Cryptocurrency holders and projects suffered losses reaching a high of $2.8 billion, due to hacks and exploits in 2022.
Even though crypto winter hit hard in 2022, hacks and exploits in the industry resulted in $2.77 billion of funds lost to attackers. This was the largest amount exploited in a single year since 2013, and second only to 2012, which recorded losses of $3.36 billion mainly from the Silk Road hack.
The losses in 2022 were 4.2% higher than in 2021, when attackers netted $2.66 billion amid the accelerating hype for cryptocurrency.
A similar pattern occurred around the first crypto winter in 2018, when hacks and exploits caused $1.13 billion in losses, representing an increase of 256.7% from the previous year.
The DeFi summer of 2020 saw a rise in decentralized hacks and exploits
A mechanism called ‘yield farming’ was introduced in 2020, sparking the popularity of Decentralized Finance (DeFi) in what became known as ‘DeFi summer’. Yield farming enabled investors to deposit cryptocurrencies into a protocol, in exchange for returns at various rates.
Investors poured their funds into DeFi protocols for high yield returns, which attracted the attention of malicious hackers. The period of DeFi summer in Q3 2020 therefore recorded the largest sum of exploited funds that year, at $0.33 billion for the quarter.
2020 also marked a turning point in the types of protocols getting hacked. Hackers had previously targeted centralized protocols, or more specifically, centralized crypto exchanges. However, most exploits since 2020 have taken place on decentralized networks.
Hacks and exploits peaked during crypto’s bull market run, starting from second half of 2021
Trends in the amount of stolen funds each quarter, coincided with the cryptocurrency market’s cycles. At the start of the cryptocurrency bull market in Q2 2021, the amount of stolen funds jumped by 357.2% quarter-on-quarter (QoQ) to $0.47 billion. Losses from hacks continued to climb in the following quarters, alongside acceleration of the crypto hype. Losses then peaked at $1.26 billion in Q1 2022 when the bull market was at its tail end.
The amount of stolen funds in the remaining quarters decreased QoQ, with just $0.40 billion exploited in the final quarter last year.
Similarly, during the shift from bull to bear market in 2018, the amount of funds stolen stood at $0.73 billion in the first quarter, but consistently trended downwards in the next three quarters.
This trend parallels the correlation between crypto funding and market cycles, whereby funding declined in successive quarters when crypto winter arrived in 2022.
This study examines the amount of funds in USD, lost to cryptocurrency hacks and exploits, from 2018 to 2022, based on data from DeFiYield’s REKT Database. For the purpose of this study, the terms ‘hack’, ‘exploit’ and ‘attack’ were used interchangeably.
If you use these insights, we would appreciate a link credit to this article on CoinGecko. A link credit allows us to keep supplying you with future data-led content that you may find useful.
What are cryptocurrency hacks and exploits?
In the crypto industry, hacks and exploits refer to attacks that make use of vulnerabilities, flaws, or loopholes in any code or system, in order to steal cryptocurrency coins or tokens. The individuals or groups that carry out hacks and exploits are usually referred to as ‘hackers’. As a result of such actions, cryptocurrency holders and projects suffer losses in their funds, which may or may not be recoverable or returned.
Methods of hacking and exploitation include taking access control, flash loan attacks, reentrancy attacks, oracle issues, phishing and more.
Curious to know more about the state of crypto in 2022? Check out our comprehensive 2022 Annual Crypto Industry Report, that extensively covers everything from the crypto market landscape to analyzing Bitcoin and Ethereum, DeFi and NFT ecosystems, and more!
Yuqian is a cryptocurrency writer and marketer who specializes in mainstream cryptocurrency insights. She's especially fascinated by the philosophical and socioeconomic aspects of crypto and also goes by the name of Q. She holds a Bachelor of Social Sciences with Honors from the National University of Singapore. Follow the author on Twitter @solosbrqt