Trick or Treat: October Sets Record for Cryptocurrency and DeFi Hacks
October 2022 has set a record for cryptocurrency hacks. Three attacks occurred on a single day mid-month, and many others took place in the weeks before.
October 11 Featured Three Exploits
At least three attacks occurred on or around October 11.
TempleDAO and its associated project STAX Finance were hacked for $2.3 million. That exploit saw an attacker forge a smart contract in order to call a function in another contract and then move funds away from the project on the Ethereum blockchain. TempleDAO and STAX are now attempting to compensate affected users.
Mango Markets, a decentralized exchange, was also attacked. The attacker manipulated a price oracle to steal $100 million. That attacker is now holding the stolen money ransom, promising to return it if the Mango Finance governance community agrees to repay an unrelated debt on the Solana project Solend.
Rabby Swap was exploited for the smaller sum of $200,000. An attacker found an exploit in the project’s smart contracts that allowed the movement of funds. The incident occurred just a month after the project’s launch.
Paraswap was allegedly the target of an attack on the same day as well. Supremacy Inc. suggested that a deployer address private key had been compromised. Paraswap, however, investigated the issue and found no exploit.
Other Attacks This Month
Those attacks are not the only incidents this month. Chainalysis reports that a total of eleven hacks occurred in the first two weeks of October.
Another high-profile attack this month targeted Binance’s BNB Chain. In that incident, an attacker managed to forge a block through a message verification vulnerability in the blockchain. Though that attack could have resulted in the theft of $570 million stolen, the platform managed to limit the damage to $100 million.
A total of $718 million has been stolen this month, and that amount will increase this year’s total. Chainalysis concluded that 2022 “will likely surpass 2021 as the biggest year for hacking on record,” noting that hackers have grossed $3 billion this year.
Chainalysis noted that attackers are now targeting centralized exchanges to a lesser extent and are instead focusing on DeFi platforms and cross-chain bridges.
As such, cryptocurrency investors have little to fear if they are investing through major exchanges but should take caution if they are investing through on-chain platforms.