Transparency or security: Report analyses reasons behind DeFi hacks

ambcrypto.com:

After a huge year in 2021, hackers are continuing to target Defi platforms in Q1 2022. Chainalysis reported in a recent study about the increasing trend of malicious activities in the current year.

The bounty was indeed not enough in 2021 when hackers managed to steal $3.2 billion in crypto. They have already managed to scam $1.3 billion in Q1 of 2022. While the money was stolen from exchanges, platforms, and private entities, “the victims are disproportionately in DeFi.”

Observing the data below, the developing trend is a worrying one for DeFi communities. The report states,

“Almost 97% of all cryptocurrency stolen in the first three months of 2022 has been taken from DeFi protocols, up from 72% in 2021 and just 30% in 2020.”

Source: Chainalysis

The study also reflects on security breaches that allowed hackers to access victims’ private keys. The $615 million scam on the Ronin Network is one such example. The report confirms this pattern between 2020 and Q1 2022. During this period, 35% of all stolen crypto value is reported due to a security breach.

Source: Chainalysis

However, in DeFi protocols, most scams occur due to faulty coding. “Code exploits and flash loan attacks” account for most of the stolen money from such protocols.

As per the report,

“Code exploits occur for a number of reasons. For one, in keeping with DeFi’s faith in decentralization and transparency, open-source development is a staple of DeFi applications.”

The “transparency” factor helps the hackers to plan exploits by scripting vulnerabilities from the code.

Flash loan attacks are caused because of DeFi reliance on price oracles. “Secure but slow oracles are vulnerable to arbitrage; fast but insecure oracles are vulnerable to price manipulation.” While there