DeFi hacks and exploits total $285M since 2019, Messari reports

Published at: April 29, 2021

Decentralized finan’s rising popularity since 2019 has seen the emerging market segment become a target for hackers and opportunistic profiteers.

According to a report by crypto research company Messari, DeFi protocols have lost about $284.9 million to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, according to data from DappRadar.

In February Messari calculated that over $284 million in DeFi was lost to hacks since 2019 At this point in time, the decentralized insurance industry only covers a fraction of TVL in DeFi. The need is ripe for the picking. pic.twitter.com/WkZVI0TuWb

— Messari (@MessariCrypto) April 28, 2021

Almost half of the DeFi hacks covered in the Messari report were flash loan attacks, providing further evidence of it being the most popular exploit vector in the DeFi landscape. Indeed, many of the major DeFi “hacks” have been flash loan attacks that sometimes take advantage of temporary defects in price oracle feeds.

While crypto hacks declined in general in 2020, DeFi accounted for more than half of the attacks recorded during the year. In 2021 so far, Alpha Homora and Cream Finance made headlines after both protocols had fallen victim to rogue actors with the former suffering the single-largest hack in DeFi history, losing $37.5 million.

The Alpha Homora incident also put the quality of smart contract auditing into question, given that major smart contract auditing outfits such as Quantstamp and PeckShield reviewed the project’s codes.

DeFi hacks are not only restricted to the Ethereum chain as the Binance Smart Chain environment is also clocking similar incidents. With growing activity on BSC, DeFi protocols on the network have also fallen victim to rogue actors using familiar attack vectors.

As previously reported by Cointelegraph, Uranium Finance, a BSC-based automated market maker platform, lost $50 million to a hacker. The attacker exploited bugs in the project’s smart contract and was able to siphon funds during a planned token migration event.

Other BSC-based DeFi projects have also made the news for the wrong reasons, with the TurtleDex team stealing the 9,000 Binance Coin (BNB) tokens raised during the pre-sale event held in mid-March.

Tags
Related Posts
Uranium Finance developer suspected of ‘leaking’ information leading to $50M exploit
The $50 million exploit of Uranium Finance, a decentralized finance protocol on Binance Smart Chain, may have been an inside job, according to a member of the project’s development team. The theory was put forward in Uranium Finance’s Telegram channel by a user named “Baymax,” who appears to be listed as an administrator. In a pinned post, Baymax explained that the security flaw leading to the exploit happened just two hours before version 2 of the protocol was launched. The suspicious timing of the exploit narrows down the list of potential perpetrators significantly. Baymax explained: “There are a total of …
Blockchain / April 28, 2021
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
FBI issues alert over cybercriminal exploits targeting DeFi
The U.S Federal Bureau of Investigation (FBI) has issued a fresh warning for investors in decentralized finance (DeFi) platforms, which have been targeted with $1.6 billion in exploits in 2022. In an Aug. 29 public service announcement on the FBI's Internet Crime Complaint Center, the agency said the exploits have caused investors to lose money — advising investors to conduct diligent research about Defi platforms before using them, while also urging platforms to improve monitoring and conduct m rigorous code testing. The law enforcement agency warned that cybercriminals are out in force to take advantage of "investors' increased interest in …
Blockchain / Aug. 30, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Cross-chains in the crosshairs: Hacks call for better defense mechanisms
2022 has been a lucrative year for hackers preying on the nascent Web3 and decentralized finance (DeFi) spaces, with more than $2 billion worth of cryptocurrency fleeced in several high-profile hacks to date. Cross-chain protocols have been particularly hard hit, with Axie Infinity’s $650 million Ronin Bridge hack accounting for a significant portion of stolen funds this year. The pillaging continued into the second half of 2022 as cross-chain platform Nomad saw $190 million drained from wallets. The Solana ecosystem was the next target, with hackers gaining access to private keys of some 8000 wallets that resulted in $5 million …
Blockchain / Aug. 11, 2022