According to a recent report from Chainalysis, 2022 saw a surge in cryptocurrency heists, with North Korean state-backed hackers and vulnerabilities in decentralized finance (DeFi) protocols playing a significant role in the record-breaking thefts. The blockchain analysis company provided a sneak peek of the data ahead of its annual crypto crime report.
Last year, a total of $3.8 billion was stolen from cryptocurrency firms, with a staggering 82% of the thefts attributed to weaknesses in DeFi protocols. This marked an increase from the previous year’s figure of 73%. North Korean hackers were responsible for stealing $1.7 billion, the majority of which ($1.1 billion) was obtained through attacks on DeFi platforms. The attack on Ronin Network in March alone cost the firm $618 million.
Chainalysis highlighted that cross-chain bridge protocols, such as the ones targeted in the Ronin Network attack, accounted for 64% of DeFi protocol breaches. These protocols allow users to transfer their cryptocurrency from one blockchain to another by locking assets into a smart contract on the original chain and minting equivalent assets on the second chain. However, these bridges have become prime targets for hackers due to the centralized nature of the smart contracts, making them lucrative honeypots for malicious actors.
The report emphasized the importance of code auditing by third-party providers and developers focusing on security rather than rapid growth to mitigate these risks. Although the transparency of DeFi smart contract code aids in identifying vulnerabilities, it also allows threat actors to exploit these weaknesses.
Additionally, Chainalysis revealed that North Korean hackers often use “mixers” to launder stolen cryptocurrency. Mixers blend digital currencies from multiple users to obfuscate their origins, making it difficult to trace the illicit funds. When a mixer favored by North Korea, Tornado Cash, was sanctioned by the US in August 2022, hackers simply shifted to another mixer called Sinbad.
The use of mixers as money laundering tools has garnered regulatory attention, underscoring the need for increased scrutiny and oversight in the cryptocurrency space. As the landscape continues to evolve, addressing vulnerabilities in DeFi protocols and implementing robust security measures will be crucial in safeguarding against future cryptocurrency heists.