As demonstrated by the assaults on the Trust and Slope wallets, the Nomad and Ronin cross-chain bridges, and the ZB crypto exchange, hackers use security flaws in third-party wallets, cross-chain bridges, and hot wallets to steal millions of dollars worth of cryptocurrency.
Blockchain technology is revolutionizing how we communicate online and has shown to be a formidable rival to the established financial system, but it is also vulnerable to hackers. In Q1 2022 alone, blockchain hackers stole more than $1.3 billion, according to research from the free VPN service Atlas VPN.
Types of Crypto Hacks
Bridge Attacks
A blockchain bridge is a link that enables the exchange of digital assets between blockchains. Bridges have become a popular way to connect several blockchains and act as a middleman. By delivering money as tokens to the bridge protocol, which locks that money inside the contract on one chain, you may transmit money when using cross-chain bridges to move tokens. After that, money in the form of wrapped tokens on the chosen chain is handed to the user.
These wrapped tokens are backed by digital cash that is kept in the bridge reserve. A bridge costs a gas price, which is often quite large and is only practical if you are trading in extremely high quantities, similar to how an exchange charges a trading fee to swap funds. According to a Chain analysis, there have been 13 different cross-chain bridge breaches that have resulted in the theft of $2 billion in cryptocurrencies.
Due to a security weakness, the Nomad bridge was recently breached, and reserves of about $200 million worth of cryptocurrency were stolen. The security hole allowed a small number of hackers to access the system. Axie Infinity's Ronin Bridge, an ETH sidechain created for gaming, has previously been breached, and almost $650 million worth of crypto in funds
were stolen.
Wallet Hacks
The private keys to your wallet addresses on a blockchain are kept in wallets, which are pieces of hardware or computer applications. The most crucial responsibility is to maintain your private keys secure because they are your access to your crypto deposits.
Your private keys will be maintained on a cold storage site if you store your cryptocurrency in a custodial wallet. This is similar to investing in a commodity without really owning it. Your private keys are like money in your pocket. Your keys can be kept in a hardware wallet known as cold storage or in a software wallet (desktop or web extension) called a hot wallet.
Due to its internet connection, a hot wallet is vulnerable to hackers, whereas a cold wallet is significantly more secure. Since hot wallets are third-party programs, they might be security vulnerable. Recently, a Supply Chain Attack was used to attack around 8,000 popular wallets, mostly Trust wallet and slope wallet, in order to obtain the private keys and empty the wallets.
Exchange Hacks
A cryptocurrency exchange is a marketplace where investors and dealers may swap fiat money for digital assets. Crypto exchanges typically have sizable reserves. While some cryptocurrency is kept in hot wallets for trade, the majority is kept in cold wallets. The exchange's custodial keys are the hackers' primary goal.
Cryptocurrency worth $4.8 million was recently stolen from the ZB exchange. A cybersecurity company named Peckshield said that more than 20 cryptocurrency tokens were moved from the exchange's hot wallet to an address that was allegedly linked to hackers. From the initial wallet, the hacker transferred the money to another wallet, from which he sold 2,224 ETH for $3.6 million.
Thank you for reading