A recent report by Chainalysis, a blockchain data platform that provides data, software, services, and research to government agencies, exchanges, and financial institutions, has estimated that a total of $2 billion in cryptocurrency has been stolen from cross-chain bridges across 13 separate hacks so far this year. The report mentions that attacks on cross-chain bridges have accounted for 69% of total funds stolen so far this year, the worst in crypto history.
The cryptocurrency space is growing and the need for cross-chain bridges is so important in other to connect the world of crypto to create an interoperable ecosystem that can realistically compete with the banking industry. A cross-chain bridge connects independent blockchains and enables the transfer of assets and information between them, thereby allowing users to access other protocols with ease.
Per the report, Q1 2022 was by far the quarter that saw the most amount of crypto stolen since 2021, due mainly to the Ronin Bridge Attack in late March, which saw $625 million in Ether (ETH) and USD Coin (USDC) stolen. Q1 saw nearly $1.5 billion stolen with 75% of them representing bridge hacks.
RelatedStories
What you should know
- Bridges are necessary in the crypto space because blockchains are unable to communicate with each other. For example, you cannot use BTC on Ethereum or ETH on BTC, hence why knowing the wallet network is very important before sending crypto through the blockchain. This contrasts with the legacy systems like banking, where your credit card can work for several providers.
- The astronomical amount stolen through cross bridges represents a “significant threat to building trust in blockchain technology,” according to Chainalysis. They explained that as more value flows through cross-chain bridges, they become more attractive victims for hackers.
- The report explains that bridges are now a top target for North Korean-linked hackers, who, according to Chainalysis estimates, have stolen approximately $1 billion, representing 50%, worth of cryptocurrency so far this year, entirely from cross-chain bridge hacks and other DeFi protocol hacks.
- For perspective and to show you how significant this issue is, South Korea’s government-run statistical agency estimates the country earned $89 million from official exports in 2020 alone. This means North Korean hackers are making over 1,000% than a whole country.
- The report explains that bridges are an attractive target for hackers because they often feature a central storage point of funds that back the “bridged” assets on the receiving blockchain. The report continued to say, “Regardless of how those funds are stored, locked up in a smart contract or with a centralized custodian, that storage point becomes a target.”
- Additionally, per the report, the effective bridge design is still an unresolved technical challenge, with many new models being developed and tested. These varying designs present novel attack vectors that may be exploited by bad actors as best practices are refined over time.
- The most recent bridge attack was on the Nomad Bridge which saw $190 million stolen in the month of August. Interestingly, in a July 22 clip posted on Twitter, almost two weeks before the recent attack, Nomad founder, James Prestwich, stated that it will be “at least another year or two before there is enough familiarity across chain security models to build defenses as a standard.”
- He further stated, “In cross-chain systems, we haven’t built up that kind of expertise about attacks yet, people don’t know what the common attacks are, and so they don’t defend against them.”
- Chainalysis explained that this same scenario happened when it came to centralized exchanges. It stated, “Just a few years ago, centralized exchanges were by far the most frequent targets of hacks in the industry. Today, successful hacks of centralized exchanges are rare. That’s because these organizations prioritized their security, and because hackers are always looking for the newest and most vulnerable services to attack.”
As a measure of a solution, Chainalysis stressed that cryptocurrency services, including bridges, should start investing in security upgrades and training sooner rather than later. It stated, “A valuable first step towards addressing issues like this could be for extremely rigorous code audits to become the gold standard of DeFi, both for those building protocols and for the investors evaluating them. Over time, the strongest, safest smart contracts can serve as templates for developers to build from.”
