The crypto theft problem is getting worse and worse
Crypto heists are getting bigger
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Almost as much cryptocurrency has been stolen this year as in the entirety of 2021, new analysis suggests.
According to blockchain market analysts at Chainalysis, thieves and fraudsters stole $3.2 billion in various cryptocurrencies last year. But in the first four months of 2022, $2.9 billion worth of crypto has already been stolen, with roughly one major theft occurring every week.
The volume of crypto heists has not necessarily changed, but attacks are becoming more devastating, in part due to the rising popularity of Decentralized Finance (DeFi) projects, and the amount of money being poured into these projects.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Targeting nascent projects
DeFi describes an ecosystem of financial applications that are built on the blockchain. They offer services similar to those available in traditional banks, but are underpinned by peer-to-peer systems. With DeFi, people can take out loans, or earn yield on their investments.
However, with many of these projects not yet fully tested and vetted, they are fast becoming a playground for cybercriminals and fraudsters.
The latest attack hit Beanstalk, an algorithmic stablecoin protocol built on Ethereum and launched in August. The fraudster managed to siphon out $182 million worth of digital assets.
Incidents such as this one emphasize the importance of vetting and code audits. Even projects that have had their code audited by third parties can still end up being abused.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Cryptocurrency crime hit an all-time high in 2021>Hackers are minting their own crypto to use in elaborate phishing scams>This fake crypto exchange has swindled millions from its victims
Speaking to theWall Street Journal, Max Galka, CEO of crypto forensics firm Elementus, said the hacker was following Beanstalk’s stated rules.
“Everything this guy did was consistent with the code,” Mr. Galka said.
However, the attacker managed to find a flaw in the code. With the help of a flash loan from a different DeFi service (a flash loan is similar to a “regular” loan, but the entire process happens almost instantaneously), he managed to buy enough of Beanstalk’s native governance token to earn absolute voting power.
With that power, he voted to withdraw all of the funds found on the protocol, and after returning the flash loan, got away with the difference. Whether or not the affected customers will be reimbursed, remains to be seen.
If crooks aren’t looking for flaws in code, they’re then trying to scam people into giving away theirpasswords, secret keys, and other credentials, or installing keyloggers or othermalware. By assuming theidentitiesof a trusted third party, they often try to trick people into believing they need to urgently address the issue, in order not to lose their funds.
ViaWall Street Journal
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
How to turn off Meta AI
