Blockchain hacks on the rise

The number of cyber attacks centred around Blockchain technology, a transaction record database commonly used for crypto currency exchange, is on the rise, according to Cambridge based IT security firm, The SecOps Group.

  • 2 years ago Posted in

With just three hacks causing damage of almost $1 billion so far this year, the pressure is on for blockchain developers to identify and patch security issues before they get exploited in the wild. Fortunately, the security consultancy The SecOps Group (https://secops.group) has launched a blockchain smart contract security audit to help them do just that.

 

There are two main methods of successful attack: one relies on social engineering tricks such as convincing a victim to send crypto currency to an attacker’s wallet; the second, and more complicated, type of hack requires a deep understanding of blockchain smart contracts and associated components, such as side-chain, cross-chain, wallets, understanding of various protocols, and more. 

 

Three of the most recent and significant attacks on blockchain were:

 

Solana Wallets Attack - $7 Million- August 03, 2022

Blockchain based platform, Solana, on which many web3 applications are deployed, experienced a wallet based attack. It appears that the cause was a flaw in the wallet software used, resulting in the unique private key which links a user to their blockchain address, and/or seed phrase (the fingerprint of all of a user’s blockchain assets) being compromised. The result was that more than 7,000 wallets were drained of more than seven millions dollars’ worth of SOL tokens.

 

Axie Infinity Ronin Bridge - $625 Million - March 28, 2022

The largest-ever crypto hack took place on the play-as-you-earn game Axie Infinity, which is deployed on the Ethereum blockchain platform. Despite being the most trusted blockchain platform and the first to use smart contracts, hackers gained control over the majority of the cryptographic keys securing the game’s cross-chain bridge. Four of the nine keys were stolen when an Axie developer clicked on a fake job offer in PDF. 

 

Wormhole Cross Chain Bridge Attack - $325 Million - February 2, 2022

Wormhole is a Ethereum and Solana combined blockchain based web 3.0 bridge, which uses an intermediate bridge to transfer tokens between two different networks. A hacker exploited smart contracts on the Solana-to-Ethereum bridge to mint and cash out on wrapped ether without depositing collateral. This hack allowed hackers to steal a total of $320 million in Ethereum and Solana tokens.

 

With smart contracts playing a key role in automating several processes within a blockchain, running an audit to examine and analyse its code is now crucial for preventing attacks. Implemented effectively, it will help to discover errors, issues and security vulnerabilities in the code and suggest ways to fix them.

 

Commenting on the launch, Sumit ‘Sid’ Siddharth, the founder of The SecOps Group, said, “With the exponential growth of crypto currencies, NFTs and other blockchain implementations, there has never been a better time for cybercriminals to convert a vulnerability into easy and big money.

 

“We can see that thousands of decentralised finance projects and NFT projects have been developed in blockchain technology aka web 3.0, and securing them should be just as important as building them.”

On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
To accelerate enterprises’ readiness to further connect and support AI and non-AI workloads,...
Gartner, Inc. predicts that through 2027, Fortune 500 companies will shift $500 billion from energy...
Developer productivity and quality engineering has passed the tipping point of adopting generative...
HCLTech has launched its advanced AI Transformation academy in partnership with Multiverse, a...
Wireless Logic report reveals significant demand for eSIM, remote SIM provisioning and robust...
Partnership with IFS to boost efficiency, increase operational agility and support planning and...
Tech Mahindra has established a Center of Excellence (CoE) powered by NVIDIA platforms to drive...