According to a report made by the data platform blockchain Chainalysis, $2 billion was lost from the cases hack cross-chain bridging by 2022. In the report, Chainalysis stated that this is a significant threat to trust-building for the technology. blockchain.
Furthermore, the researchers said that the hack Bridges are a favorite target for North Korean hackers - an estimated half of the $2 billion stolen.
Cross-chain bridges have many weaknesses
Bridge cross chain connects different blockchains, allowing the transfer of data or tokens between incompatible chains. This technology is part of the driving force that helps the entire ecosystem cryptocurrency can interact with each other.
Bridges make it possible to use assets on a blockchain without going off-chain to trade for the necessary tokens on an exchange. Usually, they operate on an asset conversion process that uses a lock-mint-burn mechanism.
However, bridges are prone to several vulnerabilities, including a single point of failure/centralization, low liquidity because the centralized entity has to hold a certain amount of assets, technical vulnerabilities due to the lock-mint mechanism -burn is governed by smart contracts and censorship.
Chainalysis reports that there have been 13 separate hacks of the bridge this year, accounting for 69% of the total amount stolen.
The researchers charted the analysis of other hacks versus bridge hacks, showing no clear pattern. Before Q3 2021, bridge hacks did not exist. But Q1 2022 saw a peak in the amount of money stolen from bridges; This coincides with a record amount of stolen money.
Chainalysis said in the report that, in the past, exchanges have been a prime target for hackers. But increased security at exchanges has forced them to look for newer, more vulnerable targets.
To solve the problem, the researchers call for rigorous smart contract code testing and for proven contracts to be used as templates for developers. Chainalysis also advises in its report on "the carelessness of human nature," saying that teams require training to spot "sophisticated social engineering tactics."
Although not mentioned in the report, the above comment relates to the Ronin bridge hack, in which user Axie Infinity lost $615 million - was later repaid.
It recently emerged that Ronin's hack was staged by North Korean hackers, targeting a senior engineer with a fake job. The process involved mock interviews culminating in a job offer sent through an infected file. Opening the file allows the hacker to take control of several network nodes.
Theft of NFT
Recent research from Comparitech shows that thefts NFT are becoming more frequent than ever—and more money is being stolen.
The company tracked the thefts NFT since the standard NFT was first introduced and recorded the first stolen tokens in early 2020. Since then, more than 86.6 million USD NFT has been stolen. At current values, the total amount stolen amounted to $896.5 million.
There is also a significant increase in the total number of NFT thefts in 2022, in stark contrast to the number of hacks. cryptocurrency the decrease is recorded by Comparitech. Out of a total of 166 NFT thefts, 14 occurred in 2021 and only 2 in 2020. The remaining 150 occurred in 2022, with March being the worst month with 31 thefts occurring.
The biggest theft based on the amount stolen at the time of the attack was Lympo. In January 2022, Animoca Brands NFT subsidiary lost 165.2 million LMT in a hot wallet hack. At the time of the attack, the tokens were worth $18.7 million.
In November 2021, the WAX Agricultural World game series was hacked, causing $15.7 million in NFT to disappear.
With $13.7 million stolen, BAYC is the third largest NFT hack ever. In April 2022, BAYC's Instagram account was hacked and dozens of NFTs were stolen from users' wallets.