Why Are Crypto Projects Frequently Attacked by Hackers?

In recent years, the hacking of cryptocurrency projects has become a widespread and serious threat, leading to billions of dollars being stolen from them and vulnerabilities being exposed across the entire ecosystem.

2022 was the biggest year in history for cryptocurrency theft, with $3.7 billion stolen. However, in 2023, the amount of stolen funds decreased by 54.1% to $1.7b, although the number of individual incidents of hacking rose from 219 in 2022 to 231 in 2023.

https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2024/

Let’s explore why crypto projects have become a ripe target for cyberattacks by hackers from around the world.

Incompetence of founders and teams

The Web is full of success stories about crypto projects that have enriched their founders. This is why many entrepreneurs, who are in no way related to cryptocurrencies, want to start their own crypto businesses.

The development of such projects often involves technical teams who lack relevant experience in working with cryptocurrencies. These teams don’t possess the skills to protect crypto apps and to build the proper software architecture.

This fatal error on the part of founders leads to the emergence of numerous vulnerabilities that hackers can exploit. These hackers often don’t act as soon as they have discovered the vulnerabilities, but bide their time for the opportune moment. When a project significantly increases its turnover, then an attack occurs, resulting in severe damage.

We met founders who started building a project without detailed technical specifications and interface design, while also hiring a low-skilled team. At some point, the customer realises that they need something different and reaches out to us for an audit. After conducting audits, a decision often has to be made about rebuilding the project completely from scratch. Unfortunately, in such cases, expenditures on the original team can’t be recovered.

Transaction irreversibility

Another reason why hackers are so comfortable with cryptocurrency is its decentralization and a great degree of anonymity. Once a transaction is completed, it can’t be cancelled and the sent coins can’t be returned. Blockchain networks have no centralized authority to which one can turn with such a request.

Extensive damage to major projects can garner attention from both the community and the media. It can also attract investigative companies that help track the movement of the stolen cryptocurrency. In some cases, this helps to block cybercriminals’ crypto addresses and even to return some of the funds if they are deposited into centralized services.

Crema Finance

In July 2022, Crema Finance, a DeFi protocol based on Solana, was hacked, resulting in the theft of SOL and ETH coins worth $8.9 million at the time. The platform was forced to suspend its operations and began cooperating with the blockchain security firm Ottersec to track down the stolen coins.

After several days, Crema Finance announced that it had begun negotiations with the hacker, who agreed to return a large portion of the coins in exchange for a reward for finding faults in the system. As part of the agreement, the hacker was supposed to keep a reward of just $800,000, returning the rest of the crypto. The platform stated that it would take legal action if the hacker refused the proposal.

Unsurprisingly, the cybercriminal kept a much larger portion of SOLs (around $1.7m), but still returned the remaining coins (around $7.2m). Nevertheless, Crema Finance was satisfied with the settlement and stated that it wouldn’t sue the hacker.

Transit Swap

In October 2022, Transit Swap, a cross-chain aggregator of decentralized exchanges, was hacked, resulting in the theft of ETH and BNB coins worth $28.9 million at the time. The hacker took advantage of an internal bug in the platform’s swap contract. After discovering this exploit, the Transit Swap Finance team began cooperating with cybersecurity companies, such as PeckShield, SlowMist, Bitrace, and TokenPocket. Thanks to this operational effort, several details about the hacker were uncovered, and with every step, they were getting closer.

Under threat of exposure, the cybercriminal was forced to begin returning the stolen coins. Transit Swap managed to obtain $18.9m worth of coins, while negotiations to return the rest of the coins still continued.

Such cases, with a more or less straightforward outcome, are rare. Unfortunately, for smaller projects, it is nearly impossible to recover losses.

Weak legal regulation

After a breach, hackers often convert their cryptocurrency on an exchange in order to withdraw the stolen funds. At this point, there is still a chance to block and return the cryptocurrency; however, cooperation on the part of exchange administrations is necessary for the investigation, and often every hour counts. Unfortunately, most victims are faced with the fact that major exchanges have adopted a formal approach, requiring contact from law enforcement agencies as part of official investigations. It’s senseless to claim that the police are unaware of how to solve cryptocurrency crimes, so they don’t investigate them.

Cybercriminals know that they are unlikely to be prosecuted. This gives them further faith and motivation.

Exit scam

It’s also not uncommon for a reported breach by a project team to not have actually happened. It’s in such a sleek way that a team can conduct an exit scam, or, in other words, embezzle user funds, pretending that the project suffered from a cyberattack.

Livecoin

The cryptocurrency exchange Livecoin announced its closure in January 2021. The reason was cited as a hack that allegedly occurred in December 2020.

Reports claimed that the hackers supposedly manipulated the prices of several major cryptocurrencies, including Bitcoin, whose price on Livecoin jumped to $500,000. After the incident, users were unable to withdraw their funds from the exchange, leading many to believe that Livecoin’s team had staged an exit scam.

Narwhal

The cryptocurrency project Narwhal, launched in mid-December 2023, appears to have failed. In January 2024, its representatives stated that the service had been hacked. They announced on X/Twitter that a ‘cyberattack’ had caused ‘significant losses to members of their community,’ but requested their followers ‘maintain confidence in the platform.’

However, the blockchain security firm CertiK, which is investigating the incident, suggests that the ‘hack’ could be the work of insiders: a large portion of the allegedly stolen $1.5m went to wallets associated with the Narwhal team.

Summary

When launching a crypto business, it is crucial not to skimp on a technical team, as such savings may prove very costly later on. Once your product becomes even somewhat well known, it will attract the attention of countless hacking teams across the world. While some are poorly qualified, there are also highly experienced groups.

We at Polygant have been working alongside cryptocurrency projects for over 7 years and have become experts in countering hacking and in protecting crypto apps. We’re happy to assist!