Chainalysis' 2022 Crypto Crime report states that hackers have already stolen cryptocurrency valued at $1.3 billion in Q1 2022
Image: Shutterstock
In 2021, hackers stole $3.2 billion worth of cryptocurrency across exchanges. Come 2022, these hacks seem to have gathered more steam, with $1.3 billion worth of cryptocurrency hacks already reported in the first quarter of the year. The numbers disproportionately sway toward more Defi platforms as victims of these hacks.
The Chainalysis’ 2022 Crypto Crime report states that 97 percent of the cryptocurrency was stolen from Defi platforms. The previous years’ numbers depict that the trend has been rising steadily: 72 percent in 2021 and 30 percent in 2020.
The most common and major vector of attack in the past hacks has been security breaches. In these security breaches, the hacker gains access to the victim's private keys to steal their cryptocurrencies. The $615 million March 2022 hack of the Ronin Network is a testimony that this technique remains effective. The report states that 35 percent of the value of stolen cryptocurrency from 2020 to Q1 of 2022 resulted from security breaches. Addressing the hacking concerns for Defi platforms, the report suggested that faulty code, which leads to code exploits and flash loan attacks, is the major cause of the increasing rate of hacks on Defi platforms.
“The answer to why DeFi protocols are being increasingly hacked lies in the code they are based on. The majority of hacking attacks happen because of smart contracts’ code vulnerabilities that the hackers exploit to gain access to user funds, says Johnny Lyu, KuCoin CEO, adding, “The decentralised nature of DeFi platforms makes them even more vulnerable to attacks, as hackers target specific bugs in the software suites, which are very transparent since the apps are open source.”
These smart contract vulnerabilities are inherent in Defi platforms and decentralised exchanges because of their open-source and transparent nature. Users can audit the underlying source code to build trust for the protocol, but this trait has been the Defi platforms’ undoing. Cybercriminals analyse the source code for vulnerabilities and plan the code exploit. The BadgerDAO hack is one such example where the hacker tested the exploit months before the actual attack.