DeFi related hacks account for 76% of all major hacks in 2021
Decentralized finance (DeFi) is a system that allows for financial products to become available on a public decentralized blockchain network. Instead of going through intermediaries such as banks or brokerages, buyers, sellers, lenders, and borrowers can interact peer to peer through DeFi when facilitating transactions.
According to the recent Atlas VPN team findings, DeFi related hacks make up 76% of all major hacks in 2021. In addition, many fraudsters have started fake DeFi projects to benefit from the crypto industry hype.
The data is based on the Cryptocurrency Crime and Anti-Money Laundering Report released by CipherTrace in August 2021.
Even though the first Ethereum based protocol MakerDAO for DeFi was released in 2017, hacks abusing the system were not recorded until 2020. In 2019 money lost to hacks was mostly from phishing, ransomware, and other cyberattacks.
A year later, in 2020, DeFi hacks made up one-quarter of all funds lost to hacks that year — $129 million. One of the biggest DeFi hacks that happened last year was the attack on Harvest Finance. Cybercriminals exploited the crypto asset management platform via a flash loan attack that resulted in a loss of over $24 million.
In the first half of 2021 DeFi hack losses have reached $361 million, surpassing last year’s total losses by 180%. If a year ago, such hacks were only a quarter of all losses, now they make up three-quarters of the total hack volume.
DeFi protocols could get hacked because of various reasons. Many DeFi projects get hacked because of developer incompetence which causes coding mistakes that hackers can abuse. Other cybercriminals can take out a flash loan and manipulate the token price to hack the DeFi protocol.
DeFi crime is on the rise
All DeFi crimes generally fall into one of the two categories: outside agents hacking the DeFi protocol or a rug pull conducted by insiders. Even though hacking is more prevalent among cybercriminals, few social media influencers have been getting into rug pull scams and manipulating their audiences.
DeFi fraud and hacks combined for a total of $474 million lost in the first half of this year. As established before, DeFi hacks made up $361 million of the total loss, and $113 million were stolen by DeFi fraudsters.
This year, the biggest DeFi hack happened in May when the PancakeBunny protocol faced a flash loan exploit that extracted $45 million worth of crypto assets. Later on, the attacker sold BUNNY tokens for Binance Coin (BNB). The immediate sale of these tokens made the price of BUNNY tokens sink from $146 to $6.
In June 2021, DeFi project WhaleFarm rug pulled $2.3 million from investors. WhaleFarm promised enormous returns of annual percentage yield on the most popular cryptocurrencies. After running just for a few days, the project’s anonymous developers vanished with the funds while their token lost 99% of its value.
Many rug pull scams heavily rely on marketing to draw in a ton of investors to run the price up. Often developers of such projects will use social media and influencers to promote their token to an unsuspecting audience.
The crypto industry has generated a lot of excitement, however, many newcomers are unaware of the risks. Lack of regulation in the crypto industry allows cybercriminals to thrive either by hacking less secured DeFi projects or by carrying out rug pull scams. For DeFi to become more legitimate, it is essential to establish security and business regulations.