$1.5 Billion was lost to crypto exploits in the last year

In just the last year, 3 big players in the crypto space lost $1.5 billion in crypto assets to hackers. The above chart, created by my co-founder Emmanuel Udotong, shows the 5 largest crypto exploits in history. These hacks were devastating and they share a glimpse into the bustling blockchain economy that has been increasingly dependent on multi-chain networks to scale their user base.?

Poly Network lost more than $600 million when their smart contracts were exploited by hackers in 2021. Smart contract exploits can be more difficult to pull off as big players generally pay thousands and even millions to audit their smart contracts before deployment. However, hackers have still managed to find zero-day exploits like the one with Poly Network where hackers exploited a "vulnerability between contract calls" in the network's multi-chain system. Afterward, Poly Network chose to put out 6-figure bounties for ethical hackers to penetrate the network and find bugs in return.?

Ronin lost a similar amount in another multi-chain network. Ronin was the sidechain that powered the popular game: Axie Infinity. The hack has been attributed to the North Korean backed hacking collective the Lazarus group. What allowed hackers to run off with more than half a million dollars in crypto was good old fashion social engineering with a bit of human error. Axie had 4 validator nodes that were not being used but had permission to withdraw funds. The hackers probably targeted employees who had access to the first 4 nodes and an additional node to take the money.

The third largest exploit in the last year was the Wormhole exploit where hackers ran off with a quarter of a million dollars. Wormhole was yet another multi-chain network that was exploited. This time the hackers were able to mint WeETH without posting any Ethereum as collateral. The hacker used Tornado Cash to launder the ETH. Chain Analysis offers “more rigorous code audits” as a first step towards securing multi-chain networks.?

The 3 largest crypto hacks all share 2 key similarities. They all 1. Ran off with hundreds of millions of dollars and 2. Were multi-chain systems. The former shows us the scale at which the blockchain industry operates: gaming, DeFi, and others have billions in capital that could fall to attacks. The latter shows us the increasing dependency of multi-chain systems as projects attempt to scale without costly chains like Ethereum.?

Audits have been recommended again and again, but it appears that such audits are not being performed or the quality is not high enough. As state-backed hacking groups and other well-funded groups, with millions to spend, target multi-chain networks an equally funded opposing force will be needed to secure the future of the blockchain economy.??