According to analysts, in 2022, more than 46% of cryptocurrencies were stolen in hacker attacks on blockchain projects due to infrastructure vulnerabilities and problems with computer systems, rather than due to flaws in smart contracts.
Immunefi analysts studied the history of hacker attacks on blockchain projects in 2022 and concluded that the main vulnerability of the Web3 space was its connection to IT infrastructure.
The analysts revealed that 46.48% of crypto stolen as a result of successful exploitation of blockchain projects were related to “infrastructural weaknesses.” In 2022, hackers managed to steal about $3.7 billion in crypto, of which more than $1.7 billion came from exploits related to problems in computer systems.
In terms of the number of incidents, Web2 vulnerabilities accounted for about 26% of attacks. Hackers conducted 128 successful exploits. 39 of them were successful due to the lack of access control and input validation mechanisms, and attackers relied on weak infrastructure in 34 cases.
Immunefi analysts attributed infrastructure weaknesses to all shortcomings in the IT infrastructure that underlies smart contracts, such as virtual machines, private keys, and so on. In particular, the analysts identified these specific types of infrastructure vulnerabilities that led to crypto theft:
- private key leakage;
- use of a weak password for a key storage;
- problems with two-factor authentication;
- DNS hijacking;
- BGP hijacking;
- hot wallet compromise;
- use of weak encryption methods;
- storing access keys in plaintext.
It’s worth noting that Immunefi analysts only considered attacks related to security vulnerabilities, excluding fraud or exploitation that occurred solely due to market manipulation.
Cryptographic issues were the second largest source of losses, which resulted in hackers stealing 20.58% of crypto in 2022. In this category, Immunefi analysts included Merkle Tree errors, signature replayability, and predictable random number generation.
Hackers are actively improving methods of attacking crypto users. North Korean hackers use a new virus Kandykorn, and attackers from China create fake Skype apps to organize phishing scams.
