Cryptocurrencies are a new breed of assets capable of making tremendous investment returns. As a result, more investors are flocking to earn their share of profits by developing various protocols that harness the profit-making abilities of cryptocurrencies. However, this influx witnessed by the crypto markets is not just limited to investors. Cybercriminals follow suit due to the exponential value appreciation these digital assets bring.
As cybercriminals find innovative ways to rob cryptocurrency investors, Chainalysis said 2022 is the biggest year for user funds lost to hacking incidents. Assets worth over USD 3 billion have already been reported as lost to such incidents this year. According to Chainalysis’ earlier reports, 2021 witnessed a loss of $3.2 billion worth of crypto assets to hackers, which 2022 looks to surpass within a couple of months until the year ends. October has been the biggest month for hacks this year, as over $700 million was reported to be stolen within the first two weeks of the month. Pretty apt for the Halloween-bearing month, no?
As the world celebrates this horror-themed holiday, let’s look at stories of crypto hacks that will incite fear in every crypto investor.
There are several ways one can go about losing their crypto assets. Still, the process involves bad actors gaining unauthorized access to user funds and transacting them out of their wallets. Since cryptocurrency transactions are irreversible, the owners are powerless once their funds are stolen. These shady transactions result from hackers gaining access to private wallet keys and seed phrases through various methods like software attacks, malware, and social engineering, leading to losses yearly by cryptocurrency users.
The Ronin Hack
The Ronin network, home to the famous NFT play-to-earn gaming protocol Axie Infinity, suffered the biggest hack the cryptocurrency world has seen yet on March 23, 2022. A whopping $615 million was stolen by hackers in the form of ETH and USDC tokens from the Ronin sidechain, an Ethereum scaling solution made specifically for the play-to-earn game.
While such incidents are detrimental to cryptocurrency projects, the users of these platforms suffer the true loss – the gamers on this specific protocol. For example, Jack Kenny, a 23-year-old Axie Infinity player from Ireland, stated that he was down about $10,000 because of the hack. However, he wasn’t the only one who lost significant amounts of money because of the hacking incident. Several players considered this game a source of income, many of whom were victims of lost funds, just like Jack.
The NFT collectible game relied on the Ronin chain so users could transact fast and cheaply without causing any issues to the gameplay or transactional processes. The chain relied on the Proof-of-Authority consensus model to keep itself decentralized while exhibiting high transaction rates. The nine validator nodes participating in the consensus mechanism had a multisig configuration set up, where five out of nine validator wallet private keys were needed to sign withdrawals. When the hackers gained access to the requisite private keys through a vulnerability in one of the nodes, they siphoned away funds staked in smart contracts that belonged to users like Jack through falsified transactions. While this attack resulted in the largest hack in the crypto world, such incidents are not infrequent at all in the DeFi space.
The EasyFi Hack
EasyFi, a layer 2 DeFi lending protocol that works to provide quick transaction settlements on multiple chains, experienced a hack to the tune of $81 million in April 2021. Hackers transferred funds out of the protocol’s admin wallets that had the control of assets spread out in several lending pools from which $6 million worth of stablecoins were stolen. An additional $75 million worth of EASY tokens were also sent to a single crypto wallet belonging to bad actors.
While protocol-level hacks such as these lead to users losing their funds for no fault, hacks aimed at individuals highlight the negligence exhibited over cybersecurity measures. The easy hack is a unique mixture of a protocol-level hack aimed at an individual, as the hackers targeted the DeFi protocol’s CEO. A laptop he possessed had access to wallets containing many stablecoins and the native EASY tokens staked in the protocol’s lending pool smart contracts. Hackers drained these funds out of the wallets as they managed to infect the laptop with malicious programs.
The stolen assets were stored in a MetaMask wallet – a hot wallet application. Hot wallets provide quicker means of initiating transactions and are considered the least secure solution for storing cryptocurrency due to their interaction with networks. The negligence exhibited by the CEO of the EasyFi protocol in storing large amounts of protocol funds in a vulnerable environment made it extremely easy for the hackers to steal the assets by manipulating the MetaMask browser extension.
Cameo CEO’s Crypto Wallet Gets Hacked
Steven Galanis, the CEO of the popular personalized video app Cameo, was hacked, leading to the malicious entity stealing NFT pieces and crypto tokens from the entrepreneur’s MetaMask hot wallet. Like with DeFi protocols, NFT wallets and marketplaces too, witnessed an alarming number of hacks with the increase in the popularity of these unique tokens.
Steven’s MetaMask wallet, installed on his iPhone, was completely depleted of its contents due to a severe flaw that the hot wallet introduced in an update – backing up the twelve-word wallet seed phrase to user iCloud accounts. Seed phrases are used to retrieve access to wallets whose keys are forgotten or lost. As a result, it was only a matter of time before a hacker gained access to Steven’s iCloud, retrieved the seed phrase, and gained control of all the assets stored on it. By hacking into his iCloud, the cybercriminal could access all his assets and direct them out of his wallet.
The wallet included multiple popular NFTs, including a Bored Ape Yacht Club NFT, among others, and over 9000 APE coins. The assets in the compromised hot wallet added up to $231,000.
Yet Another Hot Wallet Hack
The hot wallet’s internet connectivity offers hackers myriad ways to gain access to wallet-related funds, sometimes circumventing security measures introduced by the developers. While two-factor authentication is gaining traction as a cybersecurity measure for all applications, hackers are getting smarter and using techniques like SIM swaps to outmaneuver additional authentication associated with cryptocurrency storage applications. Since two-factor authentication relies on codes communicated through text messages, hackers are convincing telecom providers to swap cryptocurrency user phone numbers for new SIM chips held by them.
This was the case with Michael Terpin, an entrepreneur and a cryptocurrency investor who had $24 million worth of lesser-known cryptocurrency assets stolen from his online hot wallets because of a SIM-swapping incident in 2018. The hackers gained access to his Gmail accounts, resetting passwords shortly after the network on his phone dipped as a hacker managed a successful SIM swap. The access to Michael’s Gmail accounts and phone number allowed the hacker to access his cryptocurrency wallets and relevant sensitive information needed to transact the entirety of its contents.
Cold Wallet Hack
Cold wallets are known to be the safest cryptocurrency storage solutions out there. Individuals and platforms use these secure wallet infrastructures to store large amounts of a cryptocurrency over hot wallets. The preference is because cold wallets offer secure offline environments for storing cryptocurrency away from network connections. In such scenarios, however, hackers turn to the weakest link in the chain – the owner of the cold wallet – through methods like phishing attacks.
A Redditor was a victim of such an attack when they realized that the funds maintained in their Ledger Nano S, around $104,000 worth of various cryptocurrency assets like ETH, AAVE, MATIC, and more, were stolen from the highly robust device. Of course, it is impossible to transact funds from a cold wallet without private keys, implying that the user’s keys were somehow compromised. After thorough probing from various commenters on the post, the original poster remembered entering their wallet seed phrase into a Ledger Live page a year before the hacking – something that Ledger never asks its users to do. At this point, it was certain that hackers had convinced him to share access to his wallet.
The victim lost his funds to a phishing attack launched at several Ledger users, whose emails were leaked along with their house addresses and phone numbers. As a result, Ledger went through a massive data breach leading to the doxing of thousands of its customers. The hackers convinced users to click on the malicious link in their email and enter their wallet seed phrases and other credentials on their landing page. The link downloaded trojans on the users’ devices, too, allowing for transactions to be created and signed when users connected their cold wallets to the infected devices. These transactions emptied all assets from the wallet, resulting in the loss of huge amounts of value, as witnessed by the Redditor from one of the safest storage solutions.
The above incidents were nothing more than a nightmare for the users/owners of the respective crypto/blockchain protocol assets. Both hot and cold wallets were vulnerable to malicious incidents and led to disastrous outcomes in the said scenarios. Could these unfortunate events be averted? Yes. Was there a way to safeguard the tokens and block the movement of funds? Yes. Was there a way to blacklist wallets utilized by hackers to route their loot? Absolutely, yes.
Recent developments in blockchain wallets have made it possible to flag the source and destination of “dirty crypto money.” That, in turn, can help crypto users and law enforcement professionals become aware of online miscreants and their notorious activities.
The rise of AML/KYC-compliant wallets and wallet companies has greatly helped legitimate users benefit from the crypto ecosystem while significantly restricting the misuse of crypto assets to further unlawful activities. Nonetheless, hackers have tried their best to surpass technologies implemented by such companies to visualize and gain unauthorized access to user funds.
But wallets such as AMLSafe have thwarted such attempts too, with their proprietary in-house expertise. AML Module, their top feature checks for illegal activities that beneficiary wallets might be associated with, blocking transfers to wallets involved in fraudulent transactions and preventing the possibility of fund loss to AMLSafe users.
These are the measures that crypto asset storage solutions and transaction facilitators should employ to safeguard the interests and future of the crypto community.
Disclaimer: Nothing in this article constitutes professional investment advice. Please do your own thorough research before making any investment decisions.
L O A D I N G
. . . comments & more!