32. Blockchain technology and cyberattacks.

Blockchain technology itself has built-in security features. It is true that blockchains offer a high level of data protection, however – where there is money, there are hackers and scammers. Despite such high security features and constant work on them, the blockchain market is fraught with problems, especially those related to security.

Cases of hacking attacks on blockchain

Interestingly, in 2021, breaches, however, related to decentralized finance accounted for as much as 76% of all hacks. The third quarter of the same year also had as many as 20% more hacking incidents than all of 2020. Of course – we’re still talking about blockchain.

Hacking attacks on the blockchain usually come from external actors or insiders. Many of the attacks use phishing, social engineering, data attacks or coding errors. Here are five of the most common attacks on blockchain:

• 51% attacks. We discussed them in detail in one of our lessons. This type of attack occurs when the majority of the network conspires against the minority. If you want to remember what a 51% attack was all about, take a peek at [LINK – WHAT A 51% ATTACK IS].
• Backdoor and on-ramp exploits. These occur when computers are hijacked for their computing power. This form of cybercrime is compared to a supply chain attack. However, they take advantage of the distributed nature of blockchain.
• Flash loan attacks. These occur when intelligent contracts (designed mainly to handle flash loans) are attacked to siphon assets elsewhere. Cybercriminals using this method mainly take advantage of unsecured loans, where they can manipulate the input data.
• Rug pulls. Situations, in which celebrities from the crypto world, create hype around a project and flee with investor funds.

Other cases of attacks on blockchain

Cybercriminals are canny and overly inventive. What techniques are they still using?

1. Payments. We are mainly talking about the theft of cryptographic keys. Based on this attack, more than $73 million was stolen from the Bitfinex exchange in 2016.
2. Employees. In 2017, the Bithumb exchange was hacked using an employee’s computer.
3. As blockchain is unequal – we’re talking about private and public blockchains – the tactics and techniques of cybercriminals are changing.
4. Corruption, money laundering and lack of regulation blockchain. It is known, centralized bodies can be corrupt. However – intelligent contracts are also not legally binding.  An unclear regulatory environment slows cryptocurrency adoption and allows cybercriminals to flourish in their craft.

Hackers are finding ways to exploit blockchain companies and cryptocurrency exchanges. We know from publicly available data that in 2018 alone, more than $1.5 billion was lost through social engineering attacks and theft of cryptocurrency wallets.

Since 2017, about 5% of Bitcoin has been stolen through attacks on exchanges. Mt.Gox, Bitfinex – these are the exchanges to which cybercriminals stole $350 million and $72 million, respectively.

It is worth knowing that blockchain companies collect a lot of information about their customers. That’s another tasty morsel for hackers – talk about PII attacks and selling the data obtained on Dark Web forums.

Review 2021 – how many hacking attacks have occurred on blockchain?

Biggest cyberattacks on blockchain-related companies in 2021.

1. PolyNetwork – DeFi’s financial project. It was hacked in August 2021. As a result, the company ended up with a $600-million loss. The theft surpassed the attack on Coincheck in 2018. Interestingly, more than 99% of the stolen funds were returned to the company. The hacker who committed the crime was subsequently asked to take a position as the company’s chief security advisor.
2. Cream Finance. Another DeFi project, built on the blockchain. It was attacked as many as three times in 2021. The first hack cost the company $37 million. The second – $29 million. During the third attack, $130 million worth of cryptocurrencies were stolen from the company.
3. Liquid. It is a Japanese cryptocurrency exchange platform. It suffered a loss of about $97 million. After the attack, Liquid suspended all deposit and withdrawal operations.
4. bZx. Another DeFi platform. The hacker used phishing and stole private keys. He gained access to the developer’s wallet. Thus, he stole cryptocurrencies worth $55 million.

Summary 2022

The beginning of the year was not very kind to investors. Despite price declines, hackers and thieves did not take a break. According to Atlas VPN, hackers stole “only” $1.3 billion in the first quarter of 2022. They committed “only” 78 hacking attacks. Moreover, the hacks on Ethereum and Solana caused more than $1 billion in losses in the first quarter of the year….

Ethereum was attacked 18 times in 2022. Losses reached $636 million. The largest attack took place in March 2022, when hackers attacked Axie Infinity’s sidechain – Ronin Network. The theft totalled $610 million – 173,600 ETH and 25.5 million USDC.

Solana is not being left behind. Hackers attacked it five times. The losses totaled $397 million. The hacker took advantage of a signature verification flaw in the network and created Wormhole-wrapped Ether. Losses were estimated at $334 million.

Hackers also breached 14 projects in the Binance Smart Chain system. As a result, losses amounted to about $100 million. The QBridge deposit function was exploited and the Qubit protocol was attacked. The cybercriminal generated $80 million in xETH security.

Then – the attack on IRA Financial Trus. It cost the company $36 million.

The NFT market is also not coping with intrusions. In 2022, they were the most popular target for hackers. The attacks mainly occur on Discord, where hackers launch phishing attacks and steal users’ NFTs. In addition, many crooks launch NFT projects that end in rug pulls.

Summary

Over the past decade, hackers have had their little harvest. Cryptocurrency technology has grown tremendously. Unfortunately, there are still many companies that do not have adequate security measures in place and allow hackers to profit from their victims.

More than $12 billion in cryptocurrencies have been stolen in the past 11 years. The number of hacks on DeFi has also increased. In 2014, the amount of money lost due to hacking attacks reached $645 million. Worst of all – the amounts are not decreasing. Since then, they have been steadily increasing and in 2021 they approached the sum of $3.2 billion.