What Are Cross-Chain Bridge, Exchange And Wallet Hackings?

Please fol­low and like us:
Pin Share

Hack­ers exploit secu­ri­ty vul­ner­a­bil­i­ties in third-par­ty wal­lets, cross-chain bridges, and hot wal­lets to steal mil­lions of dol­lars worth of cryp­tos, as the attacks on Nomad and Ronin cross-chain bridges, the Trust and Slope wal­lets, and the ZB cryp­to exchange have shown.

Although blockchain tech­nol­o­gy is rev­o­lu­tion­is­ing how we inter­act online and has emerged as a wor­thy oppo­nent to the tra­di­tion­al bank­ing sys­tem, it is also sus­cep­ti­ble to hack­ing. Accord­ing to a report by Atlas VPN, a free VPN app, blockchain hack­ers stole more than $1.3 bil­lion in Q1 2022 alone. 

Here Are Three Types Of Crypto Hacks

Bridge Attacks

A blockchain bridge is a con­nec­tion that allows the trans­fer of dig­i­tal assets from one blockchain to anoth­er. Bridges have emerged as a solu­tion to con­nect dif­fer­ent blockchains and serve as an inter­me­di­a­to­ry. When you trans­fer a token with cross-chain bridges, you are send­ing funds as tokens to the bridge pro­to­col, which locks those funds into the con­tract on one chain. Then, the user is giv­en funds in the form of wrapped tokens on the desired chain. 

These wrapped tokens are backed by cryp­tocur­ren­cy stored in the reserve of the bridge. Just like exchange charges a trad­ing fee to exchange funds, a bridge charges a gas fee, which is usu­al­ly very high and is fea­si­ble only if you are trad­ing in huge vol­umes. A Chainal­y­sis report esti­mates that $2 bil­lion in cryp­tocur­ren­cy has been stolen across 13 sep­a­rate cross-chain bridge hacks. 

Recent­ly, the Nomad bridge was hacked due to a secu­ri­ty flaw, and almost $200 mil­lion worth of cryp­to was drained from reserves. A small group of hack­ers took advan­tage of the secu­ri­ty flaw to break into the sys­tem. Pre­vi­ous­ly, Ronin Bridge, an ETH sidechain built for play to earn game Axie infin­i­ty, was hacked, and the hack­ers stole approx­i­mate­ly $650 mil­lion worth of crypto.

Wal­let hacks

Wal­lets are hard­ware or soft­ware pro­grams where the pri­vate keys to your wal­let address­es on a blockchain are stored. These pri­vate keys are your access to your cryp­to deposits, and keep­ing them safe is the most impor­tant task. 

If you keep your cryp­tos in a cus­to­di­al wal­let, in that case, your pri­vate keys are kept in a cold stor­age plat­form, and it’s like invest­ing in a com­mod­i­ty with­out hold­ing the item your­self. Hav­ing your pri­vate keys is like hold­ing cash. You can store your keys in a soft­ware wal­let (web exten­sion or desk­top), called a hot wal­let, or a hard­ware wal­let known as cold storage. 

A hot wal­let is sus­cep­ti­ble to hack­ing as it is con­nect­ed to the inter­net, but the cold wal­let is much more secure. Hot wal­lets are third-par­ty appli­ca­tions and might have secu­ri­ty vul­ner­a­bil­i­ties. Recent­ly, around 8,000 hot wal­lets, main­ly Trust wal­let and slope wal­let, were hacked using a Sup­ply Chain Attack to steal the pri­vate keys and drain the wallets.

Exchange Hacks

A cryp­to exchange is a plat­form where traders or investors buy and sell dig­i­tal assets using fiat cur­ren­cy. Usu­al­ly, cryp­to exchanges have huge reserves. Some amounts of cryp­to are stored in hot wal­lets for trad­ing, but most of the cryp­to is stored in cold wal­lets. The main tar­get of the hack­ers is the cus­to­di­al keys held by an exchange.

Recent­ly, $4.8 mil­lion worth of cryp­to was stolen from the ZB exchange. Peck­shield, a cyber­se­cu­ri­ty organ­i­sa­tion, stat­ed that over 20 dig­i­tal cur­ren­cy tokens were trans­ferred from the exchange’s hot wal­let to an address thought to belong to hack­ers. The hack­er moved the funds from the first wal­let to anoth­er wal­let from which he sold 2,224 ETH worth $3.6 mil­lion. ZB exchange has cur­rent­ly sus­pend­ed all cur­ren­cy recharge and coin with­drawals, cit­ing main­te­nance issues.

Source link

Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published. Required fields are marked *