The biggest DeFi hacks in 2021

in Project HOPE3 years ago

The biggest DeFi hacks in 2021



the-defi-hacks-of-2020.jpg
Image Source

Last year, decentralized finance (DeFi) came into focus as capital locked in smart contracts and decentralized programs increased.

The hackers implemented various programs to infiltrate the platforms and extracted different amounts from each of them.

In this article, I mentioned some of the biggest DeFi hacks in 2021 and the amount of capital stolen from each project.

_Line_Blue.png

Currently, more than 54% of 2021 hacks in the field of digital currencies are related to the DeFi industry.
Compare this to last year's figures, when only 3% of thefts were related to decentralized finance.

The following is a list of DeFi hacks that have cost investors about $1.2 billion this year alone.

Hacked capital (dollars)Project
Exact information is not availableAlchemix (ALCX)
37,000,000Alpha Finance Lab (ALPHA) & Cream Finance (CREAM)
822,000AutoShark Finance (JAWS)
11,000,000bEarn Fi (BFI)
50,000,000Belt Finance (BELT)
Exact information is not availableBondly Finance (BONDLY)
1,500,000BT Finance (BT)
7,200,000BurgerSwap (BURGER)
55,000,000bZx
5,200,000ChainSwap (ASAP)
19,000,000Cream Finance
130,000,000Cream Finance
11,000,000Dao Maker
1,910,000DODO (DODO)
80,000,000EasyFi (EZ)
4,600,000Eleven Finance (ELE)
376,000Force DAO (FORCE)
14,000,000Furucombo (COMBO)
1,300,000Growth DeFi (GRO)
500,000Impossible Finance (IF)
170,000Iron Finance (IRON)
Exact information is not availableLevyathan (LEV)
31,000,000Meerkat Finance (MKAT)
1,560,000Merlin Lab
160,000,000Paid Network (PAID)
200,000,000PancakeBunny (BUNNY)
2,400,000PancakeBunny (BUNNY)
268,000,000Poly Network
25,000,000Popsicle Finance (ICE)
3,950,000Punk Protocol (PUNK)
15,000,000Rari Capital (RGT)
5,700,000Roll
275,000Saddle Finance
248,000SafeDollar (SDO)
30,000,000Spartan Protocol (SPARTA)
3,100,000Sushi
18,039,000THORChain (RUNE)
2,400,000TurtleDex (TTDX)
50,000,000Uranium Finance
Exact information is not availableVenus Protocol (XVS)
Exact information is not availableWild Credit (WILD)
24,500,000xToken (XTK)
11,000,000Yearn Finance (YFI)

When it comes to new technologies such as blockchain and decentralized finance (DeFi), hackers are motivated enough to steal assets.
DeFi is an industry with thousands of different services running on multiple blockchains and interacting with each other.
This emerging industry has created a lot of vulnerabilities in the service layer, which is very attractive to opportunistic hackers.

_Line_Green.png

How do hackers exploit DeFi platforms?


Examining the list of the biggest hacks of 2021, it seems that hackers are exploiting vulnerabilities in private key management protocols and security loopholes in smart contract code.

Use vulnerabilities related to private key management



private-key.jpg

You need a private key to manage your digital assets.
The ability to securely store and transfer assets is only guaranteed as long as the private key is secure.
Once it is compromised, the funds are easily transferred to the hacker wallet; Therefore, preventing the theft of private keys is crucial to maintaining the security of digital assets.

Multi-Party Computation is one of the best ways to secure your private key. This solution is designed to distribute private key switches between multiple systems instead of keeping them all in one Internet-connected system.

Because hacking is associated with a return on investment, if a hacker knows that the account has tens or hundreds of millions of dollars in capital, he or she will pay to drain it.

With MPC, a hacker is forced to target multiple computers instead of attacking one system, which is costly.
But if the return on investment is appropriate, the hacker will carry out the attack.

_Line_Red.png

Use of vulnerabilities related to smart contracts


Another way to hack DeFi services is to use vulnerabilities in the code, which can involve a variety of attacks, including running a function until memory is full and endangering users's locked-in contract capital.

Such vulnerabilities often reflect how smart contracts interact with each other, and smart contracts need to be thoroughly reviewed in the first place.

In contract auditing, developers, with the help of blockchain researchers, select the best ways to implement applications and eliminate errors that could be exploited by hackers.

At present, for decentralized finance, reviewing smart contracts is one of the wisest things to do.

_Line_Green.png

Conclusion


The DeFi ecosystem has many services to offer to traditional financial institutions, and this tortuous path is so important that the threat of opportunistic hackers cannot be ignored.
Fortunately, by adhering to the two security constitutions, decentralized finance projects can greatly reduce their risks.

The first rule is for financial institutions to manage their private keys in the most secure way; To keep most of the assets in cold wallets out of the reach of hackers and to manage only a small amount of assets with MPC to perform high-repetition and automated transactions.

The second rule is to review security breaches.
It both reviews smart contracts and assesses compliance with Rule #1.

plagiarism.png

Sort:  
UpvoteBank
Your upvote bank
__2.jpgThis post have been upvoted by the @UpvoteBank service. Want to know more and receive "free" upvotes click here

gPCasciUWmEwHnsXKML7xF4NE4zxEVyvENsPKp9LmDaFv4G8LmgidwP68hAjxWz6ijyvqwtSAMYySFLdFCUzprPrwAHJV5LhWk9MPss281c2EizfCNS6XgnayfmNBTDVEBG2usiWtijtJoJhbk.jfif
follow-up & voting with comments... @mamraj2020 Thank you very much