Hacks in the decentralised finance (DeFi) system accounted for nearly 76% of all major hacks worldwide in 2021 so far, according to a report by security firm AtlasVPN.
DeFi is a peer-to-peer system that allows financial products to be available in a decentralised blockchain network through smart contracts, without the participation of intermediaries like banks and brokerages. According to crypto analysis firm DeFi Pulse, total value locked in DeFi contracts has risen to over $80 billion in August from $10 billion in September last year.
Fraudsters are targeting these high-value contracts with fake projects. A total of $361 million has been lost in DeFi hacks compared to $129 million last year, according to the report.
Many DeFi projects could be hacked because of developer incompetence which causes coding mistakes that hackers can abuse. Other cybercriminals can take out a flash loan and manipulate the token price to hack the DeFi protocol, the report added.
The year 2021 also witnessed a rise in DeFi crimes. These crimes fall into one of the two categories – outside agents hacking the protocol or a rug pull conducted by insiders. Even though hacking is more prevalent among cybercriminals, few social media influencers have been getting into rug pull scams and manipulating their audiences.
DeFi fraud and hacks combined caused a loss of over $474 million lost in the first half of 2021, according to AtlasVPN data.
The biggest DeFi hack this year happened in May when the PancakeBunny protocol faced a flash loan exploit that extracted $45 million worth of crypto assets. The attacker then sold BUNNY tokens for Binance Coin, which made the price of BUNNY tokens sink to $6 from $146, the security firm noted.
“The crypto industry has generated a lot of excitement, however, many newcomers are unaware of the risks. Lack of regulation in the crypto industry allows cybercriminals to thrive either by hacking less secured DeFi projects or by carrying out rug pull scams. For DeFi to become more legitimate, it is essential to establish security and business regulations,” the report said.