As per a 13 February report by CoinGecko, in tandem with DeFiYield’s REKT database, exploiters used an array of methods to steal nearly half of the total cryptocurrency stolen in 2022. This included circumventing verification processes, manipulating the market, smart contracts, crowd looting, and bridge exploits.
An access control hack was used to carry out the biggest hack of 2022. Sky Mavis, the developer of the popular game Axie Infinity, had its Ronin bridge hacked in March 2022, resulting in the loss of $625 million from the bridge between the Ronin chain and the Ethereum [ETH] network.
Later, it was revealed that North Korean hacking group Lazarus obtained access to five private keys used to sign transactions from five Ronon Network validator nodes. Lazarus used this method to steal 173,600 ETH and 25.5 million USD Coin [USDC] from the bridge.
The second largest exploit of 2022 occurred in February when attackers used a forged signature to bypass verification on the Wormhole token bridge before minting $326 million in cryptocurrency. As Wormhole failed to validate guardian accounts, hackers could mint tokens without the required collateral.
Crowd looting became a news highlight when an insecure smart contract configuration on the decentralized finance token bridge Nomad allowed users to withdraw an unlimited amount of funds in August. More than $190 million were drained during the process.
In October 2022, a market manipulation exploit in which a hacker purchased and artificially inflated its tokens before taking out under-collateralized loans from the project’s treasury. The flash loan attack resulted in the theft of $116 million.
Oracle issue hacks resulted in the theft of $54 million in funds. Hackers used this method
Read more on ambcrypto.com