DeFi Hacks Are Skyrocketing in October: Chainalysis

While the total value locked in decentralized finance has fallen massively this year, the hacks and thefts across the space are not slowing down. 

According to Chainalysis, this October has already become the “biggest month in the biggest year” for crypto hacks.

Overwhelming Hacks

As the blockchain intelligence firm tweeted on Wednesday, four significant DeFi hacks occurred on Tuesday alone. Across the month, 11 hacks have occurred in total, resulting in $718 million dollars being stolen. Yet the month is only halfway done. 

DeFi involves the use of smart contracts – self-executing code built on programmable blockchains – to build financial services. Ideally, the technology is supposed to make finance more secure, transparent, accessible, and trustless over time.

That being said, the security behind such applications relies on reliable code. If that code contains any vulnerabilities, there’s no limit to how much money users can lose to a tech-savvy attacker. 

 “At this rate, 2022 will likely surpass 2021 as the biggest year for hacking on record,” said Chainalysis. “So far, hackers have grossed over $3 billion dollars across 125 hacks.”

The largest hack to occur this month was against BNB Chain’s bridge between its Smart and Beacon chains. Though no funds were technically “stolen” from users, an attacker managed to mint 2 million BNB out of thin air using fraudulent withdrawal proofs. 

Another major hack occurred on Tuesday, when Mango Markets was drained of all of its funds for $117 million. The attacker exploited MNGO token’s low liquidity to manipulate its price to the upside, then used it as collateral to “borrow” all funds from the protocol.

These two hacks comprised the vast majority of lost funds in October, but others were also relevant. TempleDAO was exploited for over 1800 ETH (worth over $2.3 million) on Monday. Before that, the Bitcoin-based DeFi platform Sovryn was drained of roughly $1 million in funds. 

In 2019, most hacks targeted centralized exchanges, where security has improved over time. Now, the vast majority of hacks are targeting the nascent decentralized finance space.

Bridges: The Ultimate Honeypot

Chainalysis singled out cross-chain bridges as a major target for hackers right now. Bridges allow users to post their tokens as collateral on one chain and receive a derivative of that same token on another chain, which is redeemable at any time (ex. Wrapped Bitcoin).

However, this also makes bridges massive honeypots, since they store the assets backing all of the funds trading on other blockchains. As such, some of history’s largest DeFi hacks have occurred against bridges.

Besides BNB Chain, another of history’s largest DeFi hacks occurred against Ronin Bridge in March. The blockchain bridge supporting Axie Infinity was drained of over $600 million in USDC and ETH after an attacker compromised the treasury’s private keys.


Chainalysis has since helped recover some of the funds from that hack – as has Binance.

Bitcoin live price
price change

In February, Solana’s wormhole bridge was drained for over $300 million worth of ETH. 

Stay up to date with our latest articles