FBI issues warning after crypto-crooks steal $1.3 billion in just three months
Amid a wave of hacks that have cost investors billions of dollars worth of cryptocurrency, the FBI is calling on decentralised finance (DeFi) platforms to improve their security.
In a warning posted on its website, the FBI said that cybercriminals are increasingly targeting DeFi platforms to steal cryptocurrency, often exploiting vulnerabilities in smart contracts to part investors from their money.
According to the FBI, the increase in attacks has mirrored the rising interest amongst investors in cryptocurrency, as well as “the complexity of cross-chain functionality and open source nature of DeFi platforms.”
The warning couldn’t come soon enough, as there have been a series of thefts involving DeFi platforms – including the $100 million of cryptocurrency stolen from blockchain bridge firm Harmony, the approximately $150 million swiped from hot wallets at cryptocurrency exchange BitMart, and the $130 million worth of tokens stolen from Cream Finance.
A report by Chainalysis, a blockchain analysis firm, claims that cybercriminals stole a staggering $1.3 billion in cryptocurrencies between January and March 2022. Almost 97% of that was stolen from DeFi platforms.
The disproportionate level of theft from DeFi platforms clearly demonstrates that there is a significant problem, and that is why the FBI has advised investors to take the following precautions:
- Research DeFi platforms, protocols, and smart contracts before investing and be aware of the specific risks involved in DeFi investments.
- Ensure the DeFi investment platform has conducted one or more code audits performed by independent auditors. A code audit typically involves a thorough review and analysis of the platform’s underlying code to identify vulnerabilities or weaknesses in the code that could negatively impact the platform’s performance.
- Be alert to DeFi investment pools with extremely limited timeframes to join and rapid deployment of smart contracts, especially without the recommended code (Read more…)
