The decentralized finance ( DeFi ) industry comes under attack from hackers on a fairly regular basis. These have stolen more than $1 billion from him in the last two months alone and more than 90% of all stolen cryptocurrencies come from hacked DeFi protocols. The situation seems to be spiraling out of control and everything suggests that nothing can stop the hackers.
Understanding the proliferation of hacking on DeFi platforms
According to the Chainalysis 2022 report, nearly 35% of all cryptocurrencies stolen in the past two years are attributed to security breaches.
It may be faulty code that hackers have taken advantage of. This is because hackers usually devote significant resources to finding systemic coding errors that allow them to carry out these types of attacks and usually use advanced bug tracking tools to help them do so.
Another common tactic used by threat actors to search for vulnerable platforms is to hunt down networks with security issues that have already been exposed, but solutions have yet to be implemented.
Most DeFi protocol codes are open source making them even more vulnerable to cybersecurity threats. Open source programs can be viewed by the public and verified by anyone with an Internet connection. As such, these programs are easily scrutinized and hackers take the time to look for exploits in them. This inherent property of open source therefore allows hackers to analyze DeFi applications for integrity issues and plan their breaks in advance.
Furthermore, some DeFi developers have contributed to the hacking of their platform by deliberately ignoring platform security audit reports published by certified cybersecurity companies. Some development teams also launch DeFi projects without subjecting them to a thorough security analysis. This increases the probability of coding faults. Finally, it must also be recognized that DeFi platforms are also prone to sabotage by people who are internal to the network.
Les flash loan attacks
Flash loans are unsecured DeFi loans that require no credit checks. They allow investors and traders to borrow funds instantly.
An analysis of the breach revealed that the hackers obtained a flash loan from the Aave DeFi protocol to obtain nearly $1 billion in assets. This gave them a 67% majority in the voting governance system and allowed them to unilaterally approve the transfer of assets to their address. The perpetrators fled with approximately $80 million in digital currencies after repaying the flash loan and associated surcharges.
About $360 million worth of cryptocurrency was stolen from DeFi platforms in 2021 using flash loans, according to Chainalysis.
How to overcome this plague
For Konstantin Boyko-Romanovsky, CEO and founder of Allnodes, the fight against hacking will be won on several fronts: ” The code must improve and smart contracts must be thoroughly audited, that’s for sure. . In addition, users should be constantly reminded of the rules of caution to be observed when online. Identifying any flaws can be an attractive incentive. This, in turn, could promote healthier conduct in a particular protocol . »
Exchanges must also continue to work with public authorities to catch scammers by providing all the information necessary to do so.
Ultimately, it should be remembered that to operate, hackers generally take advantage of the weaknesses of DeFi platforms. It is therefore by strengthening the security of the platforms that we can significantly reduce the computer hacking of which the various decentralized finance networks are victims. To this should be added greater vigilance from the authorities as well as greater collaboration from the exchanges in the search for hackers.
Source : cointelegraph.com
