DeFi was the most attacked ecosystem in 2022: Finance Redefined

Published at: Jan. 13, 2023

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week.

The DeFi ecosystem started 2023 on a bullish note, similar to the broader cryptocurrency market. However, the bullish start to the year didn’t diminish the damage caused by vulnerabilities and attacks in 2022.

A new research report has highlighted that DeFi was the most vulnerable crypto ecosystem, at the receiving end of 113 exploits out of the total 167. On top of that, blockchain security experts have warned the trend could continue in 2023.

MetaMask became the first prominent victim in 2023, as a new wallet scam emerged. The wallet address scam, called address poisoning, tries to take advantage of users’ carelessness. In other DeFi exploit news, an address connected to the $190 million Nomad bridge exploit has moved $1.57 million in Ether (ETH) to the sanctioned crypto mixer Tornado Cash.

Arbitrum and Optimism, the two Ethereum-based layer-2 networks, processed more than 1.1 million transactions combined on Jan. 10, flipping Ethereum in transaction volume.

The top 100 DeFi tokens entered the second week on a bullish note, with most of the tokens recording multi-week highs.

DeFi-type projects received the highest number of attacks in 2022: Report

It’s no secret that in 2022, Web3 and DeFi experienced a slew of significant exploits and attacks. From the Ronin Bridge attack to the Nomad Bridge attack, the top 10 exploits alone saw over $2 billion lost.

A new report from the Blockchain Security Alliance, written by Beosin, BuilderDAO, LegalDAO and Footprint Analytics titled, “Global Web3 Security Report 2022 & Crypto Regulatory Compliance Research”, revealed that of 167 major security incidents over the last year, those rooted in DeFi were the most vulnerable. DeFi projects were attacked 113 times, which accounted for approx. 67.6% of recorded attacks.

Continue reading

Why DeFi should expect more hacks this year: Blockchain security execs

DeFi investors should buckle themselves up for another big year of exploits and attacks as new projects enter the market and hackers become more sophisticated.

Shared exclusively with Cointelegraph, executives from blockchain security and auditing firms HashEx, Beosin and Apostro were interviewed for a new report on DeFi security by Drofa, titled “An Overview of DeFi Security In 2022.”

Continue reading

Scam alert: MetaMask warns crypto users about address poisoning

In an announcement, digital wallet provider MetaMask warned users of an “address poisoning scam,” where attackers “poison” transaction histories by sending users tokens worth $0 to their wallets. The scammers will use wallet addresses generated from vanity address generators and match the first and last characters of their victim’s wallet address. This gets unsuspecting users to send their funds to the wrong copycat address.

While the attempt would not give the hackers access to user wallets, people who may have gotten into the habit of copying their wallet address from the transaction history before sending digital asset balances, could potentially send their funds to copycat addresses.

Continue reading

Nomad exploit wallet address transfers $1.57 million to Tornado Cash

In an alert, blockchain security firm CertiK flagged that a wallet address affiliated with the Nomad hack has moved 1,200 ETH ($1.57 million) into Tornado Cash, suggesting that the attackers may be cashing in the funds. The hacker transferred 12 batches of 100 ETH to the sanctioned mixer.

The Nomad Bridge hack was one of the ten largest crypto hacks in 2022, with more than $190 million worth of digital assets lost. On Aug. 1, hundreds of exploiters flocked to drain the bridge’s total value locked in a matter of hours due to a security breach. Last year, a report revealed that almost 90% of the hack participants were copycats who took over $88 million of digital assets.

Continue reading

Optimism and Arbitrum flip Ethereum in combined transaction volume

Ethereum layer-2 on-chain activity has been increasing to the extent that the leading two networks now process more transaction volume than mainnet Ethereum.

Layer-2 networks, Arbitrum and Optimism, have seen an increase in transactions over the past three months. Comparatively, transactions on the Ethereum network have declined by around 33% since late October 2022, according to Etherscan.

Continue reading

DeFi market overview

Analytical data reveals that DeFi’s total market value jumped by over $40 billion this past week, trading at about $41.9 billion at the time of writing. Data from Cointelegraph Markets Pro and TradingView show that DeFi’s top 100 tokens by market capitalization had a bullish week, as nearly all the tokens broke past multi-week highs.

Lido DAO (LDO) was the biggest gainer on the weekly charts, registering a 52% price surge over the last seven days, followed by Avalance (AVAX) with a 34% surge. Fantom (FTM) recorded a 29% surge on the weekly charts, while the rest of the tokens in the top 100 also saw double-digit gains.

Thanks for reading our summary of this week’s most impactful DeFi developments. Join us next Friday for more stories, insights and education in this dynamically advancing space.

Tags
Related Posts
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Transaction batching protocol Furucombo suffers $14 million “evil contract” hack
The latest “evil contract” exploit has netted an attacker over $14 million in stolen funds. Furucombo, a tool designed to help users “batch” transactions and interactions with multiple decentralized finance (DeFi) protocols at once, fell victim to the attack at roughly 4:45 pm UTC, which centered on token approvals from users. The attacker’s address currently has $14 million worth of various cryptocurrencies, but the attack appears to be larger as they have been transferring ETH to privacy mixer Tornado Cash in batches over the last hour. This attack is conceptually similar to the $20 million “evil jar” attack that struck …
Ethereum / Feb. 27, 2021
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
Crypto’s recovery requires more aggressive solutions to fraud
It’s hardly an exaggeration to say that our industry is facing tough times. We’ve been in the midst of a “crypto winter” for some time now, with the prices of mainstays, including Bitcoin (BTC) and Ether (ETH), tumbling. Likewise, monthly nonfungible token (NFT) trading volumes have fallen more than 90% since their multibillion dollar peak back in January of this year. Of course, these declines have only been exacerbated by the numerous black swan events rocking the crypto world, such as the FTX and Three Arrows Capital meltdowns. Taken together, it shouldn’t be a surprise that crypto is facing a …
Cryptocurrencies / Dec. 30, 2022