Report: Half of all DeFi exploits are cross-bridge hacks

Must read

Bitfinex holds the highest amount of Tether(USDT) at 60%, exchange balances surpass ATH

Bitfinex holds the highest amount of Tether(USDT) at 60%, exchange balances surpass ATH Richard Adrian · 20 mins ago · ...

Gemini reveals $601M GUSD backing, 45+ licenses amid global exchange turmoil

Gemini reveals $601M GUSD backing, 45+ licenses amid global exchange turmoil Liam 'Akiba' Wright · 5 hours ago · 2...

CryptoSlate Wrapped Daily: Ethereum losses deflationary gains; Andre Cronje reveals how DeFi saved Fantom

CryptoSlate Wrapped Daily: Ethereum losses deflationary gains; Andre Cronje reveals how DeFi saved Fantom Christian Nwobodo · 3 hours ago ·...

Upbit’s parent company Dunamu sees profit drop 76% in Q3

Upbit’s parent company Dunamu sees profit drop 76% in Q3 Soumen Datta · 6 hours ago · 1 min read...

Over $2.5 billion have been stolen from cross-chain bridges in the past two years.

588 Total views

14 Total shares

Report: Half of all DeFi exploits are cross-bridge hacks

According to a new report by crypto data aggregator Token Terminal, approximately 50% of exploits in decentralized finance, or DeFi, occur on cross-chain bridges. In two years’ time, more than $2.5 billion has been stolen by hackers via exploiting vulnerabilities on cross-chain bridges. The amount is enormous in comparison to other security breaches, such as DeFi lending hacks ($718 million) and decentralized exchange exploits ($362 million) in that period. 

Bridge exploits account for ~50% of all DeFi exploits, totaling ~$2.5B in lost assets

These hacks can typically be attributed to smart contract loopholes (e.g. Wormhole & Nomad) or compromised private keys (e.g. Ronin & Harmony).

What will it take to create secure bridges? pic.twitter.com/LrVf0W0zeK

— Token Terminal (@tokenterminal) October 18, 2022

Cross-chain bridges, which allow users to port digital assets from one chain to another, are known for their ability to solve multichain scaling issues. However, the complexity in building and subsequently auditing them, combined with massive amounts of funds locked in their smart contracts, has attracted much attention from hackers.

Immunefi CEO and security expert Mitchell Amador explained that some developers in the DeFi space are simply lacking the necessary knowledge to secure such complex mechanisms:

“Many developers launch projects by simply copying and pasting code from other projects. When one of these projects has a vulnerability, others usually have that vulnerability as well. Open source smart contracts, being visible and accessible to all, can easily attract blackhats who study them, discover where they’re vulnerable, and exploit them.”

It also appears that the vast majority of cross-change exploits that have happened thus far took place on Ethereum Virtual Machine (EVM) blockchains. This includes this year’s most serious incidents, such as the Axie Infinity Ronin bridge hack, the Wormhole token bridge hack and the Nomad bridge hack.

Meanwhile, cross-chain bridges based on the Cosmos Inter-Blockchain Communications (IBC) protocol, which has surpassed $1 billion in total value locked, have largely avoided the spearhead of the attacks. Although, last week, Cosmos co-founder Ethan Buchman said that a major security vulnerability was discovered on IBC after security audits. The exploit has been patched and no funds were lost as a result of the incident. 

More articles

Latest article

Bitfinex holds the highest amount of Tether(USDT) at 60%, exchange balances surpass ATH

Bitfinex holds the highest amount of Tether(USDT) at 60%, exchange balances surpass ATH Richard Adrian · 20 mins ago · ...

Gemini reveals $601M GUSD backing, 45+ licenses amid global exchange turmoil

Gemini reveals $601M GUSD backing, 45+ licenses amid global exchange turmoil Liam 'Akiba' Wright · 5 hours ago · 2...

CryptoSlate Wrapped Daily: Ethereum losses deflationary gains; Andre Cronje reveals how DeFi saved Fantom

CryptoSlate Wrapped Daily: Ethereum losses deflationary gains; Andre Cronje reveals how DeFi saved Fantom Christian Nwobodo · 3 hours ago ·...

Upbit’s parent company Dunamu sees profit drop 76% in Q3

Upbit’s parent company Dunamu sees profit drop 76% in Q3 Soumen Datta · 6 hours ago · 1 min read...

Research: Whales have been offloading Bitcoin since 2021

Research: Whales have been offloading Bitcoin since 2021 Zeynep Geylan · 6 hours ago · 2 min read ...