432 Interactions, 4 today
After 2019, decentralised finance networks on the Ethereum network have lost about $285 million to rogue actors.
After 2019, the growing popularity of decentralised finance has made the emerging business segment a destination for hackers and opportunistic profiteers.
According to a report by crypto research company Messari, DeFi protocols have lost about $284.9 million to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, according to data from DappRadar.
In February Messari calculated that over $284 million in DeFi was lost to hacks since 2019 😱
At this point in time, the decentralized insurance industry only covers a fraction of TVL in DeFi. The need is ripe for the picking. pic.twitter.com/WkZVI0TuWb
— Messari (@MessariCrypto) April 28, 2021
Almost half of the DeFi hacks covered in the Messari study were flash loan attacks, demonstrating that they are the most popular exploit vector in the DeFi landscape. Indeed, many of the big DeFi “hacks” have been flash loan attacks that often exploit temporary flaws in price oracle feeds.
Though crypto hacks fell in general in 2020, DeFi accounted for more than half of all attacks reported. So far in 2021, Alpha Homora and Cream Finance both made headlines after both protocols were hacked by rogue hackers, with the former facing the single-largest attack in DeFi history, resulting in a loss of $37.5 million.
The Alpha Homora event has called into question the consistency of smart contract auditing, provided that the project’s codes were checked by major smart contract auditing firms such as Quantstamp and PeckShield.
DeFi hacks are not limited to the Ethereum network; related events are also being reported in the Binance Smart Chain context. With increased activity on BSC, DeFi protocols on the network have also been targeted by rogue actors using well-known attack vectors.
Uranium Finance, a BSC-based digital market making site, lost $50 million to a hacker, as previously stated by Cointelegraph. The intruder took advantage of flaws in the project’s smart contract to syphon funds during a scheduled token migration event.
Other BSC-based DeFi ventures have also made headlines for the wrong reasons, with the TurtleDex team stealing the 9,000 Binance Coin (BNB) tokens earned during the mid-March pre-sale event.