Crypto Hacking is still rife going into 2023

The amount of crypto hacks still happening on the blockchain is startling! In 2022, over $1.6 billion worth of cryptocurrency has been stolen from users.

But what can we do about this degree of crypto hacking?

To us this is twofold:

1) The easy thing to do: protect yourself, your altcoins and your NFT investments;

2) The hard part: we must stand together to reject hackers and not allow them to benefit from this disgusting behaviour.

Before we dive into the above, let's give some context.

Can a Blockchain be hacked?

Yes, it's not impossible to hack a blockchain but it is extremely difficult. The reason why hacking a blockchain is so tough has to do with the architecture of the protocol itself. There are various algorithms that are designed to make sure that data on the blockchain remains immutable and secure.

In order for a hacker to gain access, they would need to hack into all of the nodes in a network simultaneously, which is nearly impossible because of its distributed nature.

A future exception to this could potentially be seen when quantum computing becomes mainstream. Such machines will be able to handle extremely complex mathematical problems, which could make it easier for malicious actors to breach the blockchain.

However, for now, the greatest risk to users is not from a direct attack on the blockchain itself, but from other vulnerabilities.

Where do the majority of cryptocurrency hacks happen?

Crypto Wallets Hacks

In the same way that you would store money in a normal wallet, cryptocurrency is stored in digital wallets. These are programs or devices that allow users to send and receive cryptocurrencies, as well as view their balances

Unfortunately, these wallets can be vulnerable to attacks from malicious actors if not adequately secured. Hackers are able to gain credentials through various methods such as phishing emails or by exploiting software vulnerabilities. If successful, the hacker will have access to your funds and can transfer them without your knowledge or consent.

We often see this with soft wallets such as MetaMask (on Ethereum and other EVM chains) and Phantom (on Solana). Users are tricked into unwittingly downloading an executable piece of software, in the guise of a game as an example, or into signing a transaction on a website they believe is secure (maybe a clone of the legit site).

As soon as this happens, hackers get your private keys, which essentially make up your wallet credentials and are thus able to steal all your dollars worth of digital assets, from your bitcoin to altcoins and even NFTs.

Crypto Exchange Hacks

Crypto exchanges are another area that malicious actors target. Since these platforms are used to trade cryptocurrencies, they usually have large amounts of user funds stored on them - making them ripe targets for hackers who can gain access to the exchange's private keys and essentially transfer the stolen funds.

In recent years, we've seen a number of high-profile crypto exchange hacks such as Bitfinex in 2016 ($75 million), Coincheck in 2018 ($500 million) and most recently FTX in November 2022 ($400+ million).

Whilst these attacks are incredibly damaging, there are some measures that users can take to protect themselves. The most

These events highlight just how vulnerable crypto exchanges can be, especially when it comes to user security and privacy. It also serves as a reminder that hackers are willing and able to exploit any weaknesses in a system for their own financial gain.

NFT Marketplace Hacks

Non-fungible tokens (NFTs) have been gaining a lot of traction in the crypto space. These tokens are used to represent physical and digital assets, such as artwork or music, and can be bought, sold and traded on specialised NFT marketplaces

Unfortunately, these platforms can also be vulnerable to hacks from malicious actors. For example, we saw an incident with Opensea in February 2022, where hackers stole hundreds of NFTs from OpenSea.

The problem with such NFT marketplaces is that a good portion of their platform is in fact centralised and thus more vulnerable to attacks. This is because the tokens are stored on a centralised server and the whole platform relies on a single point of failure, meaning if the server is breached then all users' funds can be stolen.

Hacking the various protocols and DeFi Platforms

Finally, we are at risk of hackers exploiting vulnerabilities in the various protocols and decentralized finance (DeFi) platforms that make up the blockchain ecosystem.

As the DeFi space continues to grow, so does the number of vulnerabilities that can be exploited by hackers. For example, when a protocol is first developed it may not contain sufficient security measures or fails to take into account certain attack vectors. This makes it easier for malicious actors to exploit these weaknesses and gain access to user funds

In addition, many protocol developers are often working on their own without proper formal security testing frameworks in place - meaning any vulnerabilities they introduce could potentially be overlooked until it's too late

One of the most recent examples of this is the Ankr Protocol hack.  This took place in early December 2022, when DeFi hackers exploited a vulnerability, allowing them to mint 6 quadrillion aBNBc tokens.

Blockchain Bridges

Finally, blockchain bridges are becoming increasingly attractive targets for hackers.

A blockchain bridge is a piece of blockchain technology that allows you to move a token from one chain to another.  This means that, in theory, if you have a token on one chain, such as Ethereum, and you want to move it to another chain, such as Binance Smart Chain (BNB chain), then you can do so via one of the cross chain bridges.

Unfortunately, due to the nature of a blockchain bridge, they are vulnerable to attacks from malicious actors. In December 2020, hackers exploited a vulnerability in the Kyber Network bridge and managed to steal $27 million worth of Ethereum tokens.

Whilst cross chain bridges hold great promise for connecting different blockchain networks, they come with their own set of security risks that need to be taken into account.  As such, it is important for users to exercise caution when using any type of cross chain bridge to link tokens between different blockchains.

