As web3 and NFT products keep growing, the decentralized application (dApp) ecosystems expand and integrate with multi chain solutions. Crypto wallets play an essential role in this integration process and help dApp users sign transactions and safe keep assets. Online wallets (also called hot storage wallets) sometimes supplement email-based login and social login. Because of the fast growing adoption of digital assets, wallet solutions and platforms that connect to them became an obvious target for malicious actors.
Looking back at the rest of this year it is essential to prepare for what’s ahead in the digital assets space. One crucial aspect of getting ready for after the bear market growth is looking at hacker activities and recent trends in the wallet security space. After all, crypto is becoming more institutionalized, bringing more risks into the industry with all the big players allocating their capital to Decentralized Finance (DeFi) solutions.
Back in 2019 hackers mostly attacked centralized crypto exchanges. Nowadays those platforms have advanced Know-Your-Customer (KYC) and Anti-Money-Laundering (AML) tools in place and DeFi protocols became the new target. Let us dive deeper into this year’s examples of various DEFi hacks.
The DeFi protocols had over $700 million worth of assets stolen across 11 protocols in October alone, according to Chainalysis. The overall loss from various hacker attacks this year appears to be over $3 billion. Despite the bear market, digital assets remain money-making projects that attract malicious actors looking for quick gains.
The year started with a significant amount of over $300 million worth of ETH stolen from a cross-blockchain bridge platform called Wormhole. Such bridges typically work by taking a digital coin and locking it in a contract to issue another asset on the bridged chain. When a hack like this happens, the main concern of users is whether their assets still remain backed by the platform.
The biggest hack in 2022 so far happened right after Wormhole in March. The popular gaming platform Axie Infinity lost over $600 million because of a fake job description that one of their developers opened. The employee downloaded the file on the work computer, which enabled the hackers to corrupt four token validators and one Axie DAO validator.
Later in April a flash loan was used to drain over $180 million worth of funds from a DeFi platform called Beanstalk Farms. This type of loans is used to borrow large amounts of digital currencies for minutes. They are meant to provide liquidity or take advantage of price arbitrage opportunities. The hackers gained a 67 percent voting stake in Beanstalk by using a flash loan to borrow and exchange assets into the governance token of the platform.
A smaller, yet significant, phishing attack led to $8.6 million in losses for liquidity providers of Uniswap. Hackers performed a phishing attack where they tricked the decentralized exchange’s users into clicking an airdrop link. As a result, the malicious actors gained access to more than 7,000 Ethereum addresses.
In August, a DeFi cross-chain bridge called Nomad was hacked for over $190 million. The platform’s total value locked (TVL) went down from $190,740,000 to $1,794 in just a few hours. The hack happened due to an implementation bug in a smart contract upgrade which caused the failure of messages authentication. When the attackers found this flaw in Nomad’s code, they started draining funds from the platform. This attracted other hackers to use the same transaction calldata. The hack was implemented almost as a “copy and paste” action from multiple attackers.
Later in September an algorithmic market maker Wintermute lost $160 million worth of assets. The attackers leveraged a bug in the Wintermute’s smart contract and gained access to over 70 different tokens. The hacker wasn’t identified, however, it was suspected that the attack came from Wintermute’s internal employees.
Introducing better and more compliant KYC and AML solutions is perceived to be the number one remedy for enhancing wallets security across the industry. Wallet history checks provide tremