Recent years have seen a rise in high-profile incidents involving hacking and scamming in the cryptocurrency market, resulting in millions of dollars in losses for investors in 2022 alone. These events have led to concerns about the security and stability of the crypto market and have caused many to question the safety of their investments.
One notable example is the FTX trading platform and exchange, which filed for bankruptcy in November 2022 after an investigation found that CEO Sam Bankman-Fried had misused customer funds, with an estimated loss of $1-$2 billion in customer funds.
What happened with FTX Crypto?
The FTX Crypto Scam of 2022 was a fraudulent scheme involving the FTX cryptocurrency exchange. Reports surfaced that the exchange had been deceiving users by manipulating trading volumes and prices on the platform, leading to significant financial losses for those affected. In addition, there were also allegations of insider trading and other unethical practices. The scam was brought to light by several prominent figures in the cryptocurrency community, and the exchange was eventually shut down by regulatory authorities. Many users were left out of pocket, and the incident caused widespread damage to the reputation of the cryptocurrency industry as a whole.
Other major incidents include the Ronin Network hack, in which $615 million in USDC and Ethereum were stolen in March 2022, the Wormhole crypto bridge losing $320 million in Ethereum to a hacker in February 2022, and the JuicyFields.io scam resulting in $273 million in losses for investors.
Data Source: Miklos Zoltan, Founder of privacyaffairs.com
What were the top crypto scams and hacks in 2022?
The chart below highlights the top 11 biggest crypto scams and hacks in 2022, ranked by the amount of money (in USD) that was stolen or lost.
Where are these attacks coming from?
Ranked below are the top cryptocurrency ecosystems that have resulted in the highest amounts of dollars lost.
The statistics provided indicate that DeFi protocols have been a major target for hackers in the past two years, with a significant portion of stolen money and cryptocurrency coming from these types of platforms. In 2021, DeFi protocols were the source of 72% of stolen funds and 21% of all crypto hacks that year occurred by exploiting vulnerabilities in DeFi.
The trend has continued in 2022, with 97% of all stolen cryptocurrency being acquired from DeFi protocols. Additionally, the number of successful hacks and the amount of money stolen have continued to increase, with an estimated loss of $1.4 billion from breaches on cross-chain bridges alone.
The trend of large scale hacks and thefts from DeFi protocols is alarming and it highlights the need for increased security measures to be implemented in these platforms.
Phishing is a common tactic used by hackers to steal personal information and private keys from individuals and companies, which can then be used to steal cryptocurrency from their accounts. In the context of DeFi protocols, phishing attacks target users of these platforms by tricking them into giving away their private keys or personal information, such as their seed phrases or login credentials.
For instance, a hacker might create a fake website or social media account that looks like a legitimate DeFi protocol, and then send phishing emails or messages to users, asking them to log in or provide their private key information. Once the user provides this information, the hacker can then use it to steal their cryptocurrency or take over their account.
Phishing is a significant threat to the DeFi ecosystem, as it can result in significant losses for both individual users and companies that hold large amounts of cryptocurrency. Just recently on January 3rd, 2023, a DeFi whale lost $3.4 million worth of GMX tokens due to a phishing attack.
How to protect against crypto phishing attacks
If you’re a cryptocurrency foundation or business that operates directly in the industry, brace yourself for an exciting challenge! As the industry is growing and evolving, you are becoming an increasingly attractive target for malicious actors. Thieves will attack your brand, mercilessly stepping on your domain and putting up fake sites to fool and scam your customers.
To combat these threats, it is crucial to have solutions in place that can detect brand infringements, phishing campaigns, and other scams early on before they can impact users and corporate infrastructure. Detection of malicious activity needs to be not only be fast but scale to the entirety of the internet: from fake sites to fake social media accounts. Detection needs to also be paired with an automated takedown workflow that allows for a speedy resolution to online crypto threats.
One way to protect against crypto phishing attacks is to use a comprehensive platform such as Bolster. Bolster offers efficient protection across web, social media, app stores, and the dark web to combat fake sites and content globally.