Proactive Investors - 2022 was the biggest year ever for cryptocurrency hacking with at least $3.8 billion stolen primarily from DeFi protocols and by North Korea-linked attackers, according to a new report by Chainalysis.
In their annual report on crypto crime trends, Chainalysis said hacking activity ebbed and flowed throughout the year, with huge spikes in March and October.
DeFi protocols as victims accounted for 81.2% of all cryptocurrency stolen by hackers, a total of $3.1 billion, up from 73.3% in 2021. Of that $3.1 billion, 64% came from cross-chain bridge protocols, an attractive “honeypot” for hackers.
The report noted that North Korea-linked hackers, such as those in the cybercriminal syndicate Lazarus Group, shattered their own record for theft in 2022, stealing an estimated $1.7 billion of cryptocurrency across the several hacks attributed to them by Chainalysis.
“North Korea’s total exports in 2020 totalled $142 million worth of goods, so it isn’t a stretch to say that cryptocurrency hacking is a sizable chunk of the nation’s economy,” the report said.
Despite the cryptocurrency market downturn during 2022, illicit transaction volume rose for the second year, hitting an all-time high of $20.6 billion.
43% of this illicit transaction volume came from activity associated with sanctioned entities, the report noted.
In terms of money laundering, illicit addresses sent nearly $23.8 billion worth of cryptocurrency in 2022, a 68% increase over 2021.
The report said that mainstream centralized exchanges were the biggest recipient of illicit cryptocurrency, but noted more illicit funds were sent to DeFi protocols than ever before, a continuation of a trend that began in 2020.
Victims refusing to pay ransomware attackers
Cryptocurrency ransomware payouts fell 40.3% in 2022, with at least $456.8 million extorted from victims, down from $765.6 million in the previous year, according to the report.
“However, that doesn’t mean attacks are down, or at least not as much as the drastic dropoff in payments would suggest,” it said. “We believe much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers.”
The report cited cyber insurance firm Resilient chief claims officer Michael Phillips who said that there have been signs that meaningful disruptions against ransomware actor groups are driving lower-than-expected successful extortion attempts.
These disruptions included the Russia-Ukraine war and the increased pressure on ransomware gangs from Western law enforcement, including arrests and the recovery of extorted cryptocurrency, Phillips said in the report.