Just three days after the Office of Foreign Assets Control (OFAC) sanctioned crypto tumbler Tornado Cash, blockchain analytics firm Elliptic is now out with a new report about how blockchain bridges may become the potential future target for sanctions if the US Treasury Department really wants to crack down on crypto money laundering.
Hacking and data breaches have now become a daily occurrence, and the rate of crypto theft has increased exponentially in recent years as the prices of cryptocurrencies fall from their all-time high. As we reported late last year, hackers and scammers stole over $12 billion in crypto assets in the past decade. But the rate has accelerated this year.
In the last seven months alone, hackers have stolen $1.4 billion in crypto assets using crypto bridges. About half of that amount was stolen through RenBridge, according to a report from analytics firm Elliptic. RenBridge chain was singled out partly because the stolen funds were linked to crimes and money laundering.
In recent months, the bridges have become a prime target for hackers due to vulnerabilities in their underlying code. In June, hackers stole nearly $100 million worth of crypto assets after Harmony’s Horizon blockchain bridge was exploited.
Back in February, we also wrote about the crypto platform Wormhole, a bridge between Solana and other blockchains, after hackers exploited the Wormhole network and stole 120,000 ETH (around $320 million), making it the second-largest DeFi hack ever. Blockchain bridges connect networks to enable the fast swaps of tokens.
Cross-chain or blockchain bridges allow crypto assets to be transferred between blockchains, without going through a centralized service such as an exchange. With blockchain bridges, crypto users are also able to bypass a centralized exchange that’s largely unprotected. As the need to connect disparate blockchain platforms grows, blockchain bridges have grown in popularity and hackers have perfected the craft of exploiting these blockchain bridges to steal billions in crypto assets.
“Our analysis of cross-chain transactions using Elliptic’s new Nexus technology shows that one cross-chain bridge in particular – RenBridge – has been used to launder at least $540 million in crypto assets originating from theft, fraud, ransomware and various other types of criminal activity since 2020, Elliptic said in its report.
According to Elliptic, blockchain bridge hacks have resulted in more than $1.3 billion stolen so far this year. In an interview with CNBC, Elliptic co-founder and chief scientist Tom Robinson said:
“Blockchain bridges have become the low-hanging fruit for cyber-criminals, with billions of dollars worth of crypto assets locked within them. These bridges have been breached by hackers in a variety of ways, suggesting that their level of security has not kept pace with the value of assets that they hold.”