Top 11 DeFi Cross-Chain Bridge Attacks of 2022: Hackers Bag Over $2 Billion

Top 11 DeFi Cross-Chain Bridge Attacks of 2022: Hackers Bag Over $2 Billion
фото показано с : beincrypto.com

2022-10-10 13:34

BNB Chain lost 2 million BNB coins worth $568 million in a cross-bridge exploit last week. The incident is yet another on the list of major DeFi attacks that have occurred through 2021-22, resulting in a loss of over $2 billion.

While the recent attack is reported to be due to a flaw in message verification by the validators, Blockchain security infrastructure firm BlockSec highlighted that crypto and DeFi bridges have historically been sought-after targets by attackers.

Since July 2021, 11 large cross-chain bridge attacks have occurred, involving more than $2 billion. Chart by @BlockSecTeam Vitalik has warned about cross-chain security risks before . https://t.co/yV1qwAlWIj pic.twitter.com/rC8tE5aY54

— Wu Blockchain (@WuBlockchain) October 7, 2022 BSC Bridge: $568M

The BNB (BSC) Bridge exploit occurred due to a message verification weakness, which, according to security researcher Samczsun, happened due to an attacker finding a way to forge proof for a particular block.

At first, the platform temporarily suspended operations on the BNB Chain due to “irregular activity,” only to later confirm it was an exploit.

Nomad attacks: $200M

Back in August, hackers exploited Nomad due to a similar message verification vulnerability, but in the target chain contract, which allowed the attackers to steal around $200 million in cryptocurrency.

The incident shook the entire cryptosphere because the hackers went all the way to impersonate Nomad employees to steal even more funds.

Harmony Bridge: $100M

In June, Harmony stated that it had discovered attacks on the Horizon bridge that drained $100 million worth of various crypto assets due to a private key leak. The Horizon bridge, which connects the Harmony blockchain to Ethereum, Binance Smart Chain, and Bitcoin, suffered a multi-sig wallet flaw that impacted about 65,000 wallets and 14 asset kinds.

Ronin Bridge: $600M

In March of this year, approximately $600 million in ETH and USDC were stolen from Ronin Network, the Ethereum-based sidechain for the well-known cryptocurrency game Axie Infinity.

The attacker allegedly used hacked private keys to fabricate bogus withdrawals from the Ronin bridge contract in two transactions.

Meter.io DeFi: $4.2M

On Feb. 5, 2022, the blockchain infrastructure business Meter, which works in the DeFi sector, lost $4.4 million in a bridge hack. The hacker reportedly swindled 1,391 ETH and 2.74 BTC after the bad actor exploited a bug introduced onto the bridge by the Meter team.

The weakness was reportedly due to a logical vulnerability in depositing funds.

Wormhole: $325M

The Wormhole protocol, a well-known cross-chain cryptocurrency link between Solana, Ethereum, Avalanche, and other chains, was hacked on Feb. 2 when approximately $325 million in wrapped ETH was stolen. In order to ensure that wETH is backed 1:1, the company stated that more ETH would be added.

This weakness was also reportedly because of a logical vulnerability in depositing funds.

Multichain: $1.4M

Due to a serious flaw in the logical codes used to deposit money into Multichain (formerly known as Anyswap), one of the biggest crypto token swapping platforms, at least $1.41 million was stolen by cybercriminals.

To protect their funds, Multichain advised its users to delete their approvals for WETH, PERI, OMT, WBNB, MATIC, and AVAX if they had already approved any of the six assets on the Router.

QBridge: $80M

Qubit Finance was exploited in the early hours of Jan. 28 after a malicious actor reportedly exploited the DeFi protocol to mint unlimited tokens on the Binance Smart Chain-based platform.

The logical vulnerability was exploited several times to increase the loot, which totaled nearly $80 million, making this hack one of the largest in DeFiYield’s Rekt database. The hacker made the platform think they had made a deposit; however, they traded the assets for BNB and disappeared.

Poly Network: $600M

Poly Network announced via Twitter in August 2021 that it was attacked on the Binance, Ethereum, and Polygon networks. The protocol that swaps tokens across several blockchains sent trembles into the markets after becoming one of the largest attacks at the time, with stolen funds including $273 million ETH, $253 million in BSC tokens, and $85 million in USDC taken from the Polygon network.

However, the hacker ‘Mr. White Hat’ returned almost all the funds that they stole.

ChainSwap: $8M

DeFi cross-chain platform ChainSwap also suffered an $8-million exploit in July 2021 that affected no less than ten projects with the attack.

