There have been more than $12 billion worth of loss in DeFi, according to a report by Elliptic, a blockchain analytics company.
On my podcast, Unchained, Jess Symington, research lead at Elliptic explains that while only about $2 billion of this is in direct loss, which is the amount directly taken by hackers, the steep drops in the prices of the tokens associated with the hacked protocols accounts for the other $10 billion.
"The biggest cause of loss, or the biggest exploit the hacker takes advantage of, is what we call 'bug vulnerabilities.' That consists of code vulnerabilities, which the hacker takes advantage of to steal the money, or there's an error in the way the protocol was set up in the first place. We call this an 'economic vulnerability,'" says Symington.
For example, she says, in the MonoX hack, the hacker was able to artificially inflate the price of the Mono token and then use that artificial value to purchase all the other assets in the protocol and take the funds.
Hackers also take the private keys for both users as well as for so-called "hot wallets," which are crypto addresses that are connected to the internet, making them easier for hackers to access.
Another category of popular hack is called, in crypto parlance, "rug pulls," in which the developers themselves pretend to be working on a legitimate project, and then, after they've raised money, they pull the funds and stop working on the project.
Since many developers, both legitimate and illegitimate, are accused of executing such scams, Symington explained that the criterion for a true rug pull is one in which the protocol developers themselves abandon their efforts at the same time the hack occurs.
For example, Squid Coin was a coin created based off the popular Squid Game Netflix TV series that took off this past fall. However, at the same time that the value was drained out of that token, the developers said that they did not want to continue working on the project.
As Emin Gun Sirer, the founder of another protocol, Avalanche, tweeted at the time, "99.99% drop on the squid game token. I mean, what did you guys expect? There's nothing behind this coin except it stole its name from a popular show."
Among the various blockchains with DeFi activity, the majority of hacks occur on Ethereum, mostly because it is the most popular chain for DeFi. However, a greater number of hacks this year have also occurred on Binance Smart Chain as well as the layer 2 on Ethereum, Polygon.
In recent weeks, there's been a spate of crypto hacks totalling about $600 million in 14 days. Bitmart, a centralized exchange was exploited for $196 million, Vulcan Forged for $140 million, BadgerDAO for $120 million, and AsecndEX for $83 million. Symington says, "Whenever a hack occurs, we see these sad stories on social media or in Telegram groups of people losing their entire life savings."
Another category of crime that has been rampant this year is ransomware, which made headlines ealrier this year for doing things like shutting down the Colonial Pipeline. Symington says ransomware hackers aren't slowing down much, although they are, in some cases "retiring," or at least pretending to close down, only to reappear under a new name. Meanwhile law enforcement has been having some success, due, of course, to the fact that on these blockchains, the activity is transparent, making it easy to follow the illicit funds.
Once hackers have their ill-gotten gains, they find varying success in being able to cash out. In DeFi crimes, they tend to try to convert to the base currency, such as ETH or BNB, especially if they've stolen stablecoins such as USDC or USDT, because those issuers can freeze those coins. Once the thief has the money in, say, ETH, they will try to use a mixer.
which Ethereum mixing service is most popular
which service on Bitcoin is quite commonly used to launder money
the hilarious reason why, it appears, some thieves don't attempt to cash out
how some criminals actually will cash out at physical venues (and where those are located)
who the hackers tend to be
how DeFi protocols can help prevent future hacks
how Symington says you should try to protect yourself if you want to participate in DeFi
If you'd like to learn more about crypto: