FBI Wants DeFi Platforms To Improve Their Security Measures And Reduce Theft Vulnerabilities
On Monday, August 29, the Federal Bureau of Investigation (FBI) issued a warning over the attacks taking place on decentralized finance (DeFi) platforms. The FBI noted that cybercriminals have been constantly exploiting vulnerabilities in the smart contracts running on the DeFi platform.
Over the last year and so, DeFi platforms have been subject to major attacks. Either the attackers have managed to exploit the cross-chain bridges or the smart contracts. As a result, DeFi platforms have lost hundreds-of-millions of investors’ funds over the last few months.
FBI notes that out of $1.3 billion lost in crypto thefts between January to March 2022, 97 percent of them have been stolen from the DeFi platforms. There’s an increase of 72 percent in DeFi theft in comparison to the last year, and 30 percent from 2020.
The official announcement reads: “The FBI is warning investors cyber criminals are increasingly exploiting vulnerabilities in decentralized finance (DeFi) platforms to steal cryptocurrency, causing investors to lose money. The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors’ cryptocurrency. The FBI encourages investors who suspect cyber criminals have stolen their DeFi investments to contact the FBI via the Internet Crime Complaint Center or their local FBI field office”.
The FBI noted that cybercriminals have been taking advantage of investors’ growing interest in the crypto market. The agency also explains how hackers have been using different methods to steal from DeFi platforms.
One popular method is initiating a flash loan to trigger an exploit in the smart contracts running on DeFi platforms. This has caused the investors and project developers to lose more than $3 million in crypto thefts.
Another one is exploiting a signature verification vulnerability in DeFi platform’s token bridge. This resulted in approximately $320 million in losses.
Another major one is hackers manipulating the crypto price pairs by exploiting a series of vulnerabilities. This includes “the DeFi platform’s use of a single price oracle, and then conducting leveraged trades that bypassed slippage checks and benefited from price calculation errors”. Using this method, hackers have stolen more than $35 million in digital assets.
The FBI has also recommended some precautions that investors should take. This includes researching DeFi platforms na protocols before investing. Furthermore, the FBI says that “Ensure the DeFi investment platform has conducted one or more code audits performed by independent auditors. A code audit typically involves a thorough review and analysis of the platform’s underlying code to identify vulnerabilities or weaknesses in the code that could negatively impact the platform’s performance”.