In 2021, cybercriminals had a banner year, seizing $3.2 billion worth of cryptocurrencies. This number is sure to be surpassed in 2022 according to the latest study from Chainalysis, the popular blockchain data and analytics firm. According to the data, hackers have stolen $1.3 billion from exchanges, platforms, and private companies in the first three months of this year, with the victims predominantly found in DeFi.

Source: Chainalysis The DeFi protocols were the hardest hit, accounting for almost 97% of all stolen cryptocurrencies in the first three months of 2022, up from 72% in 2021 and just 30% in 2020. DeFi platforms have been targeted by 7 of the 10 biggest attacks in the last fifteen months. The seven DeFi attacks resulted in a loss of $1.6 billion, while the three exchange attacks resulted in a loss of $960 million.

Source: Chainalysis

How have hackers exploited Defi platforms?

Security breaches in which hackers gained access to victims’ private keys, the cryptographic equivalent of pickpocketing, were the primary cause of cryptocurrency attacks in the past. The Ronin Network hack in March 2022, which resulted in the theft of $615 million in cryptocurrency, demonstrated the continued effectiveness of the technique. Security breaches resulted in 35% of the value of all cryptocurrencies being stolen from 2020 to Q1 2022. According to Chainalysis, the most common source of theft is incorrect coding. Outside of the Ronin attack, code exploits and flash lending attacks, a kind of code exploit that involves cryptocurrency price manipulation, accounted for the majority of the money taken.

Source: Chainalysis Code exploits can occur for a variety of reasons. On the one hand, open source development is a cornerstone of DeFi applications, in accordance with the company’s belief in decentralization and opening up. This is a significant and generally beneficial trend: because DeFi protocols do not require human intervention to transfer funds, users should be able to audit the underlying code to trust the protocol. Cybercriminals, on the other hand, benefit from this as they can examine scripts for vulnerabilities and design exploits in advance. 30% of code exploits and 73% of flash lending attacks occurred on audited platforms in the last year.

Source: Chainalysis

How do hackers launder stolen cryptocurrencies?

More stolen money went to DeFi platforms (51%) and dangerous services (25%) in 2021 than ever before. Previously a popular destination for stolen assets, centralized exchanges have fallen out of favor, garnering less than 15% of the total. This is most likely due to exchanges adopting AML and KYC protocols, which endanger the anonymity of cybercriminals. This year, Chainalysis added a new category to reflect what could be the first among cryptocurrency exchange hacks we’ve seen: chargebacks. The criminal behind the $600 million Poly Network hack returned $613 million in stolen assets in August last year and turned down a bug bounty offer.

Source: Chainalysis The risk of exploitation grows as the total value locked in DeFi rises to new all-time highs: $256 billion at the most recent peak. The need for smart contract security and price oracle accuracy is one takeaway from the exponential rise in thefts from DeFi systems. Code audits, decentralized Oracle vendors, and a more rigorous approach to platform security may be the most effective ways to achieve this goal. Fortunately, blockchain analytics can help even if these processes fail and cryptocurrencies are taken. Investigators who have a complete picture of how money moves from one address to the next can take advantage of opportunities to freeze or seize assets in transit, preventing criminals from getting paid.