Bear Market or Bull Market, hackers never stop working to try to steal millions of dollars from users and platforms in the cryptocurrency world. The reason is simple: these hackers are attracted by all the money present in this universe, and the low level of security overall.
Whether it's the users, the bridges, or the platforms, there are always loopholes for these hackers to exploit. This is where you see why Bitcoin is evolving at what some would call a slow pace. Everything is done in the Bitcoin world to avoid these dramas that will make users lose a lot of money.
So I will quickly go over with you the top 10 hacks in the cryptocurrency world since the beginning of the year 2022. Then, I will present you some lessons to learn for the future so that these hacks don't happen anymore, or more realistically, that you are not impacted anymore.
Crypto.com on January 17 - $35M
A hacker has disabled the two-factor authentication on the exchange platform Crypto.com. This allowed him to steal 4,836 ETH and 443 BTC.
The Crypto.com platform finally managed to reimburse all customers affected by this hack. The downtime of the withdrawal infrastructure was only 14 hours and Crypto.com had committed to strengthening the security of its infrastructure:
Qubit on January 27 - $80M
On January 27, 2022, hackers stole 206,809 Binance Coin from Qubit's QBridge protocol via a smart contract bug. At the time of the hack, the stolen assets were valued at over $80M. Developers were forced to rebrand as a decentralized autonomous organization (DAO).
![]()
Wormhole on February 2 - $325M
Wormhole on February 2 - $325MWormhole hackers exploited smart contracts on the bridge SOL-ETH and cashed out without depositing any collateral. Funds were replenished by the VC “Jump Crypto”.
IRA Financial Trust on February 8 - $37M
IRA Financial Trust is a crypto-focused retirement and pension platform. IRA Financial Trust had its platform breached by hackers who managed to obtain a master key to misappropriate $37M. IRA Financial Trust then blamed Gemini. IRA Financial Trust is now suing the crypto exchange Gemini for alleged negligence.
Cashio on March 22 - $52M
Worthless collateral was used to infinitely mine the Cashio Dollar, a stablecoin pegged 1:1 to the US dollar. The peg dropped to zero, $52M was stolen, and CASH is now worthless:
![]()
Axie Infinity on March 28 - $625M
Axie Infinity on March 28 - $625MThe Ronin Bridge hack remains to this day the most expensive crypto hack in US dollars. The hackers took control of a majority of the cryptographic keys. 4/9 keys were stolen when an Axie developer clicked on a fake job offer PDF.
Beanstalk on April 17 - $182M
Hackers used “flash loans” to take control of the stablecoin governance protocol. Funds were continuously borrowed and repaid in the same transaction. The hacker passed a proposal to donate funds to Ukraine before stealing the remaining collateral.
Fei Protocol on April 30 - $80M
A bug in the loan protocol code allowed a hacker to take out a loan while removing the collateral put up on the loan. The DAO repaid the bad debt on behalf of the hacker.
The FEI stablecoin remains at $1 parity today.
Harmony on June 23 - $100M
Lazarus, the infamous North Korean hacking group, managed to get 2/5 security keys before they started approving transactions. Assets were then stolen from the Horizon Bridge, which allows assets to move Harmony and the Ethereum and BnB smart chain networks.
Nomad on August 1st - $190M
An update to one of the Nomad platform's smart contracts has made spoof transactions easier for users. Users were able to withdraw money from the Nomad bridge. Whitehat hackers have since returned $33.3 million worth of funds.
Lessons to be learned
The first lesson is always the same for me. You have Bitcoin on one side, and cryptocurrencies on the other. Bitcoin has never been hacked since its launch on January 3, 2009. So when you buy Bitcoin, you are investing in the future. Once you take possession of your private keys, you have the power.
Then you have the world of cryptocurrencies. Hacks and scams abound in this world, which is truly the Wild West, to borrow a phrase from Gary Gensler.
If you're serious, you'll opt for Bitcoin, and leave Altcoins aside to avoid risking your money. But since a majority of the participants in this universe don't seem to understand this, or let their greed guide their choices, Altcoins may still have a long way to go...
While the majority of hacks in 2021 were social engineering attacks, we have seen a major difference so far in 2022. Hackers are using more code exploits and flash loans. Hackers no longer rely on a large number of people falling for phishing scams but are instead able to attack the DeFi protocols directly.
The rise of Blockchain Bridges is not without risks, as attacks are focused on these bridges that have a lot of vulnerabilities. The biggest hacks of 2022 are related to these bridges. More than $2B has been stolen this way since the beginning of 2022.
Huge security efforts need to be made. More security audits, and most importantly, more follow-up on the vulnerability fixes that come to light as a result of these audits. In the future, it will be helpful to have smart contract audits of every line of code, both before launch and any time the code is changed.
2022 has also been the biggest year for North Korean-affiliated hacking groups so far. With the Tornado Cash sanctions setting a precedent in the crypto industry, where will hackers turn to now?
The other question to ask is: what will the European and American regulators do in the coming months regarding this cryptocurrency industry?
In Bitcoin We Trust Newsletter: Everything around Bitcoin, Blockchain, and the cryptocurrency market
