Last year marked the worst year on record for cryptocurrency hacks, according to Chainalysis’ latest analysis.
Cryptocurrency hackers stole $3.8 billion in 2022, according to the blockchain analytics firm’s report — up from $3.3 billion in 2021. October had the most crypto hacks in a single month with $775.7 million stolen in 32 separate attacks, according to the study.
Here’s a look at the most popular strategy cyber thieves used, as well as how you can protect yourself.
DeFi protocols were hit hardest by cryptocurrency hacks
Decentralized finance protocols, known as DeFi protocols, accounted for about 82%, or $3.1 billion, of all crypto stolen by hackers in 2022, according to the report
DeFi protocols contain a series of codes that determine how virtual currency can be used on a blockchain network. Take smart contracts, for example. These digital contracts are the key underlying technologies that allow crypto transactions to be made. Smart contracts operate according to “if/then” commands; if X, then execute Y.
Within DeFi, smart contracts are publicly viewable sets of instructions that allow users to borrow, lend or make transactions without an intermediary. Once a user meets the smart contract’s terms and conditions, the transaction happens automatically, similar to a vending machine.
The majority of the digital funds were stolen from cross-chain bridge applications, according to the report. This software allows users to transfer their cryptocurrency between different blockchains.
Cross-chain bridges can be an attractive target for hackers because as users deposit their digital coins into smart contracts to be transferred to another blockchain, the smart contracts become somewhat of a centralized storehouse.
“A more desirable honeypot could scarcely be imagined,” Chainalysis said in its report. “If a bridge gets big enough, any error in its underlying smart contract code or other potential weak spot is almost sure to eventually be found and exploited by bad actors.”
How investors can protect their crypto
You should thoroughly research and vet the software you use to transfer or store your virtual currency.
There are virtual wallets that can safely store your crypto and secure it against online attacks, Max Krupyshev, co-founder and leader of crypto-payment ecosystem CoinsPaid, tells CNBC Make It. However, it’s important to first determine which type of wallet makes sense for you.
When it comes to mitigating crypto hacking, many issues are due to a lack of security, David Schwed, chief operating officer of blockchain cybersecurity firm Halborn, says in the report.
“The DeFi community generally isn’t demanding better security — they want to go to protocols with high yields,” he says. “But those incentives lead to trouble down the road.”
Instead, DeFi developers would be smart to borrow security strategies used by traditional financial institutions to better protect their platforms. These include testing protocols with simulated attacks, closely monitoring the blockchain for suspicious activity and building processes that will halt transactions if suspicious activity is detected, Schwed says.
“DeFi protocols will greatly benefit from adopting better security in order for the ecosystem to grow, thrive, and eventually penetrate the mainstream,” Chainalysis’ report says.
Sign up now: Get smarter about your money and career with our weekly newsletter
Don’t miss: Mark Cuban predicts this will be the ‘next possible implosion’ in crypto–here’s how to avoid it