The spectral entities of global hackers have haunted DeFi projects throughout the month of October, so much so that we’re not even halfway through the month and yet “Spooky Season” has proved to be the biggest month for hacking activity this year, according to a report by Chainalysis.
The crypto research firm said late on Wednesday that after four big hacks taking place on Tuesday, October has seen $US718 ($1,140) million stolen from decentralized finance projects over 11 hacks in just 11 days. One of those hacks was the QANX bridge, which disclosed on Tuesday it had been compromised, allowing hackers to cash out with $US1.16 ($1.84) million.
1/ After four hacks yesterday, October is now the biggest month in the biggest year ever for hacking activity, with more than half the month still to go. So far this month, $718 million has been stolen from #DeFi protocols across 11 different hacks. pic.twitter.com/emz36f6gpK
— Chainalysis (@chainalysis) October 12, 2022
These October hacks include the $US586 ($813) million hack of Binance Bridge, the $US2.3 ($3) million hack of Temple DAO, and the $US117 ($162) million Mango Markets hack on Oct. 11, just to name a few. That recent hack used two different addresses to manipulate Mango’s native currency $MNGO’s price, then borrow against their own crypto as collateral, according to a post-mortem by crypto security firm CertiK. The hacker in this case then went online to Mango’s forums and proposed he’d kindly return that crypto if they gave him some USD stablecoin worth $US70 ($97) million from Mango’s treasury.
And as much as blockchain proponents continue to hype the secure nature of a consistent and immutable chain of data, cross-chain bridges still remain a major target of hacks. Bridges act as ways to transfer crypto between two different blockchains, and Chainalysis notes three bridges were hacked this month totaling nearly $US600 ($833) million worth of crypto.
The number of hacks had actually calmed to some extent during the summer months, with Chainalysis noting back in August that hacks seemed to stall out alongside ongoing struggles with the crypto market. Since the May crypto crash the worlds most popular coins, including bitcoin and ether, have yet to recover the wealth lost from the 2021 boom. Those watching bitcoin prices have noticed some big dips going into this week anticipating a U.S. jobs report this Friday as well as the latest inflation reports.
The report from Chainalysis further notes 2022 is on pace to be the biggest year for hacks just in terms of the amount of total money stolen from the wide range of crypto and NFT projects. Hackers have grossed more than $US3 ($4) billion so far this year across 125 hacks. This puts hackers on pace to beat 2021’s record of around $US3.25 billion stolen in hacks by this year’s end.
What’s also interesting is where the majority of these hacks have come from this year. In previous years such as 2019 and 2020, a majority of hacks attacked crypto exchanges, mostly through getting access to user accounts with account keys gained through phishing or breaking into exchange’s internal networks. In 2021, hackers mostly targeted DeFi projects, which is an umbrella term for public crypto projects meant to remove intermediaries and work as a currency exchange and payment method without the oversight of either banks or regulators. It’s gotten so bad for these DeFi projects the FBI has noted just how dangerous it is for regular folks thinking of investing their hard earned crypto.
And as there’s always more crypto hypemen pushing new decentralized autonomous organisations (AKA DAOs) or the next big “hot wallet” application allowing users to use apps to manage crypto, there seems to a new hack every day showing how you never really know which project will be next to have its user’s crypto stolen.