Although the global crypto market has been struggling since the beginning of the year, with its capitalization dropping from $3 trillion to about $1 trillion, cybercriminals remained active. Blockchain-related breaches and scams drained $1.97 billion from 175 crypto projects since January 1, 2022.
The Ethereum ecosystem, which lost over $1 billion to attackers in 32 hack events, is at the top of the ranking, accounting for more than a half of the total monetary losses. The biggest crypto heist happened at the end of March when the Axie Infinity sidechain Ronin fell victim to the exploit worth close to $600 million in USDC and Ether. The hackers, who were reportedly working for the North Korean cybercrime gang Lazarus, gained access to five out of nine validators’ private keys after the successful phishing attack aimed at the former Ronin employee.
The second place in terms of losses belongs to Ethereum’s rival Solana, which suffered a loss of $380 million in just five incidents. The most devastating one was the exploit of the DeFi platform Wormhole. The signature verification vulnerability allowed attackers to mint 120,000 Wrapped ETH (known as Wormhole Ether or WeETH) worth over $320 million.
The next up in the line is the Binance Smart Chain ecosystem. Cybercriminals attacked BSC projects 47 times, accumulating $141 million in losses. The biggest hack was on the DeFi platform Qubit, which was exploited for over $80 million. The vulnerability in the QBridge deposit function allowed a hacker to mint BNB coins without depositing any collateral.
Meanwhile, the Fantom ecosystem earned hackers $54 million in eight events, Polygon lost $13 million in two events, and Avalanche lost $8 million in a single incident.
NFT projects’ losses amounted to $84.6 million in 45 incidents. Crypto exchanges were robbed of $35 million in four events, while crypto wallets were drained for $263k. The other crypto-related cybercrime incidents accounted for $236 million losses in 24 separate attacks.
Compared to last year's data, the number of attacks aimed at crypto projects increased by 94%, from 90 incidents in H1 2021 to 175 in H1 2022. May was the most challenging time for the crypto security professionals, as 37 attacks were perpetrated in a single month. Overall, the security of DeFi projects needs to be significantly improved to compete with the existing CeFi solutions.