FBI Issues Warning Regarding Criminal Activities Prevalent In DeFi
- The Federal Bureau of Investigation (FBI) issued yet another public warning on a worrying number of attacks on Decentralized Finance (DeFi) platforms.
- It stated that it observed a massive increase in cyber criminals involved in vulnerabilities in the DeFi space to steal investors’ funds.
On Monday, the Federal Bureau of Investigation issued yet another public warning on a worrying number of attacks on Decentralized Finance (DeFi) platforms, stating that the attackers are taking advantage of bugs in the smart contracts that govern them.
According to the warning published by the agency, it has observed a massive increase in cyber criminals involved in vulnerabilities in the DeFi space to steal investors’ funds.
Cybercriminals want to capitalize on investors’ growing interest in cryptocurrencies, the complexity of cross-chain functionality, and the open-source nature of DeFi platforms.
As per a report published by American blockchain analysis firm Chainalysis, cybercriminals stole $1.3 billion worth of cryptocurrencies between January and March of 2022. This represents a worrying increase from the respective percentages of 72% in 2021 and 30% in 2020.
FBI highlighted three major methods that attackers use to launch attacks in the DeFi space. The first method includes the initiation of a flash loan that triggers an exploit in the platform’s smart contract. This has led to a loss of around $3 million worth of cryptocurrency.
Explaining the second tactic, the FBI stated that criminals exploit “a signature verification vulnerability in the DeFi platform’s token bridge and withdraw all of the platform’s investments, resulting in approximately $320 million in losses.”
Another common method that cyber criminals use is manipulating crypto price pairs by exploiting a number of vulnerabilities and conducting leveraged trades that bypass slippage checks. By this, they benefit from imprecision in price calculations and have stolen almost $35 million in cryptocurrencies in the same time frame.
In addition, the agency recommended several points to investors and DeFi platforms to protect themselves from such attacks. It suggests investors do thorough research on protocols, platforms, and smart contracts before putting their hard-earned money into them. Moreover, it suggested that DeFi users check for code audits and be aware of the “potential risk posed by crowdsourced solutions to vulnerability identification and patching.”
In February, the federal law enforcement agency formed a special team to address the crypto exploitation issue. The FBI has recently issued a public warning against the fraudulent crypto apps floating around the industry.
Notably, DeFi platforms are not the only ones suffering from cyber attacks. According to recent research by blockchain analysis firm Elliptic, between July 2021 and July 2022, more than $100 million are stolen in the form of NFTs.