Expert comment: $1.9 billion Stolen in Crypto Hacks

Blockchain, Crime, Investing, News, Opinion | August 18, 2022 By:

This week, blockchain analysis firm Chainalysis revealed in its latest report that $1.9 billion has been stolen in crypto hacks in the first seven months of this year.

Even though top cryptocurrencies saw a sharp decline in value in the first half of this year, there has been a surge. The report blamed hacks on decentralized finance (DeFi) protocols for a large portion of the increase.

Some of the biggest crypto hacks of 2022 were on DeFi protocols, including the $625 million hack of video game Axie Infinity’s Ronin network in March. Since then, some of these thefts, notably the Axie incident, have been linked to North Korean hackers.

Chainalysis warns that the increase in crypto thefts shows no sign of letting up despite the drop in the crypto market. “As long as crypto assets held in DeFi protocol pools and other services have value and are vulnerable, bad actors will try to steal them,” according to the report.

The below comment is from Alan Vey, Founder, and Chairman of layer-2 blockchain protocol Aventus, detailing why developers are falling victim to hackers.

“Given the numerous high-profile instances of blockchain attacks in 2022, it comes as no surprise $1.9 billion worth of cryptocurrency has been stolen. The industry is still in its infant stages and evolving at a rapid speed, but as technology quickly evolves, so do cybercriminal tactics ready to pounce on any weak links.

Many of these hacks can be attributed partly to human or coding errors, but it’s equally important to note the lack of proper procedures – including, but not limited to, penetration testing – being followed when building these projects.

Let’s look at the Nomad hack as one recent significant example: put simply, a vulnerability in the Nomad bridge was exploited by hackers, allowing them to freely ‘print’ virtual money from other users’ accounts – so although when users check their accounts the balance is seemingly still there, the bank doesn’t have the ability to honor that balance. Think of it like a vault of gold in a bank. Your balance is simply a representation of that gold. If someone robs that vault and you go to retrieve your gold, it’s no longer there – even if your balance says it is.

Ultimately, there will always be an inherent vulnerability associated with these bridges, because two different blockchain systems are talking to each other without the same means of consensus.

With alternative architectures for bridging, such as Polkadot’s parachain ecosystem, for example, this problem doesn’t occur. In fact, it cannot occur because every chain fundamentally relies on the same consensus.”