Three billion USD in crypto stolen in half a year

 At least 30 major crypto-related attacks have been carried out in the past half year, causing nearly three billion USD in damage.


The latest wave of attacks against blockchain platforms was Beanstalk Farms last week. In just 13 seconds, hackers took advantage of a vulnerability in the fast lending system and took away nearly 80 million USD worth of money.

After the crash, the value of Bean, Beanstalk's token, dropped from 1 USD to 0.6 USD before returning to near the old level. However, according to Coinmarketcap, this digital currency almost no longer records in terms of trading volume.


According to Rekt, which monitors crypto-related security issues, the Beanstalk attack is the fifth-largest crypto theft in history. The biggest case happened last month related to the game Axie Infinity, when hackers exploited the vulnerability of the Ronin bridge and stole more than 600 million USD.


At least four other DeFi platforms were also attacked in the weeks before the hackers targeted Beanstalk and Ronin. On March 21, exchange platform Li Finance became the target of hackers, causing the wallets of 29 users to be stolen with a total of $600,000 in cryptocurrency. Previously, on March 14, Agave - a Gnosis on-chain lending application belonging to the Aave protocol, and Hundred Finance - a multi-chain lending project and an arm of Compound specializing in open financial applications, were also compromised. and took away an estimated $11 million. In February, the DeFi Wormhole project was also broken into by an attacker and took $320 million worth of tokens.


According to Rekt, the frequency of attacks against blockchain platforms in the past half year and the previous period is about the same. However, the amount stolen skyrocketed. Since August of last year, 37 hacks have been carried out, taking away $2.9 billion worth of cryptocurrency. This number is close to Chainalysis's statistics for the whole year of 2021 of $3.2 billion.


"Hackers are finding ways to exploit vulnerabilities to steal increasingly large amounts of money, especially in DeFi decentralized finance projects," said Max Galka, CEO of crypto-research firm Elementus. review. "Hackers tend to target new, immature and fully calibrated protocols."


According to Chainalysis, the open-source nature of DeFi projects is what makes them attractive to hackers. Hackers can spend a lot of time examining publicly uploaded code for weaknesses. "Even with well-reviewed platforms, vulnerabilities still exist. Therefore, the companies behind DeFi protocols need to take a more holistic approach to security," the Chainalysis expert recommends. fox.


According to this blockchain data analysis company, most attacks take advantage of uneditable error codes. In the Beanstalk case, for example, the hacker exploited a vulnerability in the decentralized autonomous protocol (DAO), then made a flash loan of $1 billion for voting rights, and finally took over the token.


"Ironically, hackers don't violate Beanstalk's principles. That means their system is having a lot of problems," Galka said. "In current DeFi projects, there are many models like Beanstalk that exist and face the risk of being compromised."

Previous Post Next Post