If you have the impression that cryptocurrency thefts on decentralized finance platforms are more and more frequent, you have been right. As the Engadget site reports, recently the FBI issued a warning to investors citing an increase in the number of incidents.
According to the Federal Bureau of Investigation, cybercriminals are increasingly exploiting loopholes in decentralized finance to steal crypto, causing losses for investors. More precisely, they take advantage of vulnerabilities found on smart contracts or smart contacts.
In its document, the FBI recalls what a smart contract is: a contract that runs on its own, since the terms between the buyer and the seller are directly written in the code, which is registered in the blackchain.
And according to this one, cybercriminals are taking advantage of the growing interest in crypto, as well as “the complexity of cross-chain functionality and the open source nature of DeFi platforms. »
Between January and 2022, the equivalent of $1.3 billion in cryptocurrency has been stolen. And 97% of this sum was stolen from decentralized finance or DeFi platforms, according to Chainalysis data relayed by the FBI.
In 2021, this rate was 72%. And in 2020, it was 30%. For its part, the FBI has also observed crypto thefts in which hackers have stolen several million dollars by targeting flaws in smart contracts. During one of these thefts, the losses were assessed at 320 million dollars.
DeFi: crypto thefts on the rise, the FBI publishes its recommendations
Advice from the US Investor Service:
- “Research DeFi platforms, protocols and smart contracts before investing and be aware of the specific risks associated with DeFi investments. »
- “Make sure the DeFi investment platform has completed one or more code audits performed by independent auditors. A code audit typically involves an in-depth review and analysis of the platform’s underlying code to identify any vulnerabilities or weaknesses in the code that could negatively impact platform performance. »
- “Be mindful of DeFi investment pools with extremely short join times and rapid deployment of smart contracts, especially without the recommended code audit. »
- “Be aware of the potential risk posed by crowdsourced solutions for identifying and remediating vulnerabilities. Open source repositories allow unfettered access to all individuals, including those with nefarious intentions. »
The FBI also released two recommendations for DeFi platforms. This advises to put in place a monitoring mechanism that allows suspicious activities to be identified more quickly and to create a plan to be executed in the event of an incident (which includes notifying investors when suspicious activity is detected). .