Hackers have stolen more than $3 billion in cryptocurrency so far this year, shattering the previous record of $2.1 billion set in 2021, according to blockchain analytics firm Chainalysis.
A big chunk of that $3 billion, around $718 million, was taken this month in 11 different hacks, Chainalysis said in a series of tweets posted Wednesday.
“October is now the biggest month in the biggest year ever for hacking activity, with more than half the month still to go,” the company tweeted.
In past years, hackers focused their efforts on attacking crypto exchanges, but those companies have since strengthened their security, Chainalysis said. These days, cybercriminals are targeting “cross-chain bridges,” which allow investors to transfer digital assets and data among different blockchains.
The bridges hold a lot of cryptocurrencies, providing a larger and more complex arena for hackers to infiltrate, according to cybersecurity experts.
“Cross-chain bridges remain a major target for hackers, with three bridges breached this month and nearly $600 million stolen, accounting for 82% of losses this month and 64% of losses all year,” Chainalysis said.
Hackers initially made of with $570 million in cryptocurrency from Binance, but company officials have minimized the losses to under $100 million, its CEO said last week. Hackers also struck Nomad in August, reportedly taking nearly $200 million. Both the Binance and Nomad attacks were instances of hackers exploiting security flaws within the cross-chain bridge transaction protocols.
Crypto.com, known for its recent $700 million deal to rename the former Staples Center in Los Angeles, said in January that hackers managed to bypass its two-factor authentication system and withdraw funds from 483 customer accounts. Harmony lost about $100 million in a hack in June. Crypto platforms Wormhole and Ronin Network were also targets of hackers this year.
All told, Chainalysis said there have been 125 hacks so far this year.
Binance CEO Changpeng Zhao said in an interview with CNBC last week that the crypto industry is vulnerable to hackers whenever customers move assets from one blockchain to another, but the goal is to learn from what caused the hack and develop extra safeguards in the future.
Cryptocurrency is not federally regulated or FDIC insured like a bank account, which means if an account gets hacked, the government will not work to restore a customer’s funds.