- Hackers become more active in the DeFi sector.
- Low security and the lack of regulation make the protocols vulnerable to hack attacks.
Hacker’s activity in the DeFi space has been gaining traction since the start of the year. According to the recent CipherTrace report, the losses due to hacks, theft and fraud amounted to $99 million.
DeFi sector is an easy target for hackers
The experts of the cryptocurrency intelligence company CipherTrace pointed out that the losses from thefts and hacks in the cryptocurrency industry, excluding exit scams and fraud, rose to $468 million year-to-date, up 30% from $361 million for 2019. About 20% of those hacks came from the DeFi sector. Meanwhile, the total value of the crypto crime losses declined by 60%, from $4.5 billion in 2019 to $1.8 billion in the first ten months of 2020.
Money stolen by hackers in 2020, CipherTrace
The CipherTrace analysts believe hackers and scammers regard DeFi as an easy target because of its unregulated and anonymous nature. It makes them a perfect vehicle for money laundering and other illegal activities.
DeFi-protocols are not censored. The other side of this freedom is the lack of regulatory compliance and easy access to the platform for anyone, meaning that the sector may become a safe haven and a hiding place for those who need to launder money.
Companies and individuals have rushed DeFi products to market that have not gone through security verification and validation. So people are figuring out that there’s a weakness here, Dave Jevans, CipherTrace’s chief executive officer, commented in the interview with Reuters.
FXStreet previously reported that Chinese authorities cracked down on the criminal group that provided money-laundering services for overseas online gambling websites via USDT platforms in Guangdong province.
Meanwhile, the centralized exchanges and other cryptocurrency service providers have been taking steps to improve the security features and implement anti-money laundering procedures to prevent fraud.
What we have seen is that exchanges and other cryptocurrency players have implemented more security procedures. They have taken the guidance and implemented the procedures to secure their funds better. So you’re going to see less mass-scale hacks, the expert added.
The total value locked on the DeFi platforms reached a new all-time high of $12.98. The industry has experienced over 300% growth since August.
bZx, dForce and Harvest Finance are the biggest losers
These three DeFi protocols are the latest victims of cybercriminals. The attackers managed to find vulnerabilities in the smart contracts and siphoned millions of dollars of users funds.
bZx has become a serial loser as hackers performed three successful incursions on the protocol, while the total loss amounted to $9 million. The latest incident happened in September and cost the project nearly $8 million. As FXStreet already published, breaking-security specialists found a structural flaw on the iToken contract that allowed them to steal the money.
In April, hackers stole $25 million of users funds from Lendf, one of the DeFi-protocols supported by a Chinese-based dForce Foundation. Some developers believe that this was done by using the imBTC token vulnerability, backed by BTC and applied as collateral. The loophole in the algorithm allowed hackers to get away with the money.
Harvest Finance is the latest victim. One of the largest yield-farming protocols got hacked on October 26. The estimated loss extends to $24 million in USDT and USDC. The intruders used the so-called flash loan attacks scheme to drain the protocol and the whole operation took them less than ten minutes.