crypto bridge
The 10 largest crypto hacks and exploits in 2022 saw $2.1B stolen
It’s been a turbulent year for the cryptocurrency industry — market prices have taken a huge dip, crypto giants have collapsed and billions have been stolen in crypto exploits and hacks. It was not even halfway through October when Chainalysis declared 2022 to be the “biggest year ever for hacking activity.” As of Dec. 29, the 10 largest exploits of 2022 have seen $2.1 billion stolen from crypto protocols. Below are those exploits and hacks, ranked from smallest to largest. 10: Beanstalk Farms exploit — $76M Stablecoin protocol Beanstalk Farms suffered a $76 million exploit on April 18 from an attacker using a flash loan to buy governance tokens. This was used to pass two proposals that inserted malicious smart contracts. The exploit was initially thought to have cost around $182 mil...
White hat finds huge vulnerability in ETH to Arbitrum bridge: Wen max bounty?
A self-described white hat hacker has uncovered a “multi-million dollar vulnerability” in the bridge linking Ethereum and Arbitrum Nitro and received a 400 Ether (ETH) bounty for their find. Known as riptide on Twitter, the hacker described the exploit as the use of an initializing function to set their own bridge address, which would hijack all incoming ETH deposits from those trying to bridge funds from Ethereum to Arbitrum Nitro. Riptide explained the exploit in a Medium post on Sept. 20: “We could either selectively target large ETH deposits to remain undetected for a longer period of time, siphon up every single deposit that comes through the bridge, or wait and just front-run the next massive ETH deposit.” The hack could have potentially netted tens or even hundreds of millions worth...
Maiar decentralized crypto exchange goes offline after bug discovery
Minutes before 12 a.m. UTC on June 6, the CEO and co-founder of the Elrond Network, Beniamin Mincu, tweeted that he and his team were “investigating a set of suspicious activities” on the Maiar decentralized crypto exchange (DEX). Soon after the exchange was taken offline with Mincu reporting the issue was identified and an “emergency fix” was being implemented. In a Twitter thread posted almost 24 hours later around 11 p.m. UTC on June 6, Mincu said a potentially critical bug was identified which opened “an exploit area that we simply had to address and mitigate immediately.” The suspicious activities have been possibly identified and explained in a Twitter thread by pseudonymous on-chain analyst “Foudres” who revealed the potential attacker deployed a smart contract that someho...
