Cryptocurrencies worth $718 million have reportedly been stolen from DeFi protocols in October so far, making it the biggest month in the biggest year ever for hacking activity, New York-based blockchain research firm Chainalysis has said.
Of the total of 11 different hacks in October, four hacks were reported on October 12, 2022, alone. With more than half the month still to go, October could report way higher numbers than this.
According to Chainalysis, at this rate, 2022 will likely surpass 2021 as the biggest year for crypto hacking on record. The data shows that crypto hackers have already grossed over $3 billion across 125 hacks in 2022 so far.
In 2021, the highest over 210 incidents of crypto hacking were reported, in which more than $3.1 billion siphoned off from the crypto market. Back in 2019, most hacks targeted centralised exchanges, and prioritising security went a long way. Now a vast majority of targets are DeFi protocols, while exchange hacks are a small part of such hacks, shows the data.
Further research shows cross-chain bridges remain a major target for hackers, with three bridges breached this month and nearly $600 million stolen, accounting for 82% of losses this month and 64% of losses all year.
DeFi or Decentralised Finance (DeFI) is a peer-to-peer system, with no need for intermediaries in between. DeFi is a collective term for financial products and services that are accessible to anyone who can use crypto.
With DeFi, the markets are always open and there are no centralised authorities who can block payments or deny you access to anything. Bitcoin and Ethereum were the first DeFi applications.
Notably, on October 12, a hacker stole 2M Binance Coins (BNB) worth approx. $560 million by exploiting a bug in the Binance Bridge. After the initial theft, the hacker started bridging stolen funds to other blockchains. Binance coordinated with validators to temporarily suspend BNB smart chain, at which point $100 million were already moved to other blockchains.
"An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC," Changpeng Zhao, CEO of Binance, said in a tweet.
Cross-chain bridges are designed to solve the challenge of interoperability between different blockchains. A cross-chain bridge is a protocol that lets a user port digital assets from one blockchain to another.
Chainalysis in its August report had said that bridges are now a top target for North Korean-linked hackers, too, who have reportedly stolen $1 billion worth of crypto this year, entirely from bridges and other DeFi protocols.
The reason that cross-chain bridges are an attractive target is that they often feature a central storage point of funds that back the “bridged” assets on the receiving blockchain. Regardless of how those funds are stored – locked up in a smart contract or with a centralised custodian – that storage point becomes a target.