Here’s how cybercriminals attack DeFi platforms, from faulty programmes to flash loan attacks


In 2022, cybercriminals made a significant splash, stealing $1.3 billion from cryptocurrency companies, exchanges, and, in particular, Decentralised Finance or DeFi entities. According to a new analysis by data analytics firm Chainalysis, DeFi protocols were responsible for nearly 97 percent of all cryptocurrency stolen in the first three months of 2022, up from 72 percent in 2021 and 30 percent in 2020.

DeFi platforms enable cryptocurrency lending and borrowing via the blockchain network. It makes use of smart contracts to automate crypto lending and borrowing. On the Blockchain, smart contracts are pieces of code that run when a certain condition is met. The largest thefts are frequently carried out by faulty code and flash loan assaults, which are a sort of code exploit involving the manipulation of cryptocurrency prices. Code flaws or exploits can occur for a variety of reasons. It should be emphasised that DeFi is an open-source protocol, which means that anyone can examine the platform’s core code. “Because DeFi protocols move funds without human intervention, customers should be able to audit the underlying code in order to trust the protocol,” according to the company’s research. Cybercriminals, on the other hand, benefit from this because they can analyse the scripts for vulnerabilities and plan exploits ahead of time.

According to Chainalysis, from 2020 to Q1 of 2022, 35% of all cryptocurrency value was stolen due to a security breach. The March 2022 breach of Ronin Network, which resulted in the theft of $615 million in cryptocurrency, demonstrated the technique’s continued effectiveness. Hackers’ second most commonly used technique is flash loan attacks. It’s a smart contract exploit in which an attacker accepts a flash loan (uncollateralized loan) from a DeFi platform, spends the capital they borrowed, and pays it back in the same transaction, causing the crypto asset’s price to rise and then immediately withdrawing their assets. According to the Chainalysis analysis, when a DeFi platform relies on unstable pricing oracles, attackers are more likely to exploit it. Oracles are programmes entrusted with keeping correct pricing data for all cryptocurrencies on a platform, which is difficult given the volatility of cryptocurrency prices.

“Arbitrage is vulnerable to secure but slow oracles; price manipulation is vulnerable to rapid but insecure oracles.” The latter type frequently leads to flash loan attacks, which took $364 million from DeFi platforms in 2021, according to the research.

Regular audits, according to the data analytics business, can help decrease flash loan attacks, but code audits aren’t perfect. Nearly 30% of code exploits and a startling 73% of flash loan assaults were discovered on platforms examined within the last year. “While code audits can undoubtedly assist,” Chainalysis continued, “DeFi protocols that manage millions of users and billions of dollars need to embrace a more rigorous approach to platform security.”

Stolen cryptocurrency is being laundered
DeFi networks have also become a hotspot for fraudsters looking to launder stolen cryptocurrency. In 2021, DeFi platforms received 51% of stolen funds, while centralised exchanges received less than 15% of all stolen funds. “This is likely owing to exchanges’ embracing of AML and KYC protocols, which jeopardise cybercriminals’ anonymity,” according to the research. “The decentralised structure of DeFi networks makes them even more vulnerable to attacks, since hackers target specific weaknesses in the software suites, which are highly visible due to the open source nature of the programmes.”¬†While this uniqueness necessitates even more time and money spent on code audits and stress tests, many DeFi projects nowadays are launched quickly and do not invest heavily in building a robust security team. It can be noted that smart contract audits, senior and experienced teams will be beneficial in preventing hacker assaults for the current security flaws in Defi projects,” stated Johnny Lyu, CEO of KuCoin.

Cyber crooks have stolen at least $1.41 million (about Rs 10 crore) thanks to a “major vulnerability” in Multichain, formerly known as Anyswap, one of the world’s largest crypto token swapping platforms. This breakthrough comes at a time when the security of the decentralised finance (DeFi) ecosystem is being called into question, with billions of dollars in cryptocurrencies stolen from DeFi platforms alone in 2021. DeFi, for the uninitiated, is an alternative finance ecosystem in which people can transfer, trade, borrow, and lend bitcoin without the involvement of traditional financial institutions or the regulatory systems that surround banking. The DeFi movement attempts to “disintermediate” finance by removing the need for trust and middlemen from transactions by using computer code.

In the face of a $1.34 million exploit, Multichain is urging users to take matters into their own hands. “If you have an issue, you must solve it on your own,” the corporation claims. In the face of a $1.34 million exploit, Multichain is urging users to take matters into their own hands. “If you have an issue, you must solve it on your own,” the corporation claims. It should be noted that the vulnerability was first detected by a security firm called Dedaub and was reported to the Multichain team, according to a report by Cointelegraph. Hackers continue to take advantage of the flaw to gain access to users’ cash. At the time of writing, Multichain reports that a total of $1,412,274.25 is affected.