The 10 largest Hacks and Exploits Stole Over $2 billion

In a year that was marred with Bankruptcies and Collapses, the top 10 major Cryptocurrencies Exploits earned over $2 billion for malicious actors.

Billions of dollars have been stolen in hacks and exploits of the Cryptocurrencies, as well as market prices taking a huge dip.

In October, Chainalysis declared the year to be the biggest ever for hacking activity.
The 10 largest exploits of the year have seen over $2 billion stolen.
The exploits and hacks are ranked from smallest to largest.

10: Beanstalk Ranches exploit_$76M

Stablecoin protocol Beanstalk Farms was hit with a $76 million attack on April 18 by an attacker using a flash loan to buy governance tokens.
Using this method, two proposals that included malicious smart contracts were accepted.
initially expected to cost $182 million, but in the end, the attacker only managed to get away with less than half of it because Beanstalk was stripped of all of its collateral, but in the end, the exploit was only worth less than half of that.

9: Qubit Finance bridge exploit_$80M

Over 80 million BNB was stolen from Qubit Finance in January.
There is a bridge exploit.
The attacker tricked the protocol’s smart contract into believing they had deposited collateral that allowed them to mint an asset, they borrowed multiple cryptocurrencies against the unbacked bridged ETH, draining the protocol’s funds.

8: Rari Fuse exploit_$79.3M

One more DeFi protocol called Rari Capital was taken advantage of on April 30 for the amount of generally $79.3 million.

The attacker exploited a reentrancy vulnerability in the protocol’s Rar Fuse liquidity pool smart contracts, settling on them decision a capability to a malicious contract to deplete the pools of all crypto.

In September, Tribe DAO, which incorporates Rari Capital and other DeFi protocols, casted a ballot to repay impacted users from the hack.

7: Harmony bridge hack_$100M

In yet another bridge hack, the Horizon Bridge that connects Ethereum, Bitcoin, and BNB Chain to Harmony’s layer-1 blockchain was drained of around $100 million in multiple Cryptocurrencies.
Elliptic, a blockchain forensics firm, blamed the attack on North Korean Cybercriminal syndicate Lazarus Group, as the funds were laundered in a similar manner to other known Lazarus attacks.

Lazarus is said to have targeted Harmony employee login credentials, breaching the platform’s security system and taking control of the protocol before deploying automated laundering schemes to move their ill-gotten gains, according to Lazarus.

6: BNB Chain bridge exploit_$100M

The BNB Chain was paused, Around $100 million was drained from its cross-chain bridge due to irregular activity on the network.
The attacker was thought to have taken $600 million due to a vulnerability that allowed the creation of two million BNB, the chain’s native token.
The attacker had $400 million worth of digital assets frozen on the blockchain and more could be stuck in cross-chain bridges.

5: Wintermute hack_$160M

Wintermute, a United Kingdom based market-maker, suffered from a compromised hot wallet that saw approximately $160 million across 70 token transferred out of the wallet.
CertiK claimed that a vulnerable private key was attacked by Profanity, an app that allows users to generate fake addresses.
According to CertiK, this allowed the attacker to use a function with the private key that allowed the hacker to change the platform’s swap contract to their own.
Block Sec said the conspiracy theories that the hack was an inside job were not convincing.

4: Migrant token bridge exploit_190M

On Aug.The Nomad token bridge was drained by multiple attackers to the tune of $190 million.
The cause of the exploit was a smart contract vulnerability.
Multiple users, seemingly both malicious and benevolent, were able to copy the original attacker’s moves to funnel funds to themselves.

Almost all of the addresses taking part in the exploit were identified as copycats.
The funds were returned to the protocol by white hat hackers.

3: Wormhole bridge exploit_$321M

The Wormhole token bridge experienced an exploit on Feb. 2 that brought about the deficiency of 120,000 Wrapped Ether (wETH) tokens worth $321 million.

Wormhole allows users to send and get Crypto between multiple blockchains. An aggressor tracked down a weakness in the protocol’s smart contract and had the option to mint 120,000 wETH on unbacked by collateral and was then ready to trade this for ETH.

At the time it was set apart as the biggest endeavor in 2022 and is the third-biggest protocol misfortune in general for the year.

2:The FTX Wallet Hack was Worth $477 million

During the beginning of FTX’s bankruptcy procedures on Nov. 11 and 12, a progression of unapproved transactions took place at the exchange, with Elliptic proposing that around $477 million worth of crypto was stolen.

Sam Bankman-Broiled said in a Nov. 16 meeting that he accepted it was “either an ex-representative or some place somebody introduced malware on an ex-worker’s computer” and had restricted the perpetrator down to eight individuals before he was closed out of the company’s systems.
According to reports, on Dec. 27 the US Division of Equity launched an investigation into the whereabouts of around $372 million of the missing crypto.

1: Ronin bridge hack_$612M

The biggest exploit to occur in 2022 happened on March 23, when the Ronin bridge was taken exploited for around $612 million 173,600 ETH and 25.5 million USD Coin.
The biggest exploit to occur in 2022 happened on March 23, when the Ronin bridge was taken exploited for around $612 million 173,600 ETH and 25.5 million USD Coin. The biggest exploit to occur in 2022 happened on March 23, when the Ronin bridge was taken exploited for around $612 million 173,600 ETH and 25.5 million USD Coin.
Ronin is an Ethereum sidechain developed for Axie Infinity, a play-to-earn nonfungible token (NFT) game. Sky Mavis, Axie Infinity’ developers, said the hackers accessed private keys, compromised validator nodes and approved transactions that emptied funds out of the bridge.

The U.S. Treasury Department refreshed its Exceptionally Designated Nationals and Blocked Persons (SDN) list on April 14 to reflect the likelihood that Lazarus Gathering was behind the bridge’s exploit.

The Ronin bridge hack is the biggest cryptocurrency exploit to at any point happen.

Sky Mavis, Axie Infinity’ developers, said the hackers accessed private keys, compromised validator nodes and approved transactions that emptied funds out of the bridge.

The U.S. Treasury Department refreshed its Exceptionally Designated Nationals and Blocked Persons (SDN) list on April 14 to reflect the likelihood that Lazarus Gathering was behind the bridge’s exploit.

The Ronin bridge hack is the biggest cryptocurrency exploit to at any point happen.