Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge. When he's not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.
Despite 2022 being the worst year for crypto attacks, December’s spate came in at the lowest, rendering it the least harmful month last year.
According to a Coindesk report, December had the least number of crypto attacks for 2022. However, the report, citing blockchain audit firm CertiK, noted that scams and hacks accounted for a massive $3.7 billion loss throughout last year. This fact makes 2022 the worst year for criminal activities in the history of the crypto and blockchain sectors.
Despite 2022 being an uneventful year by way of crypto attacks, the month of December provided a few cheer-worthy instances for market participants. There was $62 million worth of stolen tokens, scams, or hacks last month, which made it the least harmful month. By contrast, an overwhelming $595 million worth of crypto-based attacks happened in November 2022.
Closer Analysis of December 2022 Crypto Attacks
The two most notable crypto attacks in December 2022 were the Defrost Finance $12 million hack and Helio Protocol $15 million exploit. Defrost Finance’s attack allegedly came from a ‘rug pull’ that saw developers disappear with investor money. However, the team behind the initiative pushed back on those claims and referred to them as defamatory and inaccurate.
Other relatively minor attacks that occurred at the end of last year include a flash loan exploit that resulted in a $7.6 million loss. Flash loans pose a popular means via which attackers gain funds to carry out exploits on decentralized finance (DeFi) systems. The loans enable traders to borrow unsecured funds from lenders through smart contracts instead of third parties. Furthermore, no collateral is required because the contract deems the transaction complete only after the lender’s repayment. Therefore, the implication of this process suggests that defaulting on a flash loan would trigger the smart contract to cancel the transaction. The said transaction’s cancellation would also see the money returned to the lender.
Of the previously mentioned $7.6 million flash loan figure, a single Lodestar attack constituted an overwhelming $6.5 million.
Several other crypto projects also experienced similar attacks, with losses ranging from $50,000 to $300,000.
Although attackers made away with $3.2 billion in 2021, the following year experienced an even more inauspicious start. For instance, there was the $325 million hack of the popular cross-chain platform Wormhole. This exploit was followed by the far more substantial $625 million cyber assault on Axie Infinity’s Ronin bridge. 2022 also saw a significant $200 million attack on the Nomad bridge.
Ways to Hack
There are several ways in which miscreants carry out exploits and attacks within the crypto and blockchain industry. These include exploiting bridges, flash loans, and market manipulation.
Blockchain bridge exploitation sees hackers attack the blockchain-based tool that facilitates user transactions between different networks. Meanwhile, a typical market manipulation hack sees rogue traders deploy large sums of money to influence thinly traded markets in their favor. The usual end goal of such market manipulation is to pocket multiples far in excess of the initial capital deployed.