Cryptocurrency Hacks Show Decline and Changing Dynamics - Insights from TRM Labs

Join Our Telegram channel to stay up to date on breaking news coverage

In a recent analysis conducted by TRM Labs, a blockchain intelligence company, it was discovered that hackers successfully siphoned off around $400 million from multiple cryptocurrency initiatives during the first quarter of 2023, comprising a series of 40 targeted hacks.

Impressively, this total represents a substantial 70% decline when compared to the corresponding period in the previous year.

TRM Labs Report Unveils Cryptocurrency Hacks Decrease by 70% in Q1 2023

TRM Labs has also revealed in its latest report that the average size of these hacking incidents has decreased over time. In 2022, the average amount stolen during such attacks amounted to $30 million, whereas in the corresponding period of 2023, it decreased to $10.5 million.

Interestingly, hackers have been increasingly returning the money they pilfered, opting for a “white hat” reward from the projects they targeted. TRM Labs estimates that hack victims managed to recover nearly half of the funds stolen in 2023.

Notable examples include an attacker who exploited the TenderFi protocol and returned half of the $1.6 million obtained from the attack after receiving an $850,000 bounty from TenderFi.

In a similar vein, the individual responsible for exploiting the Euler lending protocol also consented to relinquish the entirety of the $200 million cryptocurrency sum that had been acquired. These occurrences took place in the month of March. Subsequently, in April, the perpetrator who depleted the Safemoon protocol restored $7.1 million of the pilfered digital assets, electing to retain the remaining $9 million.

TRM Labs suggests that the increasing attention from regulators regarding cryptocurrency hacks, along with a series of prominent enforcement cases, could explain this trend.

Cryptocurrency exchanges have been intensifying their know-your-customer (KYC) and anti-money laundering (AML) policies, making it more challenging for hackers to convert stolen coins into cash.

Additionally, the popular Ethereum mixing protocol Tornado Cash has been under U.S. sanctions since August 2022, effectively blacklisting all Tornado-related funds on regulated exchanges. The protocol has been highly used as a tool for laundering Ethereum.

Furthermore, the arrest of Avraham Eisenberg, who became the first person known to be apprehended for a decentralized finance (DeFi) exploit, may serve as a cautionary tale. Eisenberg publicly admitted to exploiting the Mango Markets protocol, thereby exposing its vulnerability. He was arrested in Puerto Rico in December.

Ari Redbord, TRM Labs’ head of legal and government affairs, stated that the ability to trace and track stolen funds has improved significantly. Not only are investigators employing blockchain intelligence tools like TRM, but users on platforms like Twitter are also utilizing open-source tools, resulting in hacked funds being publicly tracked in real-time.

Consequently, malicious hackers are encountering greater difficulties in offloading stolen funds, leading them to settle for bug bounties. Additionally, the emergence of “white hat” hackers, who actively contribute to strengthening cybersecurity measures, has become increasingly prevalent within the ecosystem of DeFi services.

It is worth noting that returning stolen funds is not an entirely new phenomenon within the DeFi space. Past examples include the hackers behind Defrost Finance and Nomad Bridge in 2022, Poly Network in 2021, and dForce in 2020.

In March, Crystal Blockchain estimated the total cost of hacks and scams to be around $119 million. DeFi protocols remain a prime target for attackers due to the intricate nature of smart contracts, which can be susceptible to manipulation. According to Chainalysis, DeFi exploits accounted for 82% of all stolen cryptocurrency in 2022.

Despite a decrease in crypto rates in Q1 2023, the security of the crypto market is expected to remain uncertain, with the current decline likely being a temporary relief rather than a lasting trend.

Chainalysis estimates approximately $3.8 billion was stolen in crypto hacks, primarily targeting decentralized finance (DeFi) protocols and attributed to North Korea-linked attackers. TRM Labs warns that this slowdown is likely temporary and expects future hacking cases to increase with a few large-scale attacks

Tornado Cash Hack – Attacker’s Proposal Raises Doubts Amid Limited Options

An individual who caused widespread alarm by hijacking Tornado Cash governance is now proposing to reverse their actions, although trust in the hacker remains questionable, leaving the community with limited options.

On May 21, a malicious proposal successfully granted the attacker complete control over Tornado Cash’s governance. With this authority, the attacker had the potential to inflict significant losses by withdrawing locked votes, draining tokens from the governance contract, and disrupting the system.

In response, community member Tornadosaurus-Hex took proactive measures to mitigate potential damage by submitting a proposal for members to withdraw their funds locked in governance. However, Hex expressed uncertainty about the effectiveness of this new proposal given the attacker’s control.

Shortly after the hack began, the perpetrator contacted the Tornado Cash community, presenting a fresh proposal that conveyed their intention to relinquish governance control. Hex, a member of the community, disseminated this update, highlighting the probability of the attacker following through with their plan and verifying the validity of storage layouts.

While certain members of the community embraced a sense of optimism concerning the attacker’s apparent shift in attitude, alternative theories emerged suggesting that this display could be a calculated maneuver to drive up the value of the TORN token before executing a swift exit strategy.

While the first quarter of 2023 has witnessed a significant decline in overall crypto hacks, as depicted in the graph provided by TRM Labs.

However, past experiences serve as a reminder that crypto users should not become complacent, as previous slow periods have been followed by an increase in hacks in 2022.

Smog (SMOG) - Meme Coin With Rewards

Rating