Hackers exploit security vulnerabilities in third-party wallets, cross-chain bridges, and hot wallets to steal millions of dollars worth of cryptos, as the attacks on Nomad and Ronin cross-chain bridges, the Trust and Slope wallets, and the ZB crypto exchange have shown.
Although blockchain technology is revolutionising how we interact online and has emerged as a worthy opponent to the traditional banking system, it is also susceptible to hacking. According to a report by Atlas VPN, a free VPN app, blockchain hackers stole more than $1.3 billion in Q1 2022 alone.
Here Are Three Types Of Crypto Hacks
A blockchain bridge is a connection that allows the transfer of digital assets from one blockchain to another. Bridges have emerged as a solution to connect different blockchains and serve as an intermediatory. When you transfer a token with cross-chain bridges, you are sending funds as tokens to the bridge protocol, which locks those funds into the contract on one chain. Then, the user is given funds in the form of wrapped tokens on the desired chain.
These wrapped tokens are backed by cryptocurrency stored in the reserve of the bridge. Just like exchange charges a trading fee to exchange funds, a bridge charges a gas fee, which is usually very high and is feasible only if you are trading in huge volumes. A Chainalysis report estimates that $2 billion in cryptocurrency has been stolen across 13 separate cross-chain bridge hacks.
Recently, the Nomad bridge was hacked due to a security flaw, and almost $200 million worth of crypto was drained from reserves. A small group of hackers took advantage of the security flaw to break into the system. Previously, Ronin Bridge, an ETH sidechain built for play to earn game Axie infinity, was hacked, and the hackers stole approximately $650 million worth of crypto.
Wallets are hardware or software programs where the private keys to your wallet addresses on a blockchain are stored. These private keys are your access to your crypto deposits, and keeping them safe is the most important task.
If you keep your cryptos in a custodial wallet, in that case, your private keys are kept in a cold storage platform, and it’s like investing in a commodity without holding the item yourself. Having your private keys is like holding cash. You can store your keys in a software wallet (web extension or desktop), called a hot wallet, or a hardware wallet known as cold storage.
A hot wallet is susceptible to hacking as it is connected to the internet, but the cold wallet is much more secure. Hot wallets are third-party applications and might have security vulnerabilities. Recently, around 8,000 hot wallets, mainly Trust wallet and slope wallet, were hacked using a Supply Chain Attack to steal the private keys and drain the wallets.
A crypto exchange is a platform where traders or investors buy and sell digital assets using fiat currency. Usually, crypto exchanges have huge reserves. Some amounts of crypto are stored in hot wallets for trading, but most of the crypto is stored in cold wallets. The main target of the hackers is the custodial keys held by an exchange.
Recently, $4.8 million worth of crypto was stolen from the ZB exchange. Peckshield, a cybersecurity organisation, stated that over 20 digital currency tokens were transferred from the exchange’s hot wallet to an address thought to belong to hackers. The hacker moved the funds from the first wallet to another wallet from which he sold 2,224 ETH worth $3.6 million. ZB exchange has currently suspended all currency recharge and coin withdrawals, citing maintenance issues.