DeFi Exploits 2021: CipherTrace Reports $474 M Loss in Flash Loan Attacks
The Decentralized Finance (DeFi) sector has witnessed an explosive growth this year. The total value locked (TVL) across all decentralized finance (DeFi) protocols has hit a new all-time high of $84 billion as August comes to a close, according to Data Aggregator DeFi Pulse.
Per ConsenSys’s Q2 2021 DeFi report, billions of institutional capital is flowing into DeFi. As the space is soaring to new heights, it is attracting significant attention from cyber criminals. The attacks on DeFi have become so regular that one protocol has developed a “DeFi REKT database.”
The CipherTrace database alleges that more than 2,500 projects have been ‘REKT’, and a cumulative of almost $474 Million has been lost to Ghostface killers in 2021.
While the overall cryptocurrency fraud rate has declined, DeFi-related frauds and hackings have increased significantly over the past few years. In 2021 alone, the DeFi hacks formed over 60% of the total hack and theft volume of crypto attacks, up by 40% from 2020, according to data from CipherTrace.
DeFi Exploit Outlook 2021
Very recently, Defi cross-chain protocol Poly Network fell prey to the biggest crypto heist in history. The hackers stole approximately $610 million worth of cryptocurrencies from Poly Network operating across the Binance Smart Chain (BSC), Ethereum (ETH), and Polygon. Thousands of people were affected by the hack, PolyNetwork said in a letter posted on Twitter. However, later on, the hacker returned the stolen amount.
Another major flash loan attack was encountered by the DeFi protocol, Cream Finance on August 30, when the lending protocol lost $18 million to scammers. According to early reports from Wu Blockchain, there were two attackers behind the exploit that carried out the heist in merely 17 transactions.
More money, more problems
Clearly, the DeFi industry is journeying onto maturity, and industry players are optimistic about its sustained growth. However, the DeFi sector has become a prime target for hackers. Many DeFi space projects are launched without being audited, and the ones which are audited often have attack vectors that go unnoticed.
Besides this, DeFi exchanges do not have any AML or KYC, so it is easy to execute an attack and launder the money through a DeFi exchange while the perpetrators will remain undetected.Source