Unlike previous years, cryptocurrency news in 2020 did not dominate major stock market hacks and theft of $ 1 million in bitcoins. There are still quite a few, however, most of which originated in the emerging decentralized financial sector.
DeFi was one of the cryptocurrency market’s biggest drivers in 2020, and there is a reason why the new economic landscape is turning into a magnet for fraudsters and hackers. Big, unaudited smart contracts along with cloned code were a recipe for vulnerabilities and exploits, and often resulted in the plunder of millions of dollars in digital assets.
A CipherTrace report released in November 2020 states that DeFi acquired more than 45% of all theft and piracy during the first half of the year, resulting in a loss of over $ 50 million. According to the report, this number increased to 50% of all thefts and robberies in the second half of the year. Speaking with Cointelegraph, CipherTrace CEO Dave Jevans warned of a possible regulatory framework: “DeFi hacks now account for more than half of all cryptocurrency hacks in 2020, and this trend has gained interest from regulators.”
He added that regulators are concerned about non-compliance with anti-money laundering requirements: “The stolen money in the biggest hack of 2020 – a $ 280 million KuCoin hack – was laundered using DeFi protocols.” Jevans also believes that by 2021, regulators will likely clarify the measures DeFi protocols must take to avoid the consequences of non-compliance with AML and Capture the Flag and potential penalties.
Replace breakthroughs in 2020
The KuCoin hack occurred in late September when EGX chief Johnny Liu confirmed that the robbery had affected the company’s Bitcoin, Ethereum and ERC-20 hot wallets following the leak of private keys.
In early October, KuCoin said it had identified the suspects and formally brought the police into the investigation. In mid-November, the Singapore Exchange announced that it had recovered 84% of stolen cryptocurrencies and had resumed full service on most of its traded assets.
There have been other exchange hacks this year, but KuCoin has been the largest. In February, the Italian exchange Altsbit lost nearly all of its money in a $ 70,000 hack and two other minor violations of the cryptocurrency stock market. By October 2020, 75 central currency exchanges were closed for various reasons, one of which was a breach.
DeFi Hacking and Exploiting 2020
With billions of dollars invested in and reused DeFi protocols, the emerging landscape has become a hotbed for hackers. The first major theft occurred in 2020 on lending platform DeFi bZx in February, when two uses of flash credit resulted in a loss of nearly $ 1 million in user funds. Flash credit is when a cryptocurrency is borrowed and repaid in a single transaction.
BZx froze operations to prevent further losses, but this sparked a wave of criticism from industry watchers who argued that it was ultimately a central platform that could be “DeFi’s death”.
Markets collapsed in March and resulted in several side liquidations, especially for the Makers MKR token, but these were not breakouts. The following event occurred a month after the attack on a rolled-up version of Bitcoin called imBTC using the standard code re-entry method ERC-777. The attacker managed to steal the full value of Uniswap’s cash pool, which at the time was estimated at $ 300,000.
In April, the Chinese lending platform dForce was depleted due to the same usage. The hacker repeatedly increased his ability to borrow other assets and received about $ 25 million in funds.
In June, the exploitation was discovered in Bancor smart contracts, resulting in a leak of up to $ 460,000 in tokens. An automated market maker from DeFi said it distributed a new version of the smart contract that addresses the vulnerability.
Balancer was the next $ 500,000 DeFi protocol to be used on encapsulated ether that was looted from its liquidity pools through a well-planned balancing attack. During the attack on the vulnerability that the Balancer team already seemed to know about, a series of flash credits and symbolic arbitrage swaps.
The breach wasn’t another hack, but bZx appeared in the news again in July with the sale of a questionable token controlled by robots who place purchase orders in the same blocks that marked the start of the token generation event. The attackers confiscated a surplus pump valued at about half a million dollars.
DeFi’s Opyn alternative became the next victim in August when hackers used ETH Put contracts worth over $ 370,000.