The hack also impacted the user-governed forecast protocol Option Room. According to a tweet they issued on July 10, the attackers stole $550,000 worth of their native token ROOM. This was the second exploit in the same month occurring due to a message verification flaw on the target chain contract.

THORChain: $7.6M

Cross-chain decentralized exchange (DEX) THORChain was attacked for the third time in 2021 and the second time within a week after a $5 million flash loan attack.

In July 2021, the protocol stated that the platform lost around $8 million due to an event verification flaw and that the attack was carried out by a benevolent white-hat hacker that has requested a 10% bounty.

Notably, when hackers find weaknesses in the blockchain’s internal logic, which includes exploiting verification that is used to deposit funds or other cross-chain functions, major attacks are reported.

DeFi future: Multi-chain vs. cross-chain

Ethereum co-founder Vitalik Buterin had previously argued that while he supports a multi-chain web3 future, he doesn’t think cross-chains are sustainable due to their innate security fears.

He stated, “The fundamental security limits of bridges are actually a key reason why while I am optimistic about a multi-chain blockchain ecosystem (there really are a few separate communities with different values, and it’s better for them to live separately than all fight over influence on the same thing), I am pessimistic about cross-chain applications.”

According to Buterin, the incidence of attacks increase as more DeFi cross-chain bridges and apps are used. He also argued that cross-chains bring about an “anti-network” effect, explaining, “No one will 51% attack Ethereum just to steal 100 Solana-WETH.”

“But if there’s 10 million ETH or SOL in the bridge, then the motivation to make an attack becomes much higher, and large pools may well coordinate to make the attack happen,” he added.

At the time of writing, the global cryptocurrency market cap on CoinGecko stands close to $990 billion as the market attempts to recover from the latest heist. However, Bitcoin continues to trade under the crucial level of $20,000 at press time, while BNB is trading in the 24-hour range of $281.34 and $294.61.

The post Top 11 DeFi Cross-Chain Bridge Attacks of 2022: Hackers Bag Over $2 Billion appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Defi (DEFI) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0182135 (-100%)

attacks billion defi bridge bag cross-chain 2022

attacks billion → Результатов: 37


Security Incidents Cost Cryptocurrency Investors $7.6 Billion Since 2011: Crystal Report

Cryptocurrency analytics firm Crystal has published a report detailing all of the major security breaches, fraudulent activity, cyber-terrorism, and scams in the crypto space since 2011. According to the report, since the emergence of cryptocurrency markets, 113 security attacks and 23 fraudulent schemes have resulted in the theft of approximately $7.

2020-11-12 14:20


Advanced botnet attack caused $1.2bn in Bitcoin longs liquidation on BitMEX

Bitcoin’s price struggle was further exacerbated last week when the coin plunged to $3,700 on BitMEX and caused almost $1. 2 billion in long contracts to be liquidated on the platform. Now, the exchange’s CTO has revealed that the liquidations were caused by sophisticated botnet attacks that have been probing the platform for days and were […] The post Advanced botnet attack caused $1.

2020-3-17 22:34


STARKs, Part I: Proofs with Polynomials

Special thanks to Eli Ben-Sasson for ongoing help, explanations and review, coming up with some of the examples used in this post, and most crucially of all inventing a lot of this stuff; thanks to Hsiao-wei Wang for reviewing Hopefully many people by now have heard of ZK-SNARKs, the general-purpose succinct zero knowledge proof technology that can be used for all sorts of usecases ranging from verifiable computation to privacy-preserving cryptocurrency.

2018-7-21 23:03


Фото:

These Flaws Make Cryptocurrency Exchanges Susceptible to Attacks

It is a proven fact that the blockchain has an impressive 99. 64 percent reliability. However, the same can’t be said of cryptocurrency exchanges. Amidst that backdrop, Sameer Dixit, the Senior Director of Security Consulting at Spirent Communications, has identified some characteristic flaws of crypto exchanges which must be tackled to shield the over $350 billion cryptocurrency industry from more heists.

2018-7-20 07:00


Top 5 Threats Keeping Cybersecurity Professionals Up at Night

If you’d asked any cybersecurity professional around this time last year what the greatest threat to cybersecurity was, they’d have undoubtedly said ransomware. Now worth over a billion dollars a year (and rising), with attacks like WannaCry and Petya/NotPetya wreaking havoc, every expert worth their salt was planning ways to stay ahead of the hackers. […]

2018-7-14 05:00