Despite a substantial decrease in crypto hacks in the first quarter of 2023, the crypto community is being cautioned against lowering their vigilance. One company has advised that this decline is likely to be a momentary relief rather than a persistent trend.
According to a report by Chainalysis earlier this year, the previous year witnessed the highest level of crypto hacking in history, resulting in an approximate theft of $3.8 billion. The majority of these illicit activities targeted decentralized finance (DeFi) protocols and were attributed to attackers associated with North Korea.
Nonetheless, there has been a significant decline in these figures during the initial quarter of 2023. As per a report from TRM Labs on May 21, the total amount pilfered through crypto hacks in Q1 2023 was notably lower than any quarter observed in 2022.
The average size of crypto hacks experienced a significant drop of nearly 65% compared to the same period in the previous year. However, caution is advised as historical data indicates that crypto users should not become complacent. In Q3 2022, crypto hacks saw a notable decline, only to be followed by a surge in “a record-setting number of hacks” in Q4, which ultimately made 2022 a record-breaking year, according to TRM Labs.
Unfortunately, TRM Labs suggests that this current slowdown is likely a temporary break rather than a lasting trend. The scales could tip once again with just a few large-scale attacks. While no clear explanation for the lull has been identified, TRM Labs speculates that the U.S. Treasury’s sanctions on cryptocurrency mixer Tornado Cash and the arrest and charges against Avraham Eisenberg, the exploiter of Mango Markets, may have acted as deterrents for potential hackers.
In January, Certik, a blockchain security firm, expressed its belief to Cointelegraph that there would be no relief from exploits, flash loans, or exit scams. They highlighted the probability of hackers making additional attempts to target bridges in 2023. It is noteworthy that bridges were involved in six out of the ten largest exploits in 2022, resulting in a total theft of approximately $1.4 billion.
Crypto Mixer Tornado Cash Suffers Attack
Not everyone within the community is in agreement about the proposed plan, which aims to restore governance of Tornado Cash to token holders. Some individuals hold differing opinions regarding the plan’s intentions and whether they are beneficial.
Following a recent attack on the decentralized autonomous organization’s (DAO) governance state, the Tornado Cash token (TORN) has experienced a 10% increase in value. This surge comes as a proposal was submitted by a wallet address associated with the attacker, aiming to reverse the harmful modifications made.
In the Tornado Cash community forum, user Tornadosaurus-Hex mentioned that the attacker has posted a new proposal, expressing optimism about its execution. According to Tornadosaurus-Hex, the attacker intends to reset the TORN tokens they had obtained, which granted them significant control over governance votes, back to zero.
Once the voting period concludes on May 26, the proposal is expected to pass considering the attacker’s significant holdings of TORN governance tokens. However, the exact timing of the proposal’s implementation remains uncertain. Upon approval, the malicious code integrated into the protocol by the attacker, which enabled the theft of voting power from others, will be removed. Consequently, governance control of Tornado Cash’s DAO will be returned to token holders.
CoinGecko data indicates that TORN experienced a surge of up to 10% in value but subsequently stabilized. 0xdeadf4ce, an active member of the TORN community, raised the possibility that this entire situation could be an elaborate scheme (“gigatroll”) aimed at depressing the token’s price and allowing the attacker to acquire more tokens at a discounted rate.
Despite lacking the ability to make a choice regarding this proposal, Tornadosaurus-Hex emphasized its significance and relevance.
The attacker behind this exploit is leveraging the distinction between structural attacks on DAOs and DeFi protocols, which involve manipulating the code rather than directly breaching it. Unlike traditional hacks, these types of attacks have led to legal charges. However, in this case, the attacker is likely capitalizing on the fact that Tornado Cash was recently classified as a sanctioned entity, potentially hoping to exploit the associated complications or loopholes.