Top Cross Chain Bridge Hacks Of 2022

avatar

cross chain bridge hacks.png

Cross-chain bridge is a way of connecting two blockchains. They allow you to exchange assets without having to try and use an exchange platform or move through multiple steps in order to get them out of one blockchain and into another.

This is an important tool for crypto investors who want to move their assets around quickly, safely, and easily. It is an emerging technology that is still in development. Bridges allow different blockchains to communicate with each other, opening up the possibility for interoperability between blockchain networks and cross-chain DApps.

In this article, we will look at some of the most bleeding cross-chain bridge exploits that happened in 2022.

Ronin Bridge Hack

On March 23rd, 2022 the biggest crypto hacks happened on Ronin Network which is a side chain to Ethereum. It is used by Axie Infinity, the most popular P2E game at that time. 173,600 ETH & 25.5 million USDC, totaling $650 million, were lost because of that. Ronin bridge had 9 validators out of which signatures of 5 were required to confirm the transactions. The attacker got access to all 5 keys stored in the Sky Mavis (Axie Infinity Developers) servers which were sent back to Axie DAO but they were never deleted originally. 😴

Harmony Bridge Hack

A Harmony Bridge aka Horizon Blockchain bridge was hacked in late June this year and the hacker managed to steal $100m in a variety of crypto assets which were later sold for other cryptos on DEXs. The Harmony Bridge was vulnerable because the hacker needed to access only 2 out of 5 keys required to validate the transactions. Once someone had access to those keypairs, they could initiate transactions on behalf of any user who deposited funds into their account. Because these transactions are irreversible once confirmed by network consensus, there's no way those funds could be recovered. Harmony kept those keys in password management software and the hacker managed to decrypt multiple keys to hack the system.

Nomad Bridge Hack

On the 1st of August, Nomad Bridge which supports over 40 blockchains and has been used for thousands of transactions since its launch in December 2020, was hacked for around $200 million in crypto. Only Ethereum-based assets were attacked due to a connection vulnerability. A message to validate the transaction was failing before approving the transaction and the hacker took this as an opportunity to steal. Thousands of other hackers joined the party later on until the TVL went from $190 million to ZERO. The first hacker dumped all the tokens into Ethereum and cashed out most of it. Over $30 million were returned by hackers but the rest is gone forever.

Wormhole Hack

Wormhole is a cross-chain bridge protocol that allows users to transfer cryptocurrencies and NFTs between the Solana and Ethereum chains. In February, 2022 it was drained of 120,000 wETH (around $320 million) tokens and distributed between the hacker’s Solana and ETH wallets. The hacker found an exploit that allowed them to mint 120k wETH tokens without giving away his own Ethereum locked in the contract during the wrapping of ETH to wETH on Solana. Just after the hack, Solana was dumped heavily. And 120k Ethereum was replenished by Solana Developers as soon as they realized the hack happened. Wormhole also offered a large sum for "bug bounty" to the hackers in exchange for the return of the stolen cryptocurrency.

QBridge Hack

QBridge protocol is an Ethereum to BSC (Binance Smart Chain) bridge that allows users to swap ERC-20 and BEP-20 tokens between the two blockchains.

A user on Chain A wants to send funds (say, $10) to another user on Chain B. The sender sends their $10 transaction to the QBridge contract with an output for “send” and containing the address of the recipient in both chains, along with any other relevant information (such as metadata). The QBridge contract will then send out transactions on both chains in order to transfer those funds from one chain into an account on another chain.

In January 2022, a hacker initiated a deposit transaction via QBridge ETH contract and attached malicious data that passed all of the contract’s checks without depositing Ethereum. This resulted in a loss of $80 million in tokens.

Conclusion

The current state of cross-chain bridges is not a great one. The various hacks that have occurred on these systems have shown the world that even though bridges are essential for the blockchain ecosystem, there's still a lot of work to be done when it comes to security.

Posted Using LeoFinance Beta

interoperability hacks crosschainbridges cent proofofbrain vyb ctp neoxian leofinance
0
0
0.000
22 comments
avatar

I already forgot about these lol

Ronin was crazy but so was every other this whole year... Getting PTSD just by looking at the numbers.

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

Sorry bro! xD

Hackers already bagged over $2 Million in crypto this year. Hacking seems like a high-income skill. 😂 We are on the wrong side of the business.

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating your Leo power to @india-leo account? We share 100 % of the curation rewards with the delegators.

Please contribute to the community by upvoting this comment and posts made by @indiaunited.

0
0
0.000
Reply
avatar

Honestly, this hacks kind of trembles me! One of the reason is the security. Which is why I am keeping separate accounts for almost everything. Although, I am pretty sure that is still not enough but yeah its something.

While disconnecting from the websites which are not really necessary! Taking all the necessary steps as possible to be safe! I might be panicking but yeah better be safe than sorry lol

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

Ronin and Harmony hacks were the dumbest and most stupidest things I have seen. Who even thought these were good design decisions. These people needs to know more about decentralization and good security practices.

I trust Leo Bridge more than these guys. There was a hack. But surely we've learned......I hope we've learned 👻 !LUV !CTP

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share 100 % of the curation rewards with the delegators.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

Read our latest announcement post to get more information.

image.png

Please contribute to the community by upvoting this comment and posts made by @indiaunited.

0
0
0.000
Reply
avatar

The state of all the hacks is kind of crazy. It makes me wonder just how much money is being lost due to all of these hacks because they could be higher than some of the fiat heists.

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

So Knowledgeable blog.Just wondering how big amount gone though hacking. Security issues should be handled more effectively.

0
0
0.000
Reply
avatar
(Edited)

The only hack I've heard (aside from Binance) is about the Ronin hack. I did not read much about it so I just believe that it was a wallet hack. Didn't thought is a bridge hack.

I believe that cross chain security would be bolstered after these hacks. I mean, the hacks exposed some of the holes the developers need to fix. 😊

!1UP

Posted Using LeoFinance Beta

0
0
0.000
Reply
avatar

Nice post. Ironically cryptographic security is the most secure way to hold money in existence. But bypassing cryptographic security to engage in commerce and using much less secure storage methods for funds in transit is our current state of the art technology, and it is a huge weak point in the chain of custody. This points out the validity of the old adage a chain is only as strong as it’s weakest link.

Posted Using LeoFinance Beta

0
0
0.000
Reply