With growing interest among investors in digital assets like cryptocurrency, there has been an exponential rise in thefts and crimes in decentralized finance (DeFi), finds a recent report by Chainalysis, block chain data platform. While the crypto theft rose by more than three times between 2020 and 2021, DeFi theft contributed to this theft the most.
Crypto Theft
| Year | Total Number of Theft | Total Value Stolen |
| 2017 | 19 | $0.5 Billion |
| 2018 | 35 | $1.5 Billion |
| 2019 | 35 | $0.8 Billion |
| 2020 | 117 | $0.8 Billion |
| 2021 | 250 | $3.0 Billion |
Source: Chainalysis (Value Stolen is an approximate of the total amount)
With $2.3 billion in cryptocurrency being stolen from individuals and services in 2021, there was a spike by 1330 per cent in DeFi thefts in 2021, as compared to 2020. Globally, DeFi thefts constitute more than 70 per cent of crypto theft in 2021.
Annual total cryptocurrency value stolen Through DeFi Theft
| Year | Value Stolen |
| 2019 | $100 Million |
| 2020 | $200 Million |
| 2021 | $2.3 Billion |
Source: Chainalysis, (Approx. Value)
In 2020 and 2021, lending platforms such as yield farming protocols endured the largest losses, with $923 million in total stolen funds and 64 theft incidents. Infrastructure services like cross-chain protocols and oracles-as-a-service came in close second, with decentralized exchanges (DEXes) and decentralized autonomous organization (DAOs) reckoning with significant thefts as well.
Factors Leading To The Spike
While block chain ecosystem has always been criticized by cyber experts for poor security measures, DeFi platforms have been the most vulnerable zone, says the report. Here are some of the major reasons that lead to the exponential rise in DeFi thefts in 2021
1. Code Exploitation
One of the major causes of DeFi theft is code exploitation, where can access the code and cause security breach, says the report. In 2021, code exploits accounted for a near-majority of total value stolen across all crypto services at 49.8 per cent and more than 65 per cent of DeFi thefts happen due to code exploitation, as per the report. “Many of the DeFi platforms have been designed on public block chain and many even have open-source code. In that case, it becomes easy for the hackers to access the code and find out ways for security breaches ,” says Bibin Babu, co-founder, Colexion, a blockchain based NFT marketplace.
2. Lack Of Proper Audits
Another leading cause of DeFi thefts is due to improper audits. The report says that lesser attacks happen on platforms that have been audited in the last one year. As per the report, 30% of code exploits occurred on platforms audited within the last year. It also happened because there were likely to have major audit shortfalls. “They may patch smart contract vulnerabilities in some cases and seldom guarantee that platforms’ price oracles are tamper-proof,” states the report.
3. Lack Of Transaction Revocation Process
Experts believe that DeFi platforms become easy target for cyber criminals as the transactions happening on such platforms are irreversible, so there is no way, an investor can ask for refund. “We've seen crypto exchanges hacked and people phished out of all their money – there is no transaction revocation process, the security is miniscule, so naturally the platform became a target for extremely persistent and skilled criminals,” says Kevin Reed, a cyber security expert from Acronis CISO, a cyber data protection firm.
Moreover, lack of validation process makes it even more vulnerable. “DeFi platforms hardly have any validation process to confirm transactions,” says Amogh Tiwari, founder of Deefy, service provider of NFT and credit score management firm.
Precautionary Measures For Investors And Platforms
While the theft is on rise, it is not possible for investors to stop investing in DeFi products nor is it possible for DeFi platforms to stop growing their business. So, here are some of the precautionary measures that could curb down the rate of DeFi thefts.
1. Thorough Research Is Important
Cyber security experts suggest that investors need to do a thorough research about the DeFi platforms before investing. “Awareness and thorough research needs to be seen as the thumb rule before investing in crypto or Defi projects and/or tokens. It is prudent and advisable to transact through reputable centralized exchanges (CEXs) and decentralized exchange (DEX),” says Om Malviya, President, Tezos India, block chain strategy design company.
2. Identify The Red Flag
If a DeFi app or platform doesn’t share their code details, then it should be considered as a red flag and investors should avoid investing there. “Apps that don’t share their code details are anyways should be avoided,” adds Babu.
3. Look For Smart Contract
A smart contract is a digital contract with the security coding of the blockchain, which has details and permissions written in code that require an exact sequence of events to take place to trigger the agreement of the terms mentioned in the smart contract. Experts suggest those who have the basic coding knowledge can even look out for the smart contract of the DeFi platforms before investing there.
4. Full Proof Coding System
Experts suggest that investors should only invest through DeFi platforms which have a full proof coding system. Having a full proof coding system ensures that code can be backtracked, so it is a little challenging for the hackers to create a security breach, assure experts.
