Almost as much cryptocurrency has been stolen this year as in the entirety of 2021, new analysis suggests.
According to blockchain market analysts at Chainalysis, thieves and fraudsters stole $3.2 billion in various cryptocurrencies last year. But in the first four months of 2022, $2.9 billion worth of crypto has already been stolen, with roughly one major theft occurring every week.
The volume of crypto heists has not necessarily changed, but attacks are becoming more devastating, in part due to the rising popularity of Decentralized Finance (DeFi) projects, and the amount of money being poured into these projects.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
Targeting nascent projects
DeFi describes an ecosystem of financial applications that are built on the blockchain. They offer services similar to those available in traditional banks, but are underpinned by peer-to-peer systems. With DeFi, people can take out loans, or earn yield on their investments.
However, with many of these projects not yet fully tested and vetted, they are fast becoming a playground for cybercriminals and fraudsters.
The latest attack hit Beanstalk, an algorithmic stablecoin protocol built on Ethereum and launched in August. The fraudster managed to siphon out $182 million worth of digital assets.
Incidents such as this one emphasize the importance of vetting and code audits. Even projects that have had their code audited by third parties can still end up being abused.
Speaking to the Wall Street Journal, Max Galka, CEO of crypto forensics firm Elementus, said the hacker was following Beanstalk’s stated rules.
“Everything this guy did was consistent with the code,” Mr. Galka said.
However, the attacker managed to find a flaw in the code. With the help of a flash loan from a different DeFi service (a flash loan is similar to a “regular” loan, but the entire process happens almost instantaneously), he managed to buy enough of Beanstalk’s native governance token to earn absolute voting power.
With that power, he voted to withdraw all of the funds found on the protocol, and after returning the flash loan, got away with the difference. Whether or not the affected customers will be reimbursed, remains to be seen.
If crooks aren’t looking for flaws in code, they’re then trying to scam people into giving away their passwords, secret keys, and other credentials, or installing keyloggers or other malware. By assuming the identities of a trusted third party, they often try to trick people into believing they need to urgently address the issue, in order not to lose their funds.