Crypto Hacks and Scams Taper Off to Close Out a Miserable 2022
TL;DR Crypto hacks in December cost $62.2M, making it the lowest monthly figure of 2022. The Helio Protocol breach was the biggest exploit of the previous month, with a $15M loss. Meanwhile, exit scams led to losses of $15.5M and flash loans roughly siphoned $7.6M. March and November were the worst months of the year, with losses of $715M and $595M respectively.
Stats by CertiK found that in December, $62.2M was lost to crypto hacks. The last month of the year marked the lowest monthly figure in 2022.
The platform confirmed that the year-to-date losses surpassed $3.76B.
Biggest Crypto Hacks of December
According to the platform, the Helio Protocol breach was the biggest event of the previous month, with a $15M loss. The Helio Protocol created HAY, a “destablecoin” that leverages BNB as collateral. The asset with excessive collateral asserts a 7% yield.
Sponsored Sponsored
The attacker exploited the Ankr Protocol by changing Ankr Reward Bearing Staked BNB (aBNBc) into hBNB and staked it in Helio Protocol. Then, they lent millions in BHAY0 in return for HAY0. HAY depegged to $0.40 following the exploit but has since regained its peg to the dollar following a repurchase and burn from the development team.
#CertiKStatsAlert 🚨
Combining all the incidents in December we’ve confirmed ~$62.2M lost to exploits, hacks and scams.
The lowest monthly figure this year.
Exit scams were ~$15.5M
Flashloans were ~$7.6M
The second largest incident of December was Defrost Finance’s loss of over $12M to an alleged flash loan attack. The hacker reportedly hacked Defrost’s V1 protocol to siphon $173,000. In a more serious V2 assault, a perpetrator liquidated users’ holdings using a phony collateral token and a fraudulent pricing oracle, stealing $12.9 million.
BitKeep, Ankr, and Lodestar hacks, among other breaches, were the month’s highlights. As per CertiK, exit scams led to losses of $15.5M. Meanwhile, flash loans roughly siphoned $7.6M; a decrease witnessed in H2 2022. April had lost a massive amount of $300.5M in similar exploits, with the most significant flash attack on Lodestar.
Sponsored Sponsored
March and November Win Worst Months of 2022
Looking at the major incidents through 2022, March and November win the award for worst months. Over $715M was lost in March to exploits, while around $595M was pilfered in November. January, May, July, and December were relatively quiet on the exploit and scam front, with lower losses of $179M, $98.8M, $65.5M, and $61M, respectively.
As per the November update, 36 major attacks were recorded in the month, leading to losses of $595M. FTX’s $477M hack marked the largest that month. The alarming increase in DeFi hacks has likely been the year’s second most noticeable trend, following the demise of numerous crypto titans like Celsius and FTX.
#CertiKStatsAlert 🚨
36 major attacks were recorded in November totalling a loss of ~$595 Million.
As always, make sure a project has an audit & KYC before investing!
Remember to always #DYOR and read the audit reports! pic.twitter.com/UhiDU2itAm — CertiK Alert (@CertiKAlert) December 1, 2022
Cross-chain bridges remain the most commonly exploited.
Sponsored Sponsored
Research by the cryptocurrency data aggregator Token Terminal previously claimed that 50% of DeFi vulnerabilities target cross-chain bridges.
Meanwhile, at the start of the new year, a veteran Bitcoin developer disclosed that he had lost $3.6 million worth of Bitcoin, demonstrating the perils of self-custody.