October has become the worst-ever month for crypto-related crimes with over $718 million in overall losses, and that’s with two more weeks to go before the month ends.
Data pointed out by Chainalysis on Thursday noted that the amount was stolen from several decentralized finance (DeFi) protocols across eleven different attacks.
“2022 will likely surpass 2021 as the biggest year for hacking on record,” Chainalysis researchers wrote. “So far, hackers have grossed over $3 billion across 125 hacks.”
“Despite the current bear market, we’re seeing a lot of activity among hackers, who are targeting various protocols,” said Jasper Lee, audit tech lead at crypto auditing firm Sooho.io.
“For those protocols or Dapps [decentralized apps] which have not been thoroughly audited, they make for easy and reliable short-term profit. Poorly protected protocols are low-hanging fruit for hackers, who make easy pickings of their too-easily accessed locked,” Lee added.
Attackers gained over $3.2 billion in 2021. But this year was off to an even-rocky start with a $325 million exploit of popular cross-chain service Wormhole, which was followed by a $625 million attack on Axie Infinity’s Ronin bridge, and then a $200 million exploit of the Nomad bridge.
Attack vectors in the crypto sector range from exploiting bridges, a blockchain-based tool that allows users to transact between different networks, to market manipulation, where rogue traders utilize millions of dollars to move thinly-traded markets in their favor to net several multiples of the initial capital deployed.
Over three bridges were breached this month alone, Chainalysis said, with an attack on a BNB Chain-based bridge over the weekend saw exploiters illicitly gaining over $100 million after the bridge was exploited for $566 million. Then on Monday, the layer 1 blockchain QANplatform was the target of a bridge hack that resulted in the theft of nearly $1 million in QANX tokens.
Elsewhere, Tuesday night saw $100 million in liquidity drained from Solana’s popular Mango Markets trading protocol after a rogue trader manipulated spot token prices to borrow the entirety of the protocol’s assets against their position.