As of August, more than $2 billion in crypto has been stolen by cybercriminals, with a high percentage coming from DeFi. It has led to a chain of warnings from security agencies, including the lead federal agency for investigating federal attacks, the FBI.
On the 29th of August 2022, the official FBI account on Twitter released a statement warning the masses to be wary of cybercriminals. They stated that these cybercriminals are exploiting the vulnerabilities of DeFi to steal investors’ cryptocurrencies.
Crypto enthusiasts and investors are aware of the risks involved in the crypto universe; investors have fallen into various forms of rug pulls and Ponzi schemes. Security agencies have always warned people about these schemes. The recent media release by the FBI shows this security issue has only gotten worse.
Compared to centralized finances, DeFi’s data and information spread across different nodes; it decreases the ease of hacking. However, it is not free of vulnerabilities that cybercriminals can exploit.
The FBI explained how cybercriminals defraud DeFi platforms and exploit investors. It includes;
- Starting a flash loan that triggers a smart contract bug on the DeFi platform.
- They use a token bridge weakness in the DeFi platform’s signature verification to steal all of the platform’s capital.
- They use several flaws, including the DeFi platform’s reliance on the single price oracle, to manipulate cryptocurrency price pairs, followed by leveraged transactions that avoided slippage checks and profited from inaccurate price calculations.
The FBI made sure they offered recommendations on how to avoid these situations.
Investors should be aware of DeFi investment pools with quick implementation of smart contracts and extremely short joining windows, particularly without the advised code assessment.
To quickly discover vulnerabilities and react to signs of suspicious activity, DeFi platforms should implement real-time analysis and strict code testing.
The growth of DeFi will continue to amass interest, and it is unlikely that cybercrime will soon come to a halt. Therefore, investors must be well knowledgeable about the projects they invest in. They should study the goals, features, smart contracts, protocols, and roadmaps of projects.