DeFi rising popularity since 2019 has seen the emerging market segment become a target for hackers as well as opportunistic profiteers.
In line with an official report by crypto research company Messari, DeFi protocols have lost about $284.9 Mln to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, consistent with data from DappRadar.
Almost half the DeFi hacks covered within the Messari report were flash loan attacks, offering additional evidence of it being the foremost popular exploit vector within the DeFi landscape. Indeed, many of the main DeFi “hacks” are flash loan attacks that sometimes cash in of temporary defects in price oracle feeds.
While cryptocurrency hacks declined earlier in 2020, DeFi accounted for over half the attacks recorded during the year. Within this year in 2021 thus far, Alpha Homora and Cream Finance made headlines after both protocols had fallen victim to rogue actors with the earlier suffering the single-largest hack in DeFi history, losing $37.5 Mln.
The Alpha Homora incident also put the standard of smart contract auditing into question, as long as leading smart contract auditing outfits like Quantstamp and PeckShield reviewed the project’s codes.
DeFi hacks aren’t only restricted to the Ethereum chain as the Binance Smart Chain environment is additionally clocking similar incidents. With growing activity on BSC, DeFi protocols on the network have also fallen victim to rogue actors employing familiar attack vectors
As reported earlier, Uranium Finance, a BSC-based automated market maker platform, lost $50 Mln to a hacker. The attacker exploited bugs within the project’s smart contract and was able to siphon funds during a planned token migration event.