Cyber criminals used a variety of novel ways to carry out hacks and exploits in 2022, with over $2.8 billion of cryptocurrency stolen last year. According to a report from CoinGecko using data sourced from DeFiYield’s REKT Database, nearly half of the total crypto stolen in 2022 was fleeced using diverse methods. This includes bypassing verification processes, market manipulation, ‘crowd looting’ as well as smart contract and bridge exploits. The biggest hack of 2022 was carried out through an access control hack. Sky Mavis, the developer behind the popular game Axie Infinity, saw its Ronin bridge hacked in March, leading to $625 million being drained from the bridge between the Ronin chain and Ethereum network. It was later revealed that North Korean hacking group Lazarus gained access to five private keys that were used to sign transactions from five Ronon Network validator nodes. This was how the hackers drained 173,600 ETH and 25.5 million USDC from the bridge. According to CoinGecko, access control exploit is carried out by attackers that have gained access to wallets or accounts through compromised private keys, networks or security systems.
Full story : DeFi exploits and access control hacks cost crypto investors billions in 2022: Report.
2022 was a mega year in terms of Web3 hacks. OODA has been compiling a comprehensive Web3 incident database based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.