Hacks and security breaches have cost DeFi ~£202 million since 2019

Tue 18 May 2021 ▪ 15h46 ▪ 4 min de lecture - par Adrien Stefanini

A victim of its own success, the crypto industry has become the site of high levels of criminal activity, tarnishing its image in the eyes of the public. Ransomware, fake giveaways, other dubious projects and even hacks are the most common types of criminal operations that leave individual users out of pocket. In fact, one of the crypto industry’s most important components, DeFi protocols based on the Ethereum (ETH) blockchain, has become a key target for hacking. Messari recently revealed that hacks have caused losses in the region of $285 million (~£202 million).

Losses total 0.65% of Ethereum DeFi market

In their report published on the back of a study, Messari details that flash loan attacks accounted for more than half of all hacks suffered. Due to temporary defects in price oracle feeds, flash loans have become the most-targeted exploit vector in the DeFi landscape. Meanwhile, DeFi accounted for more than half of registered cyber-attacks in 2020, despite the general trend in the crypto industry seeing exploits decline in frequency. Other than flash loans, DeFi’s vulnerability to hackers is also due to the substandard quality of smart-contract auditing at the heart of the sector.

For example, Alpha Homora paid the price earlier this year when it was the subject of the largest hack in the history of decentralised finance, resulting in a loss of $37.5 million (~£27 million). This incident went a long way to tarnishing the image of Quantstamp and PeckShield, the two companies who had reviewed the project codes. According to DappRadar, the total amount stolen by hackers represents 0.65% of the adjusted total value locked on the Ethereum-based DeFi market. Although this blockchain was directly singled out by Messari in its report, it is far from being the only chain at the centre of DeFi that is the subject of attacks.

Binance Smart Chain (BSC) also under attack

With the advantage of lower gas fees compared to Ethereum, the Binance Smart Chain (BSC) has established itself as an alternative for DeFi protocols. With its market share increasing, this has caused it to attract the hackers’ attention. Notably, they have exploited bugs in Uranium Finance’s smart contracts: on just one occasion, hackers were able to make off with $50 million (~£35 million) during a token migration organised by the protocol.

DeFi protocols have plenty to gain from boosting security on their platforms to limit their losses from cyber-attacks, which are by no means a thing of the past for the industry. A good example of this is Yearn Finance. Targeted by a speculative attack in February 2021, they managed to save 24 million Dai (DAI) thanks to the ingenuity of its technical team, who had worked hard to reduce the protocol’s exposure to rogue actors.

Adrien Stefanini

Ingénieur de formation, et spécialisé dans les nouvelles technologies, je me suis toujours intéressé à la blockchain et aux cryptomonnaies. Je suis heureux de faire partie de l'équipe CoinTribune.


The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.