Top 6 cross-chain bridge hacks in 2022
Updated: Mar 28
2018 was the year of crypto exchange attacks, but bridge hacks indeed characterize 2022.
The cryptocurrency industry -especially the world of decentralized finance- is expanding like wildfire. Always more people are interested in blockchain technology and its related developments. Unfortunately, in proportion to the collective interest, scams and hacks also grow.
For this reason, it is essential to constantly inform and study thoroughly to recognize the dangers or unclear things and avoid them.
Over $2 billion were stolen via cross-chain bridges and swappers in 2022; this article will retrace this year's history, analyzing the most severe hacks that have affected well-known bridges.
The top 6 cross-chain bridge hacks in 2022
Ronin | $600 million
In March of this year, approximately $600 million in ETH and USDC were stolen from Ronin Network, the Ethereum-based sidechain for the play-to-earn game Axie Infinity.
The hacker allegedly used a private key leak to obtain bogus withdrawals from the Ronin bridge contract in two transactions.
Wormhole | $320 million
The Wormhole protocol, a well-known cross-chain bridge, announced an exploit in February. The hacker apparently exploited the bridge between the Ethereum and Solana blockchains. It redirected around $320 million worth of ETH to crypto wallets that don’t belong to the Wormhole team.
The analysts quickly noticed three suspicious transactions. The hacker minted 120,000 wETH that look like Wormhole’s “wrapped” ETH on the Solana blockchain.
Some minutes later, the exploiter bridged 10,000 ETH to the Ethereum blockchain, and subsequently, another one of 80,000 ETH transactions occurred on the Ethereum blockchain. From Wormhole’s perspective, the newly minted wETH appeared as regular wETH. Wormhole released ETH to an Ethereum wallet based on those wETH, so the exploiter essentially stole some ETH from Wormhole’s reserves.
Nomad | $200 million
In August, the cross-chain protocol Nomad was exploited for around $200 million in digital assets. A vulnerability in one of the smart contracts (message verification vulnerability) allowed a hacker to spoof transactions. The flaw was that when a user transferred funds from one blockchain to another, Nomad allegedly never checked the amount, enabling the user to withdraw funds that didn’t belong to them.
The incident affected Wrapped Ether (wETH), USD Coin (USDC), wBTC and other tokens drained from the bridge. It shook the entire crypto industry because the hackers went to impersonate Nomad employees to steal even more funds.
Harmony | $100 million
In June, Harmony claimed that it had discovered malicious attacks on the Horizon bridge that drained $100 million worth of various crypto assets due to a private key leak.
The Horizon bridge, which connects the Harmony blockchain to others, suffered a multi-sig wallet flaw that impacted about 65,000 wallets and fourteen types of assets.
Harmony said in its blog post that immediately following the attack, multiple cybersecurity partners, exchange partners and the FBI were notified and requested to assist with an investigation in identifying the culprit and retrieving stolen assets. It immediately blocked the bridge to prevent further transactions.
BSC | $100 million
The Binance Chain was exploited this October. Hackers looted the bridge of around more than $100 million. The Binance Chain decided to suspend transactions and fund transfers after discovering a flaw affecting the BSC Token Hub cross-chain bridge.
A message verification vulnerability allowed black hat to forge messages, enabling them to mint new BNB tokens.
Since the stolen tokens were not preexisting tokens taken from wallets, no user funds were impacted.
The Binance team reported that the hacker initially withdrew 2 million BNB (with a value of $568 million). Still, the blockchain security company SlowMist claimed that the breach’s impact was about $110 million because most of the stolen tokens couldn’t be transferred following the suspension of the chain.
Immediately after the attack, the company's CEO, Changpeng Zhao, posted a Tweet:
Qubit | $80 million
Qubit Finance was exploited at the beginning of the year in January. After a malicious actor reportedly exploited the DeFi protocol to mint unlimited tokens on the Binance Smart Chain-based platform.
The logical vulnerability was exploited several times to increase the loot, totalling nearly $80 million, making this hack one of the largest in DeFiYield’s Rekt database. The hacker made the platform think they had made a deposit; however, they traded the assets for BNB and disappeared.
We learned what rug pulls are and how to avoid them. But that’s not enough. We also have to pay attention to bridges.
It turned out that most of these cyber attacks were committed by North Korean- affiliated hacking groups known as Black hats. The truth is, it doesn’t matter who the culprit is as much as it is crucial to study projects carefully, including whitepapers and documentation related to tokenomics and start working on some code to realize the presence of flaws or breaches in the code.
As the co-founder of Ethereum, Vitalik Buterin stated:
The fundamental security limits of bridges are a key reason why I am optimistic about a multi-chain blockchain ecosystem.
What do you think about these words? Are you agree with him?