1. Home
  2. crypto exploits

crypto exploits

$62M crypto stolen in Dec was the ‘lowest monthly figure’ in 2022: CertiK

December proved to be the month with the least crypto stolen in 2022, although there were still 23 major incidents, according to CertiK.

Cryptocurrency hackers and exploiters seemingly slowed down for the 2022 holidays as December saw $62.2 million worth of cryptocurrencies stolen, the “lowest monthly figure” of the year, according to CertiK.

The blockchain security company on Dec. 31 tweeted a list of the month's most significant attacks. It highlighted the $15.5 million worth of exit scams as the method that stole the most value over the month, followed by the $7.6 million worth of flash loan-based exploits.

A later tweet on Jan. 1 confirmed that the 23 largest exploits were responsible for around 98.5% of the $62.2 million figure, with the $15 million Helio Protocol incident on Dec. 2 the largest of the month.

The protocol, which manages the stablecoin HAY (HAY), suffered a loss when a trader took advantage of a price discrepancy in Ankr Reward Bearing Staked BNB (aBNBc) to borrow millions worth of HAY.

At the time, the decentralized finance (DeFi) protocol Ankr suffered a separate exploit where an attacker minted 20 trillion aBNBc, causing its price to plummet. The Helio trader quickly deposited aBNBc tokens to borrow 16 million HAY, causing the loan to be significantly undercollateralized, leading to the protocol's loss and a depeg of its stablecoin.

The second largest incident of the month was the $12.9 million exploits of Defrost Finance’s v1 and v2 protocols on Dec. 23, where an attacker carried out a flash loan attack by adding a fake collateral token and a malicious price oracle to liquidate the protocol.

Days after the exploit, the hacker returned the funds stolen from the v1 protocol to an address controlled by Defrost, though funds are yet to have been returned for the v2 hack.

CertiK labeled the exploit an “exit scam” due to the fact an admin key was required to conduct the attack. Defrost denied the allegations to Cointelegraph, claiming the key was compromised.

Related: Crypto’s recovery requires more aggressive solutions to fraud

The December figure is much lower than the month prior, seeing an 89.5% decrease from the $595 million worth of exploits across 36 major incidents CertiK recorded in November, a figure largely skewed by the $477 million hack of crypto exchange FTX.

Overall for 2022, just the largest 10 exploits of the year funneled around $2.1 billion to bad actors, largely on cross-blockchain bridges and DeFi protocols.

Meme Coin Prices Slide as Traders Hedge into FLOCK, STARS ICOs

Barely halfway and October’s the ‘biggest month’ in crypto hacks: Chainalysis

While 2021 was the biggest year on record for crypto hacks, 2022 could “likely” beat the record “at this rate” according to Chainalysis.

Blockchain analytics firm Chainalysis has labeled October 2022 as “the biggest month in the biggest year ever for hacking activity” with the total hacked value for the month nearly reaching $718 million.

Despite not being more than halfway through the month, Chainalysis said 11 different hacks on decentralized finance (DeFi) protocols had seen hundreds of millions exploited.

Four exploits alone took place on Oct. 11 worth around $122 million. Hackers siphoned $200,000 in crypto using a smart contract from crypto wallet Rabby Wallet, $1.89 million from blockchain QANplatform’s Ethereum (ETH) bridge, $2 million from TempleDAO, and a $118 million exploit on the Solana (SOL)-native Mango Markets.

Chainalysis says 2021 was the biggest year for blockchain-based hacks on record both in terms of total value hacked and the total number of hacks, but at the current rate, 2022 could “likely surpass” last year's figures as over $3 billion has been exploited across 125 hacks so far.

The firm says it’s seeing a shift in where exploits are taking place too.

In 2019 most hacks took place on centralized cryptocurrency exchanges but as those companies increased security, the huge majority of hacks, around 90% in 2022, have taken place on DeFi protocols.

Related: From neglecting security to bad tokenomics, DeFi has played a hand in its own decline

The biggest target for hackers is cross-chain bridges with three bridges targeted this month accounting for 82% of October’s losses according to Chainalysis, the largest of these bridge hacks was a roughly $100 million exploit in the bridge between crypto exchange Binance’s BNB Smart Chain and Beacon Chain.

Meme Coin Prices Slide as Traders Hedge into FLOCK, STARS ICOs