Digital thieves had a big year in 2021, stealing $3.2 billion worth of cryptocurrency. But in 2022, they’re shaping up to steal even more.
„In the first three months of this year, hackers have stolen $1.3 billion from exchanges, platforms, and private entities—and the victims are disproportionately in DeFi, according to Chainalysis.
Almost 97% of all cryptocurrency stolen in the first three months of 2022 has been taken from DeFi protocols, up from 72% in 2021 and just 30% in 2020.
Code exploits are an increasingly common vector of attack, but security breaches are here to stay
In the past, cryptocurrency hacks were largely the result of security breaches in which hackers gained access to victims’ private keys—the crypto-equivalent of pickpocketing. Ronin Network’s March 2022 breach, which enabled the theft of $615 million in cryptocurrency, has proven the continued effectiveness of this technique.
Our data also illustrates this fact. From 2020 to Q1 of 2022, 35% of all cryptocurrency value was stolen thanks to a security breach.
Note: The “unknown” label means information about hack type is not publicly available. The “other” label means the hack type is known but does not fit within our defined categories.
For DeFi protocols in particular, however, the largest thefts are usually thanks to faulty code. Code exploits and flash loan attacks—a type of code exploit involving the manipulation of cryptocurrency prices—has accounted for much of the value stolen outside of the Ronin attack.
Code exploits occur for a number of reasons. For one, in keeping with DeFi’s faith in decentralization and transparency, open-source development is a staple of DeFi applications. This is an important and generally positive trend: since DeFi protocols move funds without human intervention, users should be able to audit the underlying code in order to trust the protocol. But this benefits cybercriminals, too, who can analyze the scripts for vulnerabilities and plan exploits well in advance.
For the article in full follow this link