It’s been a turbulent year for the cryptocurrency industry — market prices have taken a huge dip, crypto giants have collapsed and billions have been stolen in crypto exploits and hacks.
It was not even halfway through October when Chainalysis declared 2022 to be the “biggest year ever for hacking activity.”
As of Dec. 29, the 10 largest exploits of 2022 have seen $2.1 billion stolen from crypto protocols. Below are those exploits and hacks, ranked from smallest to largest.
10: Beanstalk Farms exploit — $76M
Stablecoin protocol Beanstalk Farms suffered a $76 million exploit on April 18 from an attacker using a flash loan to buy governance tokens. This was used to pass two proposals that inserted malicious smart contracts.
The exploit was initially thought to have cost around $182 million as Beanstalk was drained of all its collateral but in the end, the attacker only managed to get away with less than half that.
9: Qubit Finance bridge exploit — $80M
Qubit Finance, a decentralized finance (DeFi) protocol on BNB Smart Chain, had over $80 million worth of BNB (BNB) stolen on Jan. 28 in a bridge exploit.
The attacker duped the protocol’s smart contract into believing they had deposited collateral that allowed them to mint an asset representing bridged Ether (ETH).
They repeated this multiple times and borrowed multiple cryptocurrencies against the unbacked bridged ETH, draining the protocol’s funds.
8: Rari Fuse exploit — $79.3M
Another DeFi protocol called Rari Capital was exploited on April 30 for the sum of roughly $79.3 million.
The attacker exploited a reentrancy vulnerability in the protocol’s Rar Fuse liquidity pool smart contracts, making them call a function to a malicious contract to drain the pools of all crypto.
In September, Tribe DAO, which includes Rari Capital and other DeFi protocols, voted to reimburse affected users from the hack.
7: Harmony bridge hack — $100M
In yet another bridge hack, the Horizon Bridge that links Ethereum, Bitcoin (BTC), and BNB Chain to Harmony’s layer-1 blockchain was drained of around $100 million in multiple cryptocurrencies.
Blockchain forensics firm Elliptic pinned the hack on North Korean cybercriminal syndicate Lazarus Group, as the funds were laundered in a similar way to other known Lazarus attacks.
Lazarus is understood to have targeted Harmony employee login credentials, breaching the platform’s security system and gaining control of the protocol before deploying automated laundering programs to…
Click Here to Read the Full Original Article at Cointelegraph.com News…
