Can Web3 be hacked? Is the decentralized internet safer?

Published at: Aug. 21, 2022

Web3 came into existence posed as a blockchain-powered disruption to the current state of the internet. Yet, as a nascent technology, a fog of assumptions plagues discussions about the real capabilities of Web3 and its role in our day-to-day lives.

Considering the promise of a decentralized internet using public blockchains, a complete transition to Web3 would require scrutiny across several factors. Out of the lot, security stands as one of the most crucial features as, in a Web3-powered world, tools and applications hosted over the blockchains go mainstream.

Smart contract vulnerabilities

While the blockchains that host Web3 applications remain impenetrable from being hostage to attackers, hackers target the vulnerabilities within the project’s smart contracts. Smart contract attacks on decentralized finance (DeFi) platforms have surged, with a recent study revealing that approximately $1.6 billion in cryptocurrencies was stolen in the first quarter of 2022 alone.

Although DeFi is a subset of the Web3 spectrum, it reflects the biggest vulnerability within the ecosystem. As a result, Web3 entrepreneurs need to redirect their marketing budget to the development of the core system.

As seen throughout the year, vulnerabilities that allow hackers to drain vast amounts of assets result in impermanent losses for the investors and may cause an indirect collapse of related ecosystems.

Insider threats

In addition to external hacks, bad actors within the system may dupe the project and its investors. Fail-safe mechanisms with watered-down access to employees are required to avoid internal attacks.

On Aug. 14, trading and liquidity automated market maker (AMM) Velodrome Finance recovered $350,000 from one of its team members, Gabagool. One of Velodrome’s high-worth wallets was drained off $350,000. A following internal investigation revealed the attacker’s identification, allowing the company to recover the entire loot.

Fortifying Web3

Over six months of the bear market coupled with countless hacks have forced crypto investors to realign their investments with ecosystems that reflect safety. As a result, Web3 entrepreneurs are expected to take measures that ensure the long-term success of their offerings.

One way to minimize the risks of an attack is to conduct bug bounty initiatives. Bug bounties attract whitehat hackers, who try to identify vulnerabilities from a hacker’s perspective. Developers are rewarded financially for finding and fixing valid bugs in the system.

In addition, entrepreneurs must set up multisig wallets for storing funds and avoid centralized control over the wallets. Such measures, when implemented across the system, reflect a greater decentralization and insulation from orchestrated attacks.

Tags
Related Posts
Ethereum advances with standards for smart contract security audits
The Ethereum ecosystem continues to witness a flurry of activity that has individuals and organizations deploying token contracts, adding liquidity to pools and deploying smart contracts to support a wide range of business models. While notable, this growth has also been riddled with security exploits, leaving decentralized finance (DeFi) protocols vulnerable to hacks and scams. For instance, recent findings from crypto intelligence firm Chainalysis show that crypto-related hacks have increased by 58.3% from the beginning of the year through July 2022. The report further notes that $1.9 billion has been lost to hacks during this timeframe — a figure that …
Adoption / Aug. 22, 2022
Stacks’ Mitchell Cuevas talks building integrated DeFi bridges for Bitcoin users
The Stacks ecosystem is a collection of independent entities, developers and community members working to build a user-owned internet on the Bitcoin (BTC) blockchain. Stacks’ STX cryptocurrency was distributed to the general public through the first-ever Securities and Exchange Commission-qualified token offering in the United States. Mitchell Cuevas, head of growth for the Stacks Foundation, held an exclusive ask-me-anything, or AMA, session with Cointelegraph Markets Pro users on Dec. 2. During the session, he discussed the Stacks blockchain’s technological capabilities, future growth and major developments. Cointelegraph Markets Pro User: PoW [proof-of-work] blockchains are known to be the most secure. Does …
Adoption / Dec. 9, 2021
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
NFT-delivered court orders an answer to blockchain-related litigation: Lawyers
Non-fungible tokens (NFTs) are becoming an increasingly popular solution to serving defendants in blockchain-based crimes that would otherwise be unreachable, according to crypto lawyers. The last year has seen an increase in litigation delivered over NFTs in cases where those accused of blockchain crime wereuncontactable through traditional methods of communication. In November 2022, the United States District Court for the Southern District of Florida granted a United States law firm The Crypto Lawyers its request for its client to serve a defendant via NFT. While the defendant's identity was unknown, the plaintiff accused the defendant of stealing cryptocurrency to the …
Adoption / Jan. 24, 2023