Crypto Thieves Made Off With $4.3B in 2022: Top Hacks of the Year

From Axie to Wintermute, 2022 was the biggest year yet for crypto hacks

article-image

solarseven/Shutterstock.com modified by Blockworks

share

Topping off an already tumultuous year for cryptocurrency prices and company blowups, 2022 was a record year for crypto hacks. 

From January 2022 to November 2022, hackers made off with $4.3 billion of cryptocurrency, up 37% from the same period in 2021, according to data from cybersecurity firm Privacy Affairs. Analysts at Solidus Labs estimate bad actors are launching up to 15 crypto-related scams per hour. 

We’ve rounded up the top hacks of the year — so far. 

Axie Infinity’s Ronin Network — $625 million 

Coming in at the biggest breach of the year, hackers made off with more than $600 million from Ronin Network, an Ethereum-linked sidechain used for blockchain game Axie Infinity in March. Exploiters, the network said, used hacked private keys to forge withdrawals on March 23. The breach wasn’t discovered until almost a week later, when a user was unable to withdraw 5,000 ETH.

Later, Sky Mavis, the company that built the bridge, acknowledged that it may have sacrificed security for speed when developing the bridge. Sky Mavis then announced a $150 million raise, led by Binance, to reimburse affected users. Other contributors to the round included Paradigm, Animoca Brands, Dialectic, Accel and Andreesen Horowitz.

Wormhole Bridge — $320 million 

In February, hackers targeted Wormhole, one of the largest cross-chain bridges between Solana and other blockchains. The bad actors exploited a vulnerability in Wormhole’s validation system, allowing them to make off with fraudulently generated wrapped ether. 

Hackers then used the chain to convert the wrapped ether into ether. Wormhole parent company Jump Crypto later replaced all 120,000 ether the bridge lost. 

Nomad Bridge — $190 million 

In August, DeFi bridge Nomad lost $190 million in a hack that involved 960 transactions and 1,175 individual withdrawals. Users were able to exploit a bug in the protocol that allowed them to withdraw more than they had deposited. 

It is thought that once news of the bug spread, users rushed to exploit it themselves, resulting in a free-for-all involving onlookers rushing to submit illicit transactions, quickly draining the token bridge of all user funds kept inside its associated smart contract.

White hat hackers later returned at least $32 million to a recovery wallet address, Nomad said. The wallet was set up in association with custodian bank, Anchorage Digital. 

Beanstalk Farms — $182 million 

Ethereum-based stablecoin protocol Beanstalk lost $182 million in April when a hacker used a flash loan to buy a majority position in STALK, the protocol’s native governance token. The hacker then proposed a massive transfer of funds and approved it using their own majority vote. 

Nearly four months after the breach, the algorithmic stablecoin protocol relaunched. Beanstalk Farms said it “unpaused” its services on the one-year anniversary of its original August 2021 launch.

Wintermute — $160 million 

In September, Liquidity provider Wintermute, which provides liquidity across most CeFi and DeFi exchanges, said it lost $160 million in a security breach. Wintermute is among the largest crypto liquidity providers, conducting market making services for exchanges including Binance and Coinbase.

There is speculation that the hack was an inside job, but no cause or perpetrator has been confirmed.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template (10).png

Research

Innovations on Aptos’ technical design through Raptr, Shardines, and Zaptos approach near-optimal latency and throughput by unlocking 100% utilization of network resources, with the capacity to settle 260k transactions per second with latencies less than 800ms. The original Move language was revamped with the launch of Move 2, supporting more expressivity in smart contract logic and a scalable ability to interact with high volume datasets. The ecosystem has benefitted from strong asset inflows, now hosting over $1.3B in stablecoins, $450M in bridged BTC, and $530M in RWAs. Activity in the Aptos ecosystem has grown notably over the past year, with monthly application revenue reaching ~$835k and monthly DEX volumes growing to over $5B, both at new all time highs.

article-image

The Stripe-acquired firm has big plans for a streamlined, multi-wallet future

article-image

Both founders of the former crypto lender have now landed in new crypto industry roles

article-image

Bitcoin’s recent peak is a victory lap for curvers left and right

article-image

Securitize CEO Carlos Domingo says institutions are eager to get exposure to tokenization

article-image

Trade isn’t war and prosperity isn’t a contest