The Growing Number Of Digital Assets Hacks Caused Users Billionsby@samiranmondal
257 reads

The Growing Number Of Digital Assets Hacks Caused Users Billions

by Samiran MondalSeptember 27th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The [blockchain] is a distributed ledger that records transactions in a permanent and verifiable way. This technology enables people to transfer money and other assets to each other without the need for an intermediary like a bank. It also offers security because it stores data in an encrypted form that cannot be altered or hacked without authorization. Dr Kampakis is doing lots of work in this area, especially in the area of [tokenomics]. The [Tesseract Academy] is involved in lots of blockchain work, from research & development to implementation.

Coins Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - The Growing Number Of Digital Assets Hacks Caused Users Billions
Samiran Mondal HackerNoon profile picture

As cryptocurrencies continue to soar, hackers have learned how to take advantage of the digital asset ecosystem's loopholes to fatten their pockets. They seem to be getting more intelligent as developers struggle to keep their platforms secure from these attacks. These hacks caused attacks on DeFi protocols, cryptocurrency wallets, and crypto exchanges, leading to the loss of millions of dollars, if not billions.

This article looks at the recent hacks and why this continues to happen, and the latest developments to prevent future heists.

1. The Most Recent Crypto Hacks

While hacks on digital assets can be traced back to the early years of bitcoin, the last couple of years has seen tremendous growth in these attacks. Some have attributed this growth to the surge in cryptocurrency prices seen in back 2017. Notably, with Bitcoin breaking the $60k mark earlier this year, many anticipate increased attacks on digital assets.  Here are the most recent hacks worth noting.

2. The EasyFi DeFi Protocol Hack

On Monday, 19 April 2021, a hacker targeted the mnemonic keys and admin keys on the exchange and managed to infiltrate the MetaMask wallet owned by the EasyFi founder. During the attack, the unknown persons got away with $6 million worth of crypto. This attack was similar to the Nexus hack, where the firm lost $8 million to hackers.

3. Yearn Finance

This was the first cyberattack on DeFi this year. Yearn Finance suffered an $11 million loss in an attack that saw a hacker getting away with $2.8 million worth of digital assets. In this attack, the protocol lost the cryptocurrencies through a well-planned move. The attacker posed as borrowers and borrowed millions in flash loans and then used the loans as collateral, borrowing more digital assets using the funds. The funds were later deposited in a Yearn pool, which allowed the hacker to manipulate Dai, later profiting by swapping the liquidity provider's tokens for stablecoins.

4. xFORCE contract Hack

On 4 April 2021, the crypto community weak up to another DeFi protocol attack. The xFORCE is an intelligent contract by ForceDAO, a DeFi protocol on the Ethereum blockchain. This attack was instigated by five hackers who exploited a known solidity issue to steal  FORCE tokens from the smart contract.

5. Alpha Finance Lab and Cream Finance Attacks

Another attack involved flash loans. Hackers posing as borrowers cracked into the systems of two DeFi protocols and managed to steal a whopping $37.5 million on the same day. The attack was inaugurated through nine transactions in flash loans where the attacker borrowed USD on Cream's Iron Bank using Alpha's Homora V2 protocol. Hackers exploited the liquidity in the original pool in Homora Bank borrowing millions in DAI, USDT, USDC, and WITH from Iron Bank before siphoning millions of dollars in cryptocurrencies from the two DeFi protocols.

6. The DODO DEX $3.8 million Exploit

On 8 March 2021, DODO, a decentralized digital asset exchange, joined the list of cryptocurrency exchanges that have suffered at the hands of hackers. The attackers exploited several V2 Crowdpool, but fortunately, the exchange managed to recover the funds in the AC pool and secured all V1 and non-Crowdpool V2.

7. PancakeSwap & Roll  DNS attack

DeFi protocol PancakeSwap suffered domain name system (DNS) hijackings later in March of the same year. The cyber attackers tried to ask unsuspecting users to input the 12-word seed phrase and attempted to steal cryptocurrencies from the platform. PancakeSwap moved quickly to protect its users from the attack by warning them of the potential risk. Hackers use DNS to build a fraudulent web portal for visiting users.

PancakeSwap's attack comes the same week Roll, a protocol built for issuance of social tokens and NFTs lost 3000 ETH valued at around $5.7 million to hackers. The attack affected several social tokens as $PICA, $RARE, and $WHALE tanked following the unfortunate event.

The list of victims of cybersecurity threats goes back to 2020 when several exchanges were penetrated, and hackers got away with digital assets worth millions of dollars.  KuCoin exchange suffered an attack that saw it losing $280 million in September last year. Reports from the trading indicate that $222 million was recovered by KuCoin. 6% around $17.45 million of the loot was returned with law enforcement agencies help as the hackers managed to get away with $45.55 million. This is one of the worst attacks in the history of digital assets.

Threats and How are the Exchanges Prevent Cyber Attacks

As DeFi protocols and crypto wallets continue to suffer at the hands of criminals, major threats expose these networks to cyber-attacks.

  • Phishing and malware are the number one threat to digital asset holders and exchange platforms. This is a process of gathering personal information using deceptive emails and websites. Cryptocurrency exchanges tried to curb these attacks by encouraging their users to avoid sharing crucial information and being careful about scammers sending these emails.

  • Hackers are also using double-spending as another way to -steal crypto. This attack happens when a cryptocurrency transaction is spent more than once. Usually, hackers get hold of the transaction before it is confirmed.

  • Man-In-The-Middle ( MITM) attacks also pose a significant threat to cryptography and the entire concept of the digital asset. Hackers use MITM attacks by secretly relaying and possibly altering the communications between two parties who think they are directly communicating.  These attacks can be prevented through authentication and tamper detection.

  • Additionally, supply chain attacks continue to threaten the booming business in DeFi and cryptocurrency custodians.  Cybercriminals use this method to attack the protocols by targeting less-secure components in the supply chain to tamper with the manufacturing process by installing spying hardware.

Even though cyber attackers are getting smarter day by day, there is a lot of progress by DEXs and DeFi protocols to beef up security to protect millions of funds in their custody. The protocols have pursued the services of reputable cybersecurity experts like Cybavo to counter these attacks. Inventions of sophisticated technology like Multi-party Computation MPC and multi-sig is helping exchanges and cryptocurrency custodians keep the funds secure from cyber attackers.