Per a report from blockchain security firm Peck Shield, the DeFi sector has been under attack with a profitable season for bad actors. The total amount extracted from different crypto projects has already surpassed the total recorded last year.
The security firm claims that around $1,57 billion have been obtained from hackers and other bad actors over the past months. This represents a $400 million increase from the $1,55 billion stolen in 2021, as the chart below shows.
Source: Peck Shield The security firm registered the BeanstalkFarms, the Fei protocol, and Aku Dreams exploits as some of the worst in the DeFi sector. Almost $300 million have been stolen from these projects between January and April 2022.
Axie Infinity’s Ronin bridge was one of the worst in the entire crypto industry. Hackers managed to drain the project from over $600 million by exploiting a vulnerability within the platform’s nodes.
The sector has always been vulnerable to attacks due to its open-source nature, and because of the lack of deterrents for bad actors. Unlike stealing from a bank, a centralized exchange, or a traditional entity, taking money from DeFi protocols pays big with possibly no consequences.
As Bitcoin has been reporting, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the U.S. Treasury Department, and other agencies alerted the industry of these attacks.
Per an official document, a rogue nation could be sponsoring bad actors to specifically target DeFi and crypto-based companies. These efforts are believed to be led by the organization called Lazarus Group, BlueNoroff, Stardust Chollima, APT38, and others.
These bad actors are using a variety of methods to exploit vulnerabilities across the space. Therefore, the uptrend in the number of attacks on the DeFi sector could continue.
example of the sneaky malicious emails and messages designed to trick you. mostly crypto / Lazarus / Bluenoroff / North Korean APT. 🎣 pic.twitter.com/m3w4fgpdIz
— Taylor Monahan 🦊💙 (@tayvano_) April 19, 2022
How To Protect Yourself From Future DeFi Hacks?
Despite the recent increase in these attacks in 2022, the bad actors seem to have been trying to target the industry for a while back. On November 23, 2021, cyber security firm Kaspersky released a report and warned about this trend.
Called “Cyberthreats to financial organizations in 2022”, the firm classified the industry as “attractive” for cybercrime groups. As transactions occurred online, these bad actors have a lot of incentives to target these projects. The firm said:
not only cybercrime groups but also state-sponsored groups who have already started targeting this industry. After the Bangladesh bank heist, the BlueNoroff group is still aggressively attacking the cryptocurrency business, and we anticipate this activity will continue.
In addition, the security firm predicts an increase in fake hardware wallets with backdoors to the user´s funds. Kaspersky believes there probably aren’t enough “reliable and transparent security assessments” to verify the safety of the projects or hardware in the crypto industry.
However, there are companies that provide their users with a variety of measures to, in the case of wallets, verify their legitimacy. Some DeFi projects also recommend their users to double-check if they are using the correct website, keep their private keys in lockdown on a secure location, and other measures to preserve their security.
At the time of writing, Ethereum (ETH) trades at $2,800 with sideways movement in the last day.
ETH moving sideways on the 4-hour chart. Source: ETHUSD Tradingview
