Crypto Scams Decline but Hacks Rise in Q3 2022: Chainalysis

Posted on oct. 19, 2022 | BLOG

chianalysis_crypto_2022_q3_banner

This year has been a challenging one for the global economy, with obstacles ranging from the war in Ukraine to supply chain woes to Federal Reserve interest rate hikes. Cryptocurrency markets, which generally follow macro trends – and particularly those of tech stocks – have been unable to avoid the wider fallout.

The same has not been entirely true of cybercrime in the cryptocurrency sector, which has in some ways followed the broader trend lines and in other ways bucked them, according to a new report by blockchain analysis firm Chainalysis. While scams appear to have fallen with the markets, other forms of criminal enterprise, such as decentralized finance (DeFi) hacks, are very much on the rise.

In this article, we’ll take a close look at the new data from Chainalysis and see how it stacks up compared to what’s come before, and we’ll also explore the recent biggest scams and hacks.

Where has crypto crime been declining in 2022?

Through the end of July 2022, the total cryptocurrency scam revenue dropped by 65% year-on-year, hitting $1.6B. The scammers hit their high watermark for revenue in early March of this year, followed by a continuous decline that roughly mirrors the fall in Bitcoin prices that began toward the end of the same month.

The same also held true for the cumulative volume of individual deposits received by scammers. Since most scams lure their victims with the prospect of high returns, it makes sense that these would be less appealing under bear market conditions. Indeed, the very presence of so many unsophisticated investors in the market is itself a characteristic of bull runs.  

The report goes on to mention that the lack of any extraordinarily massive scams so far this year, such as PlusToken ($2B in 2019) or Finiko ($1.5B in 2021), has kept the averages down.

However, the year isn’t over yet, and a few big crypto cons could push the numbers back up into the stratosphere.

While 2022’s biggest crypto scams so far – JuicyFields.io ($273M), Unique-Exchange.co/PARAIBA.world ($267M), and OmegaPro.world ($106M) – can’t hold a candle to earlier efforts, they are still considerable feats of criminality.

JuicyFields.io

Promising yearly returns of over 100%, JuicyFields attracted many people to its “e-growing” business model of cannabis cultivation, which allowed users to buy, sell, and manage plants in virtual greenhouses. Since the company stopped allowing logins to its website in July, questions have arisen as to whether the plants ever really existed, and now the lawsuits are piling up.

Unique-Exchange.co/PARAIBA.world

Paraiba and Unique-Exchange are a pair of linked scams, with Paraiba operating a multi-leveling marketing scam related to crypto and Unique-Exchange operating as a pseudo-crypto exchange. The perpetrators of the scams allegedly have not even been trading a large portion of the investment funds they receive, and the Paraiba platform operator’s Unique Private Bank returns an address for a hospital in the Comoro Islands.

OmegaPro.world

OmegaPro is a multi-level marketing platform scheme that allows for various kinds of leveraged trading, including with crypto, and offers up to 300% returns in a 16-month period. OmegaPro also sells training packs, which are often present in such schemes. The company was blacklisted by French authorities as long ago as 2020 but has continued to pop up elsewhere, becoming the subject of investigations and warnings in Peru and the Congo this year.

Where has crypto crime been rising?

As of the end of July 2022, hackers had this year managed to siphon off $1.9B in cryptocurrency through hacks. The year-on-year jump was substantial: the same period in 2021 had only netted hackers $1.2B by comparison. DeFi hacks, which are becoming an extremely popular target for cybercriminals, are responsible for a lot of the increase. Since DeFi protocols are still ripe with funds even amid market downturns, these kinds of hacks track market fluctuations less than some hype-dependent crypto scams.

Chainalysis speculates that part of the reason may lie in the open-source code used by DeFi protocols; however, they note that this practice also allows for security audits that combat the problem. Additionally, the incentives for rapid expansion in DeFi may lead to security oversights in some cases. The presence of state-sponsored hackers, such as the North Korean Lazarus group – which is responsible for about $1B in stolen crypto funds this year – are also worsening the situation.

Top DeFi Hacks of Q3 2022

Nomad

Following similar attacks earlier this year at Wormhole and Ronin, cross-chain bridge Nomad found itself hacked to the tune of $190M over the course of three hours in early August when a group of hackers looting the platform used code that made it possible for them to spoof transactions. The vulnerability had come into existence as a result of a recent update, and it made it easy for additional hackers to join in on the looting. Promising to treat those who returned funds as “white hat” hackers and not press charges, Nomad offered a bug bounty after the incident and managed to recover $20M in funds. It let those who gave it back keep 10%.

BlueBenx

BlueBenx is a Brazilian crypto lender that saw $32M stolen from its platform in August. The hack caused the company to revoke access to its platform, leaving 22,000 people high and dry. The company did not disclose details about the attack, leading some to speculate it may have been a contrived story to cover up for its inability to pay out withdrawals.

Crema Finance

Solana-based concentrated liquidity protocol Crema Finance experienced a hack in early July that saw $9.6M drained from its liquidity pools in a flash loan attack. First, the hacker took a flash loan out on the Solend protocol, then they added it to a liquidity pool on Crema. Through concocted pricing data, they were then able to drain the $9.6M. Crema later recovered $8M and allowed the person to keep the rest as a bug bounty.

Nirvana Finance

In another flash-loan attack on a Solana-based protocol, Nirvana Finance also used Solend to take out a loan it then used to mint $10M of $ANA at a manipulated price point, which they then used to swap for $3.5M in USDT, draining Nirvana’s liquidity pool down to 7 cents. They then paid the flash loan back. Nirvana suspended trading after the incident.

Conclusion

Whether markets are in bear or bull cycles, it’s clear from the latest reports for Q3 that hackers and scammers don’t sleep. Therefore, don’t sleep on your crypto security defenses. As a leading crypto infrastructure platform, CYBAVO offers a suite of solutions designed to help organizations manage their operations and grow their digital asset business in a secure way.