Mixin Network, a Hong Kong-based digital asset transactional platform, reported a security breach on 25 September, revealing a loss of approximately $200 million due to a hack of its cloud service provider. The stolen funds accounted for so far are comprised of ETH, USDT (swapped to DAI), and BTC. If the $200M figure stated by Mixin is accurate, it would make this incident the biggest hack of 2023 so far.
On the 4th of September 2023, the popular crypto gambling platform Stake suffered a major security breach due to private key leak resulting in the theft of approximately US $38 million. The preliminary investigation confirms that unauthorized withdrawals were detected from Stake's hot wallets on the Ethereum, Polygon, and Binance Smart Chain networks.
On the 13th of August 2023, at around 10:30 pm UTC, Zunami Protocol suffered a price manipulation attack and lost approximately $2.1 million.
On August 7th, 2023, Steadefi, a sophisticated yield aggregator, fell victim to an assault that resulted in a substantial loss of over $1.14 million.
On the 30th of July, Curve Finance, a decentralized, Automated Market Maker (AMM), was hacked leading to a loss of ~ $45 million in CurveDAO, ETH, and wETH. The attackers exploited a malfunctioning reentrancy lock on different versions of the Vyper programming language (0.2.15, 0.2.16, and 0.3.0) across multiple stable-pools.
On April 17, 2022, Beanstalk Farms, a decentralized credit-focused stablecoin protocol built on Ethereum, suffered an exploit. The attackers exploited Beanstalk’s governance protocol to extract $182 million in collateral, around $80 million of which went to the hacker as profit. Beanstalk enables participants to earn rewards such as Stalk and Seeds by contributing to a central funding pool called the Silo. The participants receive four Seeds for every Bean stablecoin deposited in the Silo, which in turn, earns them 0.004 Stalk every hour. Stalks are ERC-20 standards tokens that bestow governance rights over the protocol to its holders and give holders voting power. Unlike Stalks, Seeds are not liquid and do not give voting rights to their holders.
[Update 2022.04.18]
On April 14, 2022, the U.S. Department of Treasury’s Office tied the North Korea-based hacking group, Lazarus, to the Ronin Network exploit. The Office of Foreign Assets Control (OFAC) added an Ethereum wallet address (0x098B716B8Aaf21512996dC57EB0615e2383E2f96) associated with Lazarus to its sanctions list. The sanctioned wallet address contains funds stolen in the Ronin security breach. At the time of the publication, the wallet holds 138,433.136 ETH valuing close to $402 million. The Ronin Bridge was exploited for 173,600 ETH and 25.5 million USDC, worth around $568 million at the time of the transaction.
The North Korean state-sponsored Lazarus group, has been associated with several major cyberattacks over the years, including a 2014 hack on Sony Pictures and the 2017 WannaCry ransomware attacks. The OFAC first imposed sanctions on Lazarus and two of its sub-groups Bluenoroff and Andariel in September 2019. In the announcement, the U.S. Department of Treasury stated Lazarus and its sub-groups are controlled by North Korea’s primary intelligence agency, the Reconnaissance General Bureau (RGB).
In its official update, the Ronin Network confirmed that the FBI has linked Lazarus to its validator security breach. Additionally, the Ronin Network also stated that it is “still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk.” The bridge is expected to be deployed by end of April.
Around $568 million worth of crypto has been stolen from the Ronin Network, the blockchain underlying the popular crypto game Axie Infinity. The amount lost is calculated based on the ETH/USD price conversion rate on the date of the transaction — March 23, 2022. On March 29, 2022, Sky Mavis, the creator of both Ronin and Axie Infinity, reported that the Ronin bridge had been exploited for 173,600 Ethereum (ETH) and 25.5 million USDC
On February 2, 2022, the Wormhole Token Bridge, suffered an exploit, which resulted in the loss of 120,000 Wrapped Ether (wETH) tokens worth over $320 million at the time. Wormhole is a popular cross-chain bridge that links Ethereum and Solana blockchain.
This is the largest crypto exploit of 2022 so far and the second-largest decentralized finance (DeFi) attack to date. The attack happened amidst a rapid increase in hacking incidents suffered by DeFi platforms. In fact, according to a report by CertiK, which is a leading security-landing platform, the amount of money lost in the hack of DeFi projects more than doubled to $1.3 billion in 2021.
Of late, the attacks on bridge platforms are on the rise. The news of the Wormhole exploit comes shortly after the Quibit Finance attack, wherein the attacker took advantage of a logical error in Qubit’s smart contract to input malicious data to steal $80 million worth of cryptocurrency. Bridges between chains are often more susceptible to exploits as they require more interactions and contract approvals than the other
[Update 2022.02.18]
On December 4, 2021, crypto exchange BitMart suffered an attack on its Ethereum and Binance Smart Chain hot wallets, resulting in a loss of nearly $200 million USD. Founder and CEO Sheldon Xia confirmed the incident, writing on Twitter: "We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets.”
