2022 was the biggest year ever for crypto hacking

An illustration of Bitcoin with a financial value graph
(Image credit: eToro)

When it comes to cybercriminals stealing money from cryptocurrency companies and protocols, 2022 was the worst year - ever. 

A report from Chainalysis claims that in 2022, $3.8 billion in various tokens were stolen. 

Drilling deeper through the year, the analysts discovered major spikes in March and October, with the latter becoming the biggest single month for crypto theft - ever. That month, a total of 32 separate attacks occurred, leaving businesses $775.7 million short.

Lazarus Group dominating

Most of the attacks saw hackers after decentralized finance (DeFi) protocols. 

The trend, which started in 2021, spilled into 2022, with DeFi protocols making up 82.1% of all crypto hack incidents last year (up from 73.3% the year prior). All in all - $3.1 billion were stolen, with two-thirds of that sum (64%) being taken from cross-chain bridge protocols.

Numerous hacking groups were involved, but one specific stands out as the worst performer - the North Korean Lazarus Group. This group is said to have strong ties with the country’s government and apparently uses the money stolen in crypto hacks to fund the country’s nuclear weapons program.

In 2022, the group amassed an estimated $1.7 billion in various cryptocurrency tokens, with $1.1 billion being taken from DeFi protocols alone.

Chainalysis tried to illustrate the power the group holds, saying that in 2020, North Korea exported a total of $142 million worth of goods.

But the problem with these hacks is that Lazarus Group usually ends up with large quantities of illiquid tokens, which they first need to exchange for more liquid ones. To do that, they move the tokens to other DeFi protocols, and only then move them to mixers - crypto projects which crooks usually use to launder money. 

Still, law enforcement is fighting back, the researchers say, reminding that last year $30 million worth of cryptocurrency stolen in the Axie Infinity Ronin Bridge hack was retrieved. “We expect more such stories in the coming years, largely due to the transparency of the blockchain,” the researchers concluded.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.