Cryptocurrency hackers stole $3.8 billion last year, making it the worst year on record for crypto investors, up from $3.3 billion in 2021.

According to Blockchain analytics platform Chainalysis, October was the biggest single month ever for cryptocurrency hacking, as $775.7 million was stolen in 32 separate attacks.

DeFi (Decentralised Finance) protocols as victims accounted for 82.1 percent of all cryptocurrency stolen by hackers — a total of $3.1 billion — up from 73.3 percent in 2021.

Of that $3.1 billion, 64 percent came from cross-chain bridge protocols specifically.

Cross-chain bridges are protocols that let users port their cryptocurrency from one blockchain to another, usually by locking the user’s assets into a smart contract on the original chain and then minting equivalent assets on the second chain.

“If a bridge gets big enough, any error in its underlying smart contract code or other potential weak spot is almost sure to eventually be found and exploited by bad actors,” said the report.

Buy Me A Coffee

North Korea-linked hackers such as those in the cybercriminal syndicate Lazarus Group have been by far the most prolific cryptocurrency hackers over the last few years.

In 2022, they shattered their own records for theft, stealing an estimated $1.7 billion worth of cryptocurrency across several hacks, the report said.

Most experts agree the North Korean government is using these stolen cryptos to fund its nuclear weapons programs.

About $1.1 billion of that total was stolen in hacks of DeFi protocols, making North Korea one of the driving forces behind the DeFi hacking trend that intensified in 2022.

Cyberattackers Steal 16.6 Million USD from Govt Department in South Africa

“Besides DeFi protocols, North Korea-linked hackers also tend to send large sums to mixers, which have typically been the cornerstone of their money laundering process,” the report noted.

For much of 2021 and 2022, North Korea-linked hackers almost exclusively used Tornado Cash to launder cryptocurrency stolen in hacks.

Sinbad is a relatively new custodial Bitcoin mixer that began advertising its services on the BitcoinTalk forum in October 2022.

During December 2022 and January 2023, North Korea-linked hackers sent a total of 1,429.6 Bitcoin worth approximately $24.2 million to the mixer, the report said.