The spectral entities of global hackers have haunted DeFi projects throughout the month of October, so much so that we’re not even halfway through the month and yet “Spooky Season” has proved to be the biggest month for hacking activity this year, according to a report by Chainalysis.
The crypto research firm said late on Wednesday that after four big hacks taking place on Tuesday, October has seen $718 million stolen from decentralized finance projects over 11 hacks in just 11 days. One of those hacks was the QANX bridge, which disclosed on Tuesday it had been compromised, allowing hackers to cash out with $1.16 million.
These October hacks include the $586 million hack of Binance Bridge, the $2.3 million hack of Temple DAO, and the $117 million Mango Markets hack on Oct. 11, just to name a few. That recent hack used two different addresses to manipulate Mango’s native currency $MNGO’s price, then borrow against their own crypto as collateral, according to a post-mortem by crypto security firm CertiK. The hacker in this case then went online to Mango’s forums and proposed he’d kindly return that crypto if they gave him some USD stablecoin worth $70 million from Mango’s treasury.
And as much as blockchain proponents continue to hype the secure nature of a consistent and immutable chain of data, cross-chain bridges still remain a major target of hacks. Bridges act as ways to transfer crypto between two different blockchains, and Chainalysis notes three bridges were hacked this month totaling nearly $600 million worth of crypto.
The number of hacks had actually calmed to some extent during the summer months, with Chainalysis noting back in August that hacks seemed to stall out alongside ongoing struggles with the crypto market. Since the May crypto crash the worlds most popular coins, including bitcoin and ether, have yet to recover the wealth lost from the 2021 boom. Those watching bitcoin prices have noticed some big dips going into this week anticipating a U.S. jobs report this Friday as well as the latest inflation reports.
The report from Chainalysis further notes 2022 is on pace to be the biggest year for hacks just in terms of the amount of total money stolen from the wide range of crypto and NFT projects. Hackers have grossed more than $3 billion so far this year across 125 hacks. This puts hackers on pace to beat 2021’s record of around $3.25 billion stolen in hacks by this year’s end.
What’s also interesting is where the majority of these hacks have come from this year. In previous years such as 2019 and 2020, a majority of hacks attacked crypto exchanges, mostly through getting access to user accounts with account keys gained through phishing or breaking into exchange’s internal networks. In 2021, hackers mostly targeted DeFi projects, which is an umbrella term for public crypto projects meant to remove intermediaries and work as a currency exchange and payment method without the oversight of either banks or regulators. It’s gotten so bad for these DeFi projects the FBI has noted just how dangerous it is for regular folks thinking of investing their hard earned crypto.
And as there’s always more crypto hypemen pushing new decentralized autonomous organizations (AKA DAOs) or the next big “hot wallet” application allowing users to use apps to manage crypto, there seems to a new hack every day showing how you never really know which project will be next to have its user’s crypto stolen.