Despite its focus on “decentralizing” its financial mission, so-called "DeFi" concerns are fast becoming a central focal point for attackers, according to industry experts.
As witnessed in previous attacks on decentralized cryptocurrency concerns, cyber thieves are continuing to target decentralized finance (aka DeFi) networks in their quest to capture online and mobile funds outright, as well as the sensitive individual data which could offer access to other legitimate accounts.
Decentralized finance is most commonly associated with cryptocurrencies such as Bitcoin, which use a DeFi-type infrastructure through blockchain to establish their offerings. Reviewing a total of 65 cyberattacks, Bishop Fox found that 9 out of 10 losses came “from unsophisticated attacks ... which points to the lax cybersecurity practices of the sector,” according to Bishop Fox, a Tempe, Arizona-based computer services company.
However, it is not necessarily targeting DeFi-based cryptocurrencies that creates the greatest exposure. With roughly "five [DeFi] attacks per week [in the] last year,” just over half of these intrusions (51%) exploited "smart contracts" bugs, according to the service provider’s research. This still remains troubling for IT security protectors as "smart contracts are essentially records of transactions, stored on the blockchain," per Bishop Fox research.
Decentralized finance systems really came into its own last year, with DeFi based cryptocurrencies nestling into more conservative businesses, and the underlying blockchain technology being embraced for a plethora of activities — and with its rising popularity came the cyberattacks.
“Wallets were emptied, smart contracts stripped, and investors left with dreams and regrets,” Dylan Dubief, a Bishop Fox senior security consultant, wrote about the report. “To understand the risks of these new blockchain technologies and use cases, we analyzed the main hacks that occurred in 2021.”
“The world of decentralized finance is extremely vast, and we can’t be aware of all the projects and all the hacks that may have taken place,” wrote Dubief, adding there have been various "rug pull and exit scams, since both are more a matter of fraud than security weaknesses."
DeFi networks last year experienced roughly five intrusions per month, with particularly pointed attacks hitting in May and December, according to Bishop Fox.
As with other common cyberattacks, “Once an [exploitation] technique is mastered, attackers go through applications to find and hack all those that are vulnerable before developers can patch their code,” according to Bishop Fox. “Chain attacks targeting SmartContracts that have been forked multiple times. Often, if the original application is vulnerable, then all the forks are, too.”
Four out of five of such DeFi attacks "could have been avoided because they originated from the use of vulnerable code or from a fork of projects containing vulnerabilities.”
DeFi intrusions also play to the fact that “users are rarely aware of how SmartContracts work, nor are they able to read their source code," according to the blog. “Unfortunately, this convenience also provides an additional layer — a front end — that can be vulnerable to attack.”