The Most High-Profile Crypto Attacks 2022
This blog post will cover:
- Ronin Hack
- Wormhole Hack
- Qubit Hack
It has been only several months since the beginning of the year. And it is already full of events. Several major hacks happened within the first months of 2022. The absolute favorite of criminals this time is the DeFi area. However, it is not the only one. There also were several attempts to attack NFTs. According to the Atlas VPN report by March 30, 2022 hackers stole almost $1.3 billion.
In this article we would like to take a look at some high-profile attacks of this year, and remind you once again to be extremely careful when you deal with cryptocurrency.
The Ronin network suffered a huge hacker attack on March 29. According to the report the network lost over $625 million. This is considered to be the biggest DeFi attack up to this moment.
Ronin is an Ethereum side chain, which helps to execute transactions for Axie Infinity, an online game. The idea of the game is to collect special creatures, Axies, issued in the form of NFTs. Users transfer their assets from the game to the Ethereum network via Ronin. To verify transactions the Ronin network has nine validators and a multisignature system, which consists of five signatures. So five of nine validators have to put their signatures to approve any transaction. This is significant for the understanding of the attack’s mechanism.
The hacker took control over four validators and the RPC node to get the Axie DAO validator’s signature. This attack exposed the flaws in the Ronin network.
Wormhole is a token bridge that allows users to avoid centralized exchange services. Wormhole operates on Solana, Binance Smart Chain, Avalanche, Polygon, Oasis, and Terra. The incident happened on February 2 on the Solana side. A hacker managed to find a flaw in a security system and was able to steal about $325 million (120,000 wETH).
The hack became real because of the existing vulnerability, which had been acknowledged before the event. Also, the code that was supposed to fix it was ready to be implemented. However, the attacker was there first.
As a result of the hack, there appeared a deficit between ETH and wETH, it also led to a 10% drop in price for Solana token. The team offered a bug bounty of $10 million to anyone who would be able to return the stolen.
Qubit is a Mound’s DeFi lending protocol, which operates on the Binance Smart Chain. It was hacked on January 28, and attackers were able to steal the equivalent of over $80 million, or 206,809 BNB from the QBridge protocol. Hackers made the network believe that they had made a deposit when they had not. CertiK, a security firm, reported that the same action was repeated several times. Everything that had been stolen was converted into BNB. The team was able to contact the attacker and offer them a reward. The result of their conversation is unknown. Several features of the network were disabled.
Discord is basically a social media app that allows users to exchange messages instantly. Users here are able to create channels devoted to some specific topic. These channels can be public or private. However, the most important thing about this application is that it hosts numerous NFT communities. Surprisingly, these channels became a vulnerability that let hackers inside.
Thus, the NFT server run by Rear Bear lost 179 NFTs ($800,000) as a result of a phishing attack. It happened on March 17. The attacker managed to get access to the account of the community’s moderator, he then made a post containing a phishing link. To protect himself from other moderators' actions, the attacker blocked them, preventing them from stopping him.
In April several more Discord channels confirmed hacks. Among them were Bored Ape Yacht Club, Nyoki, and Shamanz. All these attacks follow the same algorithm, attackers post fake minting links. Since the mechanism is well-known, moderators pay attention to what is happening in the communities.
Crypto.com is a crypto trading platform that operates mainly in Europe. It also provided services in Russia, but last week decided to leave the country. Despite the fact that the platform has around 500,000 Russian users. Soon after that, on April 12, Crypto.com suffered a huge DDoS cyberattack attempt. The attack was unsuccessful, platform management assures everyone that all the data is safe. The suspicion falls on Russian hackers, who earlier targeted the Ukrainian defense and finance ministries.
Undoubtedly, each attempt to attack blockchains and networks shows their vulnerabilities. Of course, teams act as fast as they can and try to prevent unpleasant experiences. Nevertheless, it is important to remember that the level of security is one of the major problems at the moment.
Despite the high price that services under attack and their users pay, such cases help to find vulnerable places and work on them, making the system safer.
Furthermore, sometimes justice prevails and victims get back their funds. You are welcome to read about the case when the attacker was stopped from exchanging and removing the funds and about the return of the stolen funds.
Please remember, it is crucial to make sure that the links you use lead to the right and reliable resources, your assets are distributed in several places, and you get maximum control over your cryptocurrencies. We wish you to be careful and always keep your crypto safe!