The Nine Largest Crypto Hacks in 2022
9 - Cryptocom, January 17, $35 million
In late January, a hacker managed to disable two-factor authentication on the crypto exchange Cryptocom and extract bitcoin and ether from customer accounts.
In late January, a hacker managed to disable two-factor authentication on the crypto exchange Cryptocom and extract bitcoin and ether from customer accounts.
CEO Kris Marszalek initially denied customer funds were lost before acknowledging the hack days later. The company said it is transitioning to โmulti-factor authenticationโ in response to the exploit.
8 - IRA Financial Trust, February 8, $37 million
The crypto-focused retirement and pension platform was pilfered when hackers accessed a โmaster keyโ that bypassed all security measures to customer accounts.
The crypto-focused retirement and pension platform was pilfered when hackers accessed a โmaster keyโ that bypassed all security measures to customer accounts.
IRA Financial Trust has since sued Gemini, the crypto exchange where customer funds were stored, for alleged negligence leading to the hack.
cointelegraph.com
cointelegraph.com
7 - Cashio, March 22, $52 million
A string of fake accounts used an โinfinite mint glitchโ to put up worthless collateral for Cashioโs CASH stablecoin. The coinโs peg cratered to zero and has not recovered, according to data from CoinGecko.
coingecko.com.
A string of fake accounts used an โinfinite mint glitchโ to put up worthless collateral for Cashioโs CASH stablecoin. The coinโs peg cratered to zero and has not recovered, according to data from CoinGecko.
coingecko.com.
6 - Fei Protocol, April 30, $80 million
A โreentrancyโ bug in the lending protocolโs code allowed a hacker to take out a loan while also withdrawing the collateral put up on the loan.
blockworks.co
A โreentrancyโ bug in the lending protocolโs code allowed a hacker to take out a loan while also withdrawing the collateral put up on the loan.
blockworks.co
Fei users passed a proposal to make investors whole through โthe DAO repaying the bad debt on behalf of the hacker.โ The Fei stablecoin remains at its dollar peg, per CoinGecko.
snapshot.fei.money
coingecko.com
snapshot.fei.money
coingecko.com
5 - Qubit QBridge Hack, January 27, $80 million
A hacker manipulated a smart contract bug on the Binance-based Qubit Financeโs QBridge to mint wrapped ether tokens without depositing funds.
blockworks.co
A hacker manipulated a smart contract bug on the Binance-based Qubit Financeโs QBridge to mint wrapped ether tokens without depositing funds.
blockworks.co
The lost assets forced the developers behind Qubit to trim the protocolโs staff and reclassify it as a decentralized autonomous organization (DAO).
pancakebunny.medium.com
pancakebunny.medium.com
4 - Harmony Bridge, June 23, $100 million
The North Korea-linked Lazarus group accessed two of the Binance and Ethereum bridgeโs five security keys, approving transactions siphoning assets from the bridge. blockworks.co.
The North Korea-linked Lazarus group accessed two of the Binance and Ethereum bridgeโs five security keys, approving transactions siphoning assets from the bridge. blockworks.co.
Harmony now requires four of five validator keys to reach a consensus on transactions and is yet to announce its plan to compensate users.
medium.com
medium.com
3 - Beanstalk, April 17, $182 million
A hacker used a โflash loan,โ where funds are borrowed and repaid in the same transaction, to accumulate enough assets to control the stablecoinโs governance protocol.
blockworks.co
A hacker used a โflash loan,โ where funds are borrowed and repaid in the same transaction, to accumulate enough assets to control the stablecoinโs governance protocol.
blockworks.co
The hacker passed a proposal donating funds to Ukraine before making off with the collateral. Developers paused the protocol while undergoing audits and raising funds, but plan to reopen deposits in early August.
bean.money
bean.money
2 - Wormhole, February 2, $325 million
A hacker exploited smart contracts on the Solana-to-Ethereum bridge to mint and cash out on wrapped ether without depositing collateral.
theverge.com
A hacker exploited smart contracts on the Solana-to-Ethereum bridge to mint and cash out on wrapped ether without depositing collateral.
theverge.com
Jump Crypto, the venture capital firm behind Wormhole, replenished the stolen funds to keep Solana-based platforms affected by the hack solvent.
blockworks.co
blockworks.co
Wormhole renamed its bridge Portal and currently holds over $480 million, according to crypto data firm DeFi Llama.
defillama.com
defillama.com
1 - Axie Infinity Ronin Bridge, March 28, $625 million
The largest-ever crypto hack measured in fiat dollars came after hackers gained control over a majority of the cryptographic keys securing the play-to-earn gameโs cross-chain bridge.
blockworks.co
The largest-ever crypto hack measured in fiat dollars came after hackers gained control over a majority of the cryptographic keys securing the play-to-earn gameโs cross-chain bridge.
blockworks.co
Four of the nine keys were stolen when an Axie developer clicked on a fake job offer PDF, according to The Block
theblock.co
theblock.co
The Ronin Bridge has since reopened with more validators, though the game is hemorrhaging users.
blockworks.co
blockworks.co
Loading suggestions...