Bitcoin remained the most-discussed crypto in the threat actor community and the most-used crypto for accepting illicit payments this year. Flashpoint analysts identified over 50,000 unique Bitcoin addresses circulating in Flashpoint collections in 2022. Flashpoint observed 125,513 mentions of Bitcoin addresses within our collections since January 1, with 54,629 distinct addresses. These addresses have transacted on the blockchain 20,621 times during 2022. Throughout 2022, threat actors committed fraud targeting cryptocurrency entities, investors, and users. Centralized exchanges (CEXs) and nonfungible token (NFT) markets were the primary targets of fraud schemes over the past year. CEXs are exchange platforms that allow users to buy and sell crypto and function as an intermediary service between buyers and sellers of digital currencies. Decentralized exchanges (DEXs), in contrast, do not use intermediaries to execute crypto asset exchanges, and instead facilitate trades through self-executing smart contracts. Throughout 2022, automatic transfer system kits, fraudulent verified accounts, one-time password bypasses, and account checkers all represented major threats to CEXs. The largest threats to NFT markets were account takeover (ATO) attacks, third-party compromises, spoofed pages, and various scams. In general, the NFT fraud landscape grew dramatically from 2021 to 2022. Threat actors increasingly leveraged the emerging technology of NFTs to steal from inexperienced users unfamiliar with the platforms or general best security practices.
At the doorstep of 2023, we can say that 2022 was the worst year for cryptocurrencies, NFTs, Defi, etc. If you want to have a comprehensive look at all the Web3 attacks that have been happening over the years, you can check out our comprehensive Web3 incident database based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.