The amount of money lost on DeFi from hacks and scams has grown from $1.5 billion in 2020 to $10.5 billion in 2021, according to a report by Elliptic, a cryptoasset risk management firm.
The sector has over $250 billion in digital assets flowing through its networks.
But increased popularity – not to mention expansion from Ethereum to networks such as Solana and Binance Smart Chain – also means DeFi has more funds to steal, even as many projects struggle to keep up with the swiftly moving sector.
As recently as June 2020, that figure was less than $1 billion.
Increased use of protocols, as well as rising prices for the underlying coins and governance tokens that power them, has created a virtuous cycle for those deeply invested in the space.
According to Elliptic, young startups are the most vulnerable due to lack of cutting edge cybersecurity. The report also says that hackers are drawn to DeFi because crypto transactions are irreversible.
Hackers include individuals and nation states. The report also notes that some creators add backdoors to their programs which aid in stealing user funds.
According to Elliptic:
- In the past 2 years, $2 billion has been stolen directly from decentralized applications. This has attributed to an additional $10 billion in losses and declining token value as a result of fraud or theft
- The vast majority of losses from the last 2 years, $8.6 billion, have come from Ethereum
- Binance Smart Chain protocols have been responsible for $2.5 billion in losses since 2020
- Lending protcols are responsible for over 1/3 of losses. These protocols are just as vulnerable to code exploits as they are to economic exploits. For example, flash loans in which users borrow large sums, manipulate market prices to create an arbitrage opportunity, then pay back the money