“Crypto Hacks” You might be hearing and reading a lot about it in the news lately.
And apparently, you’re hearing “crypto hacks” because they’re happening. We have faced a lot of crypto hacks in the past few months than ever before.
If you combine the loss amount of the crypto hacks which we are discussing in this article then that will be more than $1 Billion.
Let’s see, what are the recent crypto hacks and how they got hacked:
The Biggest Crypto Hacks of 2022
Ronin Network – $615 Million
Wormhole – $325 Million
BEANSTALK – $182 Million
Fei Protocol and Rari Capital – $80 Million
Below are more details about crypto hacks:
RONIN NETWORK
Stolen Amount – $615 Million
The Ronin network hack is the biggest crypto theft so far in 2022. This is the biggest robbery in the history of DeFi.
The attack took place in March this year. The hacker stole millions of dollars from the Ronin network.
Ronin Network is an Ethereum-linked sidechain specially designed for the NFT-based PlayOnline game, Axi Infinity.
The Ronin Network acts as a bridge between the Axi Infinity and the Ethereum blockchain. The network helps users transfer cryptocurrency in and out of the game.
Ronin Network announced the hack in a blog post. They wrote, that 173,600 Ethereum (ETH) and 25.5M USDC coins were exploited, which amounts to $620 million in ETH and $25.5 million in USDC.
According to Sky Mavis, owner of Ronin, the hackers used private security keys to compromise network nodes that validate Ronin blockchain transactions.
The attackers managed to obtain five of the nine validator signatures that were required to transfer funds on the Ronin chain. Now following the attack, the Ronin network increased the validator limit from five out of nine to eight out of nine.
The Federal Bureau of Investigation (FBI) has confirmed that North Korea’s Lazarus Group and APT38 are responsible for the Ronin network hack.
Most of the hacked funds are still in the wallets of the attackers, Ronin Network noted in its blog post.
Users are very upset by this incident. Ronin has taken down its website after the attack but the network is making great efforts to recover the lost funds.
There is no guarantee that the Ronin Network will be able to recover lost funds.
Wormhole
Stolen Amount – $325 Million
Wormhole Network hack is the second biggest crypto heist of this year 2022. The Wormhole Network is a message-passing decentralized protocol that connects multiple blockchains such as Solana, Ethereum, Terra, Polygon, Oasis, Avalanche, and Binance Smart Chain.
The network empowers users to move crypto assets between blockchains without anyone’s permission.
The Wormhole Network was attacked in February 2022. It was exploited with 120k wETH (the token that is pegged to the Ethereum token).
The network informed about the hack in a tweet on 3 February 2022. A few hours before reporting the loss of funds, the network went down for maintenance.
Wormhole Bridge uses wrapped tokens, which lock the tokens into smart contracts on the blockchain. After certifying that the coins have been properly locked on one chain, the bridge mints or issues tokens of equal value on the other chain.
Analysts believe that hackers took advantage of this process, tricking the Wormhole Network and creating 120,000 Wrapped Ethereum Tokens (wETH).
The money was recovered from the hackers after a few hours of the robbery.
The Wormhole Network offered the hackers a WhiteHat settlement, asking them to return the funds in exchange for $10 million.
BEANSTALK
Stolen Amount – $182 Million
The Beanstalk was hacked on 17th April, with over $180 million in various crypto assets stolen.
Beanstalk is a credit-focused stablecoin protocol built on the Ethereum blockchain.
The protocol uses credit instead of collateral to create a decentralized, liquid, blockchain-native asset that is stable relative to the value of non-blockchain-native assets.
The Beanstalk farm hack was spotted by PeckShield, a blockchain analyst firm, who informed Beanstalk via a tweet. This was followed by a Beanstalk Farms tweet confirming the exploit.
According to PeckShield, Beanstalk Farm lost $182 Million in the attack. The exploiter took away over 24,500 ETH and 36 Million BEAN. The protocol is in big trouble since the money was stolen.
The exploiters are said to have used a large amount of Beanstalk’s native token to extort money.
The hacker took a flash loan from the Aave protocol, converted the borrowed assets into BEAN, gained a 67% voting stake on the platform. He then passed a fake governance proposal and transferred funds of the protocol to a private Ethereum wallet. The process was very quick.
PeckShield analyst that the hacker has donated 250k USDC from the stolen funds to Ukraine.
After receiving the donation money from the hacker, Michael Chobanian, president of the Blockchain Association of Ukraine, stated that they will return the funds to Beanstalk Farms.
Apart from this, no further amount has been recovered so far.
Beanstalk Farms requested the hacker to return their funds. In one tweet they wrote,
“If you will return 90% of the withdrawn funds to the Beanstalk Farms multi-sig wallet, Beanstalk will treat the remaining 10% as a Whitehat bounty properly payable to you.”
Moreover, the developers of Beanstalk contacted the FBI requesting to track the hackers and recover stolen funds.
Any future updates related to the Beanstalk Farm Hack will be added here.
Fei Protocol and Rari Capital
Stolen Amount – $80 Million
At the time we wrote this article the most recent hack was the Beanstalk Farms hack.
We had to update this article as another crypto hack emerged 13 days after the Beanstalk Farms hack.
Crypto projects Rari Capital and Fei Protocol were attacked and millions of dollars were stolen from these crypto projects.
On 30 April, the Fei Protocol informed about the exploitation of various Rari fuse pools in a tweet. At that time they did not disclose any lost amount.
In addition, they asked the hacker to return the stolen funds in exchange for a $10 million bounty.
The tweet read: “We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage.
To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds.”
After a while, people learned about the hacked amount from a tweet of the blockchain security company Blocksec. Blocksec reported that the lost amount is more than $80 Million.
Hacker is said to have exploited a reentrancy vulnerability to steal the funds from Fei Protocol and Rari Capital.
Blocksec Tweet:
There is no update yet regarding the recovery of hacked funds from Fei protocol and Rari Capital.