Since 2022 is not yet over, it is important to be prepared for the dangers in the cryptocurrency market in the coming year.
One of the most important aspects of preparation after the end of a bear market growth is the analysis of hacker activity in the field of wallet security. In this column, I will analyze the most famous hacker attacks for this year and form the main trends in responding to challenges in 2023.
Cryptocurrency is becoming more institutionalized and brings more risks to the industry. The most important reason for this is that all major companies are channeling their capital to implement Decentralized Finance (DeFi) solutions.
Also Read: Bitcoin (BTC) Price Prediction and Forecast
Crypto wallets play an important role in this integration process. At the same time, they become a vulnerable target for thieves.
From personal experience, I can say that cases of asset theft from user wallets have increased by 80% with the development of the web3 industry and NFT products.
Since 2021 alone, cryptocurrency scammers have stolen more than $1 billion, according to the Federal Trade Commission (FTC). On average, each user lost $2,600. Therefore, the development of the field of crypto-security is a priority for the normal functioning of virtual assets.
The most famous hacker attacks of 2022
In 2019, hackers mainly attacked centralized cryptocurrency exchanges. Today, these platforms use modern anti-money laundering tools (Anti-Money-Laundering or AML for short. — ed.) and Know -Your-Customer (KYC for short. — ed.). Therefore, fraudsters turned their attention to less secure DeFi protocols. Let’s take a closer look at this year’s DeFi hacks.
Despite the bear market, digital assets remain profitable projects and attract criminals looking for a quick profit.
According to AMLBot, more than $700 million worth of assets were stolen from 11 DeFi protocols in October alone . At the same time, the total damage from various hacker attacks exceeded 3 billion dollars this year.
The year began with the theft of a significant amount of ETH from the Wormholecrosschain bridge , worth over $300 million. Such bridges typically work by using a digital coin and locking it into a contract to issue another asset in the bridge chain. When a hack like this happens, the main concern of users is whether their assets are still protected by the platform.
The biggest hack of 2022 happened right after the Wormhole case in March. The popular gaming platform Axie Infinity has lost more than $600 million due to a fake job opening carelessly opened by one of its developers. After he downloaded the file to a work computer, the hackers managed to break into the system and compromise four token validators and one Axie DAO validator.
Later in April , more than $180 million was withdrawn from DeFi platform Beanstalk Farms using flash loans. This type of loans is used to borrow large amounts of digital currency in minutes.
They are designed to provide liquidity or use price arbitrage opportunities. Hackers took 67% of the votes in Beanstalk by using a flash loan to borrow assets and exchange them for the platform’s management token.
A smaller but significant phishing attack cost the Uniswap decentralized protocol $ 8.6 million. Hackers carried out a phishing attack, during which they tricked users of the decentralized exchange into following a malicious link. As a result, the fraudsters gained access to more than 7,000 Ethereum addresses.
In August, a cross-chain DeFi bridge called Nomadwas hacked for over $ 190 million . The platform’s total blocked value dropped from $190.740 million to $1,794 in just a few hours. The hack occurred due to an error during the update of the smart contract, which led to a failure in the authentication of messages. When the attackers found this flaw in Nomad’s code, they started withdrawing funds from the platform.
The vulnerability also attracted the attention of other hackers who used the same calldata transactions. Thieves committed the crime according to the “copy-paste” principle, since during it they repeated each other’s actions.
Later in September, algorithmic market maker Wintermutelost $160 million in assets. Attackers exploited a flaw in the Wintermute smart contract and gained access to more than 70 different tokens. It is not known who is behind the hack, but it is suspected that the attack was carried out by internal employees of Wintermute.
The above mentioned the main hacker attacks of 2022 that exposed the weak points of decentralized finance solutions. Based on this, he formed 3 trends for improving the security of this area for the next year.
Security trends for 2023
The number one way to improve wallet security across the industry is to implement better and more compliant KYC and AML solutions .
Checking the history of wallets gives a huge advantage in the process of detecting hackers. As soon as it becomes possible to trace who owns the wallets, the stolen funds can be returned.
The second trend is to increase the number of specialists for the security teams of companies using decentralized finance solutions.
DeFi companies continue to hire the best professionals to withstand hacker attacks 24/7. Every month there are new ways in which thieves can bypass the built-in protection of DeFi applications. Improving your security is just a matter of researching the latest attacks and analyzing how they could have been avoided.
In the case of attacks like the one faced by the Beanstalk team, a one-day delay in accepting even emergency management proposals can ensure that control of the platform remains in the hands of its creators. Therefore, constant monitoring of the situation is crucial to maintaining security.
For this, DeFi projects should carefully review the current mechanisms for adjusting the number of votes, which will fall under the prism of the third trend of crypto-security.
Due to the high level of security, transparency and compliance with regulatory requirements, DeFi projects are a profitable investment for the future.
Unfortunately, hacker attacks over the past few years have undermined investor confidence in them. However, the increase in the number of services that have modern security tools will contribute to increasing the stability of this area.
Defi projects will prioritize the security of their product over its efficiency and functionality.
The future of crypto-security will rest on three pillars – implementing better and more compatible KYC and AML solutions, increasing the number of specialists for companies’ security teams, and constantly monitoring the market situation for quick countermeasures.