How can I protect myself from Crypto Hacking?

There are some simple things you can do to keep your cryptocurrencies safe from theft. The most important thing to note above all else is if you are not in control of your private keys, then you are not in control of your cryptocurrency!

This is twofold:

1. If you use a custodial wallet system (eg keeping your crypto on an exchange), then you are not truly in control of your cryptocurrencies. This centralised system can revoke access and freeze your transactions at any time.
2. If you have set up your own Non-custodial or decentralised wallet but have shared your private key or stored it someplace insecure, you could lose your cryptocurrency stores at any time.

Choosing the right non-custodial wallet: cold storage

Generally, you either have a hot wallet or store your crypto in cold storage. Most less secure wallets are considered hot because they're connected to the internet.

Cold storage wallets, on the other hand, are considered far more secure as they aren't connected to the internet and your private keys remain in your control.

Choosing a hardware wallet is generally the best option when it comes to keeping your cryptocurrencies safe from malicious actors. Hardware wallets have added layers of security built-in, such as pin codes and two-factor authentication, and are considered the most secure form of cryptocurrency storage.

The two best options to consider are:

1. Trezor
2. Ledger

Keeping your Private Keys safe

Regardless of what blockchain network you are on and what blockchain technology you are using, your wallet is only as safe as your private key. Understanding how a key is kept safe and how to ensure it is inaccessible to anyone else is paramount because no matter what hardware you use, as soon as someone gains access to your private key, no amount of security can safeguard your digital currency.

For privacy reasons, you shouldn't store your keys in your phone or computer since that creates a link to the key that could be hacked.  Instead, it's best to store them on a USB drive or other physical device that can be stored safely away from any electronic access.

Finally, backing up your wallet is essential for security. Having a copy of your private key stored in a safe physical location can help you recover your funds if the original copy is ever lost or destroyed.

Do not store your crypto on an exchange

Exchanges are a great way to buy and sell cryptocurrencies, but they shouldn't be used as a wallet. This is because exchanges are custodial services and you don't actually own the private key.

Remember: "not your keys, not your coins".

Only leave funds on an exchange for as long as necessary for trading purposes, otherwise, move them onto a non-custodial wallet!

It doesn't matter whether you are trading with the world's largest cryptocurrency exchange, Binance, not only can Binance choose to halt your withdrawals, every custodial centralised system is vulnerable to attack.

There is a reason why savvy investors prefer to manage their transactions through decentralized finance rather than a centralized company. Just look at the latest drama with FTX. Unbeknown to their customers, FTX and Sam Bankman-Fried had transferred customers' crypto to his trading firm and wrongfully initiated trades on their behalf.

When news started to drop about this huge unprecedented scam, all transactions were stopped. What's worse is that billions of dollars of bitcoin, Ethereum and other altcoins belonging to customers have vanished.

We must not just learn from this but teach those not so experienced about the pitfalls of exchanges and centralized, custodial systems.

Interact with burner hot wallet

Interacting with smart contracts and dApps is a necessity for any true advocate of decentralization. Whether you are using a bridge to move funds from Ethereum to the BNB chain, using one of many DeFi protocols or even minting an NFT, at some point, you have to take a risk and perform a signing request.

You can do your due diligence to avoid hacks and prevent your digital currency from being stolen. However, in the end, the best way to keep your wallet safe is to have a "transactional" burner wallet that only ever has the crypto on it for that specific transaction. That way if you do interact with a nefarious smart contract that hacks your wallet, only a small amount of your crypto will be stolen rather than all your NFTs and Altcoins.

If you are a dev or someone prone to testing new software, you may even take this one step further and have a burner laptop. Remember that any wallets on your laptop or phone are vulnerable to someone hacking the whole device.

We must fight back against bad actors

The thing about blockchain networks is that there is a connection between every wallet, smart contract and transaction we do. This data is public for all to see.

So when an NFT is stolen, for example, this can easily be proven and tracked between the different owners.

Whether you are an individual looking to buy an NFT or the creator of an NFT marketplace, we must band together and not give hackers an opportunity to benefit from selling such stolen assets.

As with that iconic scene on the Network, you need to stand up and say "I'm as mad as hell and I'm not going to take this anymore".

Only then when we all take a stand can we stop these hacks from taking place and stop these bad actors from benefiting.

       

       if(window.strchfSettings === undefined) window.strchfSettings = {};
   window.strchfSettings.stats = {url: "https://devwiz.storychief.io/en/crypto-hacking-is-still-rife-going-into-2023?id=1999537051&type=26",title: "Crypto Hacking is still rife going into 2023",id: "a40dd265-52e3-443b-8bfe-2586aa65e35b"};
           (function(d, s, id) {
     var js, sjs = d.getElementsByTagName(s)[0];
     if (d.getElementById(id)) {window.strchf.update(); return;}
     js = d.createElement(s); js.id = id;
     js.src = "https://d37oebn0w9ir6a.cloudfront.net/scripts/v0/strchf.js";
     js.async = true;
     sjs.parentNode.insertBefore(js, sjs);
   }(document, 'script', 'storychief-jssdk'))