Cybercriminals are targeting DeFi crypto wallets, FBI warns

Please fol­low and like us:
Pin Share

Cyber­crim­i­nals are increas­ing­ly tar­get­ing decen­tralised finance (DeFi) plat­forms to steal cryp­tocur­ren­cy from investors, the FBI has warned. In an alert the agency says cyber­crim­i­nals are exploit­ing vul­ner­a­bil­i­ties in smart con­tracts that gov­ern these services.

Cybercriminals are increasingly targeting DeFi platforms to steal cryptocurrency from investors (Photo: ArtistGNDphotography/iStock)
Cyber­crim­i­nals are increas­ing­ly tar­get­ing DeFi plat­forms to steal cryp­tocur­ren­cy from investors (Pho­to by ArtistGNDphotography/iStock)

Smart con­tracts con­tain the terms of any agree­ment between a buy­er and sell­er writ­ten direct­ly into lines of code and are self-exe­cut­ing. As the code con­trols the exe­cu­tion, they are track­able and irre­versible once trig­gered. They allow for trust­ed trans­ac­tions and agree­ments between anony­mous par­ties with­out the need for a cen­tral authority.

The FBI warned that crim­i­nals were tak­ing advan­tage of increased inter­est in cryp­tocur­ren­cies, as well as the com­plex­i­ty of trans­ac­tions and func­tion­al­i­ty of DeFi platforms.

This is a grow­ing prob­lem. A study by blockchain analy­sis com­pa­ny Chainal­y­sis found that, between Jan­u­ary and March this year, $1.3bn in cryp­tocur­ren­cies was stolen and 97% of it came from DeFi plat­forms, com­pared with 72% in 2021 and 30% in 2020.

Flash loans were also a prob­lem for DeFi plat­forms. This is where a scam­mer bor­rows a large amount of cryp­tocur­ren­cy for a short time and uses it to manip­u­late the val­ue of a cer­tain token, allow­ing them to then buy up all the gov­er­nance tokens and vote to with­draw any mon­ey avail­able for that DeFi project to their own cryp­to wallet.

In the past year the FBI has observed cyber­crim­i­nals defraud DeFi plat­forms in a num­ber of dif­fer­ent ways, includ­ing one flash loan that trig­gered an exploit in a DeFi platform’s smart con­tracts result­ing in the loss of about $3m worth of cryptocurrency.

DeFi projects a growing target for hackers

Beanstalk Farms became one of the largest vic­tims of this type of attack in April this year. The decen­tralised finance project was hit by an attack­er who mount­ed the hos­tile takeover by buy­ing up enough tokens in the project to take con­trol, then vot­ing to trans­fer tokens worth $182m to their own cryp­to wallet.

Anoth­er instance of a DeFi attack saw cyber­crim­i­nals exploit a sig­na­ture ver­i­fi­ca­tion vul­ner­a­bil­i­ty in an unnamed DeFi platform’s token bridge and with­draw all of the invest­ments, result­ing in approx­i­mate­ly $320m in losses.

Content from our partners
A blueprint for solving merger and acquisition HR challenges
How the retail sector can take firm steps to counter cyberattacks
How to combat the rise in cyberattacks

Manip­u­lat­ing cryp­tocur­ren­cy price pairs by exploit­ing a series of vul­ner­a­bil­i­ties was anoth­er area of attack seen by FBI inves­ti­ga­tors. This includ­ed con­duct­ing lever­aged trades that bypassed checks so that it ben­e­fit­ed from price cal­cu­la­tion errors as a result of the DeFi platform’s use of a sin­gle price ora­cle. This attack led to the loss of about $35m in cryp­tocur­ren­cy, accord­ing to the FBI.

In total web3 projects, includ­ing DeFi plat­forms are thought to have lost about $2b to hacks and scams since the start of this year. That is based on a report by web3 secu­ri­ty com­pa­ny Cer­tiK, find­ing that often these attacks are from nation state-backed groups.

DeFi: keeping crypto wallets safe

“Investors should make their own invest­ment deci­sions based on their finan­cial objec­tives and finan­cial resources and, if in any doubt, should seek advice from a licensed finan­cial advis­er,” the FBI sug­gests, adding that its impor­tant to research the DeFi plat­form, its pro­to­cols and smart con­tracts before invest­ing to be aware of any spe­cif­ic risks involved.

Agency offi­cials also warn poten­tial investors to check the plat­form has con­duct­ed one or more code audits and had that audit car­ried out by an inde­pen­dent audi­tor. These typ­i­cal­ly require a thor­ough review and analy­sis of its under­ly­ing code to look for vul­ner­a­bil­i­ties and weak­ness­es that could impact its performance.

It also warns to “be aware of the poten­tial risk posed by crowd­sourced solu­tions to vul­ner­a­bil­i­ty iden­ti­fi­ca­tion and patch­ing. Open source code repos­i­to­ries allow unfet­tered access to all indi­vid­u­als, to include those with nefar­i­ous intentions”.

The FBI also rec­om­mend­ed a num­ber of pre­cau­tions that DeFi plat­forms could take to reduce the risk of attacks and scams and pro­tect investors.

This includ­ed a need to “insti­tute real time ana­lyt­ics, mon­i­tor­ing, and rig­or­ous test­ing of code in order to more quick­ly iden­ti­fy vul­ner­a­bil­i­ties and respond to indi­ca­tors of sus­pi­cious activ­i­ty” and “devel­op and imple­ment an inci­dent response plan that includes alert­ing investors when smart con­tract exploita­tion, vul­ner­a­bil­i­ties, or oth­er sus­pi­cious activ­i­ty is detected”.

Source link

Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published. Required fields are marked *