Four charts that show how Cybercriminals are increasingly targeting the Defi sector
Cybercriminals had a stupendous year, both in terms of the number of successful attacks and the ransom extorted from the companies involved. As pointed out by the blockchain analytics company Chainalysis in a recent report, nefarious players stole $3.2 billion worth of cryptocurrency in 2021. And from how things are looking so far this year, it seems 2022 is going to be an even bigger year for cybercriminals.
According to the report, hackers are disproportionately targeting the Defi platforms to steal cryptocurrency. This trend becomes evident when we look at some of the charts below. These charts signify how the Defi sector has been affected by these attacks.
Thefts & Value Stolen
In this first chart above (Figure 1), the most striking thing that comes across is that 97% of all cryptocurrency stolen in the first three months of 2022 has been taken from Defi protocols, up from 72% in 2021 and just 30% in 2020. Altogether, hackers have stolen $1.3 billion from exchanges so far this year — already approaching the second-highest total posted back in 2018. Last year was the highest in terms of the number of attacks (251) and the total value stolen.
Percentage Value Breakdown
Ever since the beginning of 2020, Defi platforms have become the favored place for cybercriminals to launch their attacks. The share of attacks on Defi platforms has increased dramatically, as you can see in the chart above (Figure 2) — the percentage of value stolen from Defi platforms has jumped from just above 25% in 2020 to almost 100% by Q1 2022. Just goes to show how prone have the Defi platforms become to such attacks.
Percentage Value by Attack Type
Talking about vulnerabilities, Defi platforms are basically susceptible to three kinds of attack types — security breach, flash loan & code exploit. Flash loan attacks are sometimes caused by Defi platforms’ reliance on unstable price oracles. Code exploit is caused by nefarious players analyzing the vulnerabilities in underlying decentralized protocol. Defi platforms involve open-source protocols, which are open to audit — meant to create trust, they can also be manipulated by bad actors.
As per the report, From 2020 to Q1 of 2022, 35% of all cryptocurrency value was stolen thanks to a security breach. But as you can see in the chart above (Figure 3), both security breaches and code exploits are the most popular form of attack types on Defi platforms.
Top 10 Crypto Thefts
And finally, this chart (Figure 4), lists the top ten cryptocurrency theft incidents since the beginning of 2021. As you can see, 7 out of the top 10 crypto thefts occurred in Defi protocols. The seven Defi hacks have led to the theft of $1.6 billion, while the three exchange hacks have led to the theft of $960 million. Ronin Network’s March 2022 breach was the biggest breach during the 15-month period.
As the Defi sector continues to evolve and reach new highs, so does the risk of exploitation. This calls for better smart contract security, price oracle accuracy, and an altogether more rigorous approach to platform security. But no system is ever fool-proof, and there will still be attacks. At least the risk can be minimized. For a more detailed analysis, read the complete report.
Originally Published on Medium