This year, more than $1 billion worth of crypto has been stolen by criminals.
Multimillion-dollar losses were caused by attacks on Crypto.com in Jan, Wormhole February, and Ronin Network last Month. Experts in cybersecurity say hackers often target Decentralized Finance, or DeFi, platforms that have weak security. DeFi services are usually built on public blockchains. This allows users to trade crypto back-and-forth without the need of an established financial institution such as a bank or credit union.
"We should expect these kinds of [sophisticated] attack to continue increasing, as more criminal organizations develop DeFi-hacking capabilities in-house," Mitchell Amador (CEO at cybersecurity auditing company Immunefi), said Yahoo Finance earlier in the month. These types of attacks are also more lucrative as DeFi grows in size.
Last week, an unknown hacker robbed Beanstalk Farms of $182 million. This was the fourth largest hack on a DeFi service. PeckShield is a Chinese blockchain security company. They used a flash loan to exploit security flaws in Beanstalk. Flash loans are unsecured loans that do not require collateral and can be used smart contract to repay the loanee by the end of the transaction. This is usually in seconds or minutes.
A large amount of the $182million that was drained went towards fees on exchange platform such as Uniswap or Aave used in the attack. The culprit eventually took home 24,830 ether and 36,000,000 BEAN tokens. Officials at Beanstalk stated in a blog post that hackers took $76 million from users' crypto holdings. Beanstalk launched in August and it is not clear if they were able to recover the stolen cryptocurrency.
PeckShield claimed that the hacker used Tornado Cash to transfer the stolen cryptocurrency anonymously.
Users have reached out to Beanstalk since the attack with suggestions for tightening security. Beanstalk stated in a blog post that they are taking these thoughts into account and "is preparing strategies to safely relaunch a more secure Beanstalk, with a path forward."
According to Immunefi hackers have already stolen more than $1.2B in crypto from DeFi platforms in this year. This is compared $154M in 2021's first quarter. According to data, Chainalysis, hackers stole $162 million worth of crypto from DeFi platforms in 2020.
Chainalysis reported that there has been a significant increase in DeFi protocol usage for laundering illicit funds. This practice was first seen in 2020, but it became more common in 2021. "DeFi protocols saw the greatest growth in money laundering usage at 1,964%."