DeFi Security Incident Review: Analysis of Major Cases in 2022

In 2022, the Web3 industry experienced several major security incidents, with losses amounting to as much as $4.3 billion. This article will analyze in detail 8 typical cases, most of which caused losses exceeding $100 million.

Ronin Bridge Incident

In March 2022, the sidechain Ronin Network of Axie Infinity was hacked, resulting in the loss of approximately $590 million in crypto assets. The attackers obtained internal employee information through social engineering tactics, ultimately gaining control of multiple validator nodes. This exposed issues such as weak employee security awareness and vulnerabilities in the internal security system.

Wormhole Incident

The Wormhole cross-chain bridge was attacked due to a contract code issue on the Solana side, resulting in a loss of approximately 120,000 ETH. This was mainly caused by the use of deprecated functions, serving as a reminder for developers to promptly update to the latest versions to avoid similar issues.

Nomad Bridge Incident

The Nomad cross-chain bridge initialization settings have issues, allowing attackers to repeatedly withdraw funds, resulting in a loss of approximately $190 million. Once vulnerabilities appear in such open-source projects, they can easily be exploited by hackers. The project team should strengthen code audits and security testing.

Beanstalk Incident

Beanstalk suffered a flash loan attack, resulting in a loss of approximately $182 million. The attacker exploited a vulnerability in the project's governance mechanism, submitted a malicious proposal, and executed it immediately. This reflects the security risks present in decentralized governance, and reasonable time lock mechanisms should be established.

Wintermute Incident

Wintermute suffered a loss of approximately $160 million due to the use of a vulnerable address generation tool that led to the compromise of private keys. This serves as a reminder for project teams to thoroughly assess the security of external tools when using them.

Harmony Bridge Incident

The Harmony cross-chain bridge was attacked due to a private key leak, resulting in a loss of approximately $100 million. Suspected to be the work of a North Korean hacker organization, the method is similar to the Ronin Bridge incident. The project team should strengthen private key management and internal security protection.

Ankr Event

Ankr suffered financial losses due to malicious acts by internal personnel. This exposed serious issues in the project's authority management, multi-signature, and other areas. A sound internal control mechanism should be established.

Mango Incident

Attackers exploited the business model vulnerabilities of the Mango platform for price manipulation, ultimately causing losses of approximately $115 million. This serves as a reminder for project teams to fully consider various extreme scenarios and improve risk control measures. Users should also carefully assess risks when participating in projects.