Hackers stole roughly $3.8 billion in 2022, making it a record year for stolen digital assets, according to the latest report from blockchain analysis firm Chainalysis.
According to the report, 82.1% of the amount was stolen from DeFi protocols, mainly via bridge exploits targeting vulnerabilities in code. North Korea-linked hackers Lazarus Group stole roughly $1.7 billion out of the total during the year.
Meanwhile, a new crypto mixer called Sinbad has become hackers’ go-to protocol to wash stolen funds after the demise of Tornado Cash, according to Chainalysis.
Crypto hackers’ record year
According to the Chainalysis report, the trend of DeFi protocols getting hacked which began in 2021, has intensified over 2022.
Funds stolen from DeFi protocols made up 82.1% of the total — roughly $3.1 billion. Compared to the amount stolen in 2021, the number is up 73.3% on an annual basis.
Meanwhile, 64% of the $3.1 billion stolen from DeFi protocols came from bridge exploits over the year. The biggest exploit of the year was Axie Infinity’s Ronin bridge hack in March 2022. Hackers exploited the bridge to steal $612 million and, over the coming months, began moving it through mixers like Tornado Cash and Chip Mixer.
Hackers stole roughly $775.7 million in October 2022, making it the worst month of the year.
Bridge protocols allow for interoperability between blockchains. They facilitate the transfer of cryptocurrency from one blockchain to another by locking assets in a smart contract on the original chain and creating equivalent assets on the second chain.
However, these smart contracts become large centralized repositories of funds, making them a prime target for hackers who can target weaknesses inherent to the code architecture.
North Korea-linked Lazarus Group responsible for bulk of exploits
Cybercriminal syndicate Lazarus Group, which the FBI has linked to the North Korean state, has been the leading perpetrator of cryptocurrency hacks in recent years.
In 2022, Lazarus set a new record by stealing an estimated $1.7 billion through multiple hacks.
According to Chainalysis, North Korea-linked hacking groups tend to favor laundering their funds through custodial mixers, rather than decentralized exchanges, or DEXs.
Following sanctions against Tornado Cash in August 2022, North Korean-linked hackers have allegedly turned to another custodial mixer, Sinbad.
Sinbad is a newly established custodial Bitcoin mixer that started promoting its services on the BitcoinTalk forum in October 2022. Chainalysis investigators discovered North Korea-linked hackers sending funds to the service in December 2022, as shown on the Chainalysis Reactor graph below.
Source: https://cryptoslate.com/hackers-steal-record-3-8b-during-2022-chainalysis/