Decentralized finance (DeFi) is a system that allows for financial products to become available on a public, decentralized blockchain network. Instead of going through intermediaries — such as banks or brokerages — buyers, sellers, lenders, and borrowers can interact peer to peer through DeFi when facilitating transactions.

According to the recent Atlas VPN team findings, DeFi-related hacks make up 76% of all major hacks in 2021. In addition, many fraudsters have started fake DeFi projects to benefit from the crypto industry hype.

The data is based on the Cryptocurrency Crime and Anti-Money Laundering Report released by CipherTrace in August 2021.

Even though the first Ethereum-based protocol (MakerDAO ) for DeFi was released in 2017, hacks abusing the system were not recorded until 2020. In 2019, money lost to hacks was mostly from phishing, ransomware, and other cyberattacks.

A year later, in 2020, DeFi hacks made up one-quarter of all funds lost to hacks that year — $129 million. One of the biggest DeFi hacks that happened last year was the attack on Harvest Finance. Cybercriminals exploited the crypto asset management platform via a flash loan attack that resulted in a loss of over $24 million.

In the first half of 2021, DeFi hack losses have reached $361 million, surpassing last year’s total losses by 180%. 

DeFi protocols could get hacked because of various reasons. Many DeFi projects get hacked because of developer incompetence, which causes coding mistakes that hackers can abuse. Other cybercriminals can take out a flash loan and manipulate the token price to hack the DeFi protocol.

DeFi Crime Is on the Rise

All DeFi crimes generally fall into one of the two categories: outside agents hacking the DeFi protocol or a rug pull conducted by insiders. Even though hacking is more prevalent among cybercriminals, few social media influencers have been getting into rug pull scams and manipulating their audiences.

DeFi fraud and hacks combined for a total of $474 million lost in the first half of this year. As established before, DeFi hacks made up $361 million of the total loss, and $113 million was stolen by DeFi fraudsters.

Many rug pull scams heavily rely on marketing to draw in a ton of investors to run the price up. Often developers of such projects will use social media and influencers to promote their token to an unsuspecting audience.

The crypto industry has generated a lot of excitement; however, many newcomers are unaware of the risks. Lack of regulation in the crypto industry allows cybercriminals to thrive either by hacking less secured DeFi projects or by carrying out rug pull scams. For DeFi to become more legitimate, it is essential to establish security and business regulations.