It should be noted that 2022 was indeed a “profitable” year for hackers. For example, analysts at Delphi Digital summed up the year’s interim results in the context of hacks of smart contracts and various protocol infrastructures back in November. They estimated the total impact of those activities was $2.7 billion.

More importantly, it exceeded the 2021 figure by 63 percent. Here’s a relevant comparison from the experts.

Hacking volume of blockchain projects over the past three years

Blockchain bridge Nomad: $190 million

The Nomad platform was hacked in August – its developers lost all funds from their budget and the size of the loss exceeded the $190 million mark. Hackers stole tokens from Etherium, USDC, FXS and CQT. According to Decrypt, the attackers managed to exploit a bug in the blockchain bridge code.

As a reminder, a blockchain bridge is a platform that allows the transfer of tokens from one blockchain to another. The transfer process is implemented in different ways, most often the bridge releases identical tokens with the same value on the new blockchain, while blocking the tokens on the first blockchain. These tokens are commonly referred to as wrapped tokens.

Appeal to hackers from the Nomad team

Fortunately, the Nomad team managed to recover at least some of what was stolen. The developers announced a reward of 10 percent of the amount stolen for hackers and a waiver of criminal prosecution if they returned the crypto back to the platform’s wallet. More than $22 million has been returned since the announcement – not much compared to the amount stolen, but at least something.

Wormhole blockchain bridge: $326 million

The Wormhole platform came under attack by hackers in February of this year. Attackers managed to steal over $326 million in WETH tokens at their rate at the time.

WETH, or Wrapped Ethereum, is the counterpart to Etherium on other blockchains. In the case of Wormhole, WETH tokens were received by the user after locking the original ETH into the platform’s smart contract, which is a fairly common practice in decentralised finance (DeFi). Both Wormhole and Nomad belong to DeFi – decentralised protocols have traditionally been considered an industry vulnerability to hackers.

Stolen tokens from Wormhole on a hacker’s wallet

Fortunately, the Wormhole story ended with a happy ending – at least for ordinary users. The parent company Jump Trading took the incident into its own hands and was able to compensate for the stolen funds, after which Wormhole continued to operate again.

Ronin Sidchain: $552 million

The Ronin sidechain belongs to the ecosystem of the popular blockchain game Axie Infinity. It suffered a hacking attack back in March. At that time, cybercriminals managed to steal more than $552 million in Etherium and USDC. The game’s development studio didn’t release information about the incident until a week later – by then the amount of losses in dollar terms was already estimated at $622 million.

Axie Infinity

The Ronin sidechain was developed specifically for the Axie Infinity game as a second-tier solution to increase the throughput in handling the Etherium blockchain. Axie Infinity became very popular in 2021, with the price of the AXS project's native token soaring tenfold in just a few months.

AXS exchange rate over time

This time, attackers managed to sign transactions from five of the nine current validator nodes on the Ronin network, which is the threshold required to approve signatures. They eventually gained access to four Sky Mavis validators, as well as one operated by the decentralised Axie DAO.

The stolen tokens quickly went through channels to launder funds. Some transactions involving them also found their way into cryptomixer Tornado Cash, which was on the US government’s sanctions list earlier this year. In addition, analysts were able to establish the involvement of the North Korean hacking group Lazarus in the incident.

BSC Token Hub blockchain bridge: $566 million

Hackers broke into the BNB Chain blockchain bridge called BSC Token Hub in early October this year. It is a bridge that connects the BNB Beacon Chain (BEP2) and BNB Chain (BEP20) standards tokens. Most interestingly, the attackers obtained the money by creating artificial withdrawal rights. Fortunately, the funds of Binance users and the Binance Smart Chain blockchain itself did not go anywhere.

Binance chief executive Changpen Zhao

Hackers initially managed to get their hands on a large volume of tokens, but Binance chief Changpen Zhao later said that the exchange team managed to prevent the loss of 80 to 90 percent of funds. BSC’s blockchain validators simply froze its operation immediately after the attack, but the criminals still managed to take about $100 million in crypto with them.

FTX crypto-exchange: $650 million

The bankruptcy of FTX was one of the most high-profile events of this year. The collapse of the crypto-exchange led to billions of dollars in losses for the trading platform’s customers and creditors. But that’s not all: immediately after the official bankruptcy filing by FTX management, the crypto-exchange was hacked – hackers managed to steal more than $650 million.

Ex-CEO of FTX Sam Bankman-Fried

Around $640 million in tokens were withdrawn from several wallets allegedly belonging to FTX. These funds were then transferred to other exchanges and converted into various cryptocurrencies. It is still unclear who is behind the incident.

At the first court hearing for the collapsed exchange, James Bromley, a lawyer for FTX’s new management, said that “a significant portion” of the exchange’s assets were missing or had been stolen. Meanwhile, representatives of other companies have made it clear that the identity of the FTX insider has already been identified, with the man himself appearing to be an amateur in these matters. Be that as it may, the case remains unsolved.


The collapse stage of the cryptocurrency market seems to have had essentially no effect on the hackers' profits. They have continued to look for weaknesses in various blockchain platforms and exploit them to generate additional funds. Hopefully, there will be fewer such cases in the future, because every such hack does not help cryptocurrencies' reputation - and it also scares away newcomers.