s smart contract by believing it had deposited collateral that enabled it to mint an asset representing bridged ether (ETH).
They repeated this multiple times, borrowing multiple cryptocurrencies against the unsecured bridged ETH, depleting the protocol’s funds.
8: Rari Fuse exploit – $79.3 million
Another DeFi protocol called Rari Capital was exploited on April 30 for the sum of around $79.3 million.
The attacker exploited a reentrancy vulnerability in the protocol’s Rar Fuse liquidity pool smart contracts, causing them to call a malicious contract function to flush all crypto’s pools.
In September, Tribe DAO, which owns Rari Capital and other DeFi protocols, voted to compensate affected users from the hack.
7: Harmony Bridge Hack – $100 million
Another bridge hack, the Horizon Bridge, which connects Ethereum, Bitcoin (BTC) and BNB Chain to Harmony’s Layer 1 blockchain, drained around $100 million in multiple cryptocurrencies.
Blockchain forensics firm Elliptic pinned the hack to North Korean cybercriminal syndicate Lazarus Group, saying the funds were laundered in a manner similar to other well-known Lazarus attacks.
Lazarus is believed to have targeted Harmony employee credentials, breached the platform’s security system and gained control of the protocol before using automated laundering programs to move its ill-gotten gains.
6: BNB chain bridge exploit – $100 million
The BNB chain was halted on October 6 due to “irregular activity” on the network, which was later revealed to be an exploit that drained around $100 million from its cross-chain bridge, the BSC Token Hub.
It was initially believed that the attacker was able to loot around $600 million due to a vulnerability that allowed the creation of around two million BNB, the chain’s native token.
Unfortunately for the attacker, around $400 million worth of digital assets were frozen on the blockchain, and more may have been stuck in cross-chain bridges on the BNB blockchain side.
5: Wintermute Hack – $160 million
UK-based crypto market maker Wintermute suffered from a compromised hot wallet, with around $160 million being transferred from the wallet across 70 tokens.
Analysis by blockchain cybersecurity firm CertiK claimed that a vulnerable private key was attacked, likely generated by Profanity – an app that allows users to generate vanity crypto addresses that has a known exploit.
According to CertiK, this allowed the attacker to use a private key feature that allowed the hacker to change the platform’s swap contract to the hacker’s.
Conspiracy theories that the hack was an “inside job” due to how it was carried out have been debunked by blockchain security firm BlockSec, which said the allegations were “not convincing enough”.
4: Nomad Token Bridge Exploit – 190M
On August 2, the Nomad Token Bridge, which allows users to exchange cryptocurrencies across multiple blockchains, was looted by multiple attackers for $190 million.
The cause of the exploit was a smart contract vulnerability that failed to properly validate transaction inputs.
Several users, seemingly both malicious and benevolent, were able to copy the original attacker’s moves to funnel funds to themselves. Around 88% of the addresses involved in the exploit were identified as “copycats” in a report.
Only around $32.6 million in funds could be intercepted by white hat hackers and returned to the protocol.
3: Wormhole Bridge exploit – $321 million
The Wormhole Token Bridge suffered an exploit on February 2, resulting in the loss of 120,000 Wrapped Ether (wETH) tokens worth $321 million.
Wormhole allows users to send and receive crypto between multiple blockchains. An attacker found a vulnerability in the protocol’s smart contract and was able to mint 120,000 wETH on Solana (SOL) without collateral, and then exchange it for ETH.
At the time, it was flagged as the largest exploit of 2022 and is the third largest log leak overall for the year.
2: FTX wallet hack – $477 million
During the start of FTX’s bankruptcy proceedings on Nov. 11-12, a series of unauthorized transactions took place on the exchange, with Elliptic claiming that around $477 million worth of crypto was stolen.
Sam Bankman-Fried said in a Nov. 16 interview that he believes it was “either a former employee or somewhere someone installed malware on a former employee’s computer,” and narrowed the culprit down to eight people before he systems of the company were excluded from the proceedings.
Related: 7 Biggest Crypto Crashes Of 2022 That The Industry Would Like To Forget
On Dec. 27, the US Department of Justice reportedly launched an investigation into the whereabouts of around $372 million of the missing crypto.
1: Ronin Bridge Hack – $612 million
The biggest exploit of 2022 took place on March 23, when the Ronin bridge was exploited for around $612 million – 173,600 ETH and $25.5 million in coin (USDC).
Ronin is an Ethereum sidechain built for Axie Infinity, an NFT (Play-to-Earn Nonfungible Token) game. Sky Mavis, the developers of Axie Infinity, said the hackers gained access to private keys, compromised validator nodes and approved transactions that drained funds from the bridge.
The US Treasury Department updated its list of Specially Designated Nationals and Blocked Persons (SDN) on April 14 to reflect the possibility that the Lazarus Group was behind the bridge exploit.
The Ronin Bridge hack is the largest cryptocurrency exploit ever.