Hackers stole about $3.8 billion in 2022, making it a record year for stolen digital assets, according to the report. latest report From blockchain analytics company Chainalysis.
According to the report, 82.1% of the money was stolen from DeFi protocols, mostly through bridge exploits targeting code vulnerabilities. North Korea-linked hacker Lazarus Group stole about $1.7 billion from the total this past year.
Meanwhile, according to Chainalysis, a new crypto-mixer called Sinbad has become hackers’ go-to protocol for laundering stolen funds after the demise of Tornado Cash.
A record year for crypto hackers
The DeFi protocol hacking trend that began in 2021 has intensified through 2022, according to a Chainalysis report.
Funds stolen from DeFi protocols accounted for 82.1% of the total, or about $3.1 billion. Compared to the stolen volume in 2021, the number is up 73.3% on an annual basis.
Meanwhile, 64% of the $3.1 billion stolen from DeFi protocols was due to bridge exploits in the past year. The biggest exploit of the year was Axie Infinity’s Ronin bridge hack in March 2022. Hackers exploited the bridge to steal $612 million from him, which then began moving through mixers such as Tornado Cash and Chip Mixer over the next several months.
Hackers stole about $775.7 million in October 2022, making it the worst month of the year.
Bridge protocols enable interoperability between blockchains. It facilitates the transfer of cryptocurrencies from one blockchain to another by locking assets in smart contracts on the original chain and creating equivalent assets on the second chain.
However, these smart contracts are centralized repositories of large amounts of money, making them prime targets for hackers looking for weaknesses inherent in the code architecture.
North Korea-linked Lazarus Group responsible for most of the exploits
The cybercrime syndicate Lazarus Group, which the FBI has ties to North Korea, has been a major perpetrator of cryptocurrency hacks in recent years.
In 2022, Lazarus set a new record by stealing an estimated $1.7 billion through multiple hacks.
According to Chainalysis, North Korea-related hacking groups tend to launder money through custodial mixers rather than decentralized exchanges (DEXs).
Following the August 2022 sanctions against Tornado Cash, North Korea-linked hackers allegedly turned to another controlled mixer, Sinbad.
Sinbad is a newly founded managed bitcoin mixer that started promoting its services on the BitcoinTalk forums in October 2022. Chainalysis investigators discovered North Korea-linked hackers sending funds to the service in December 2022, as shown in his Chainalysis Reactor graph below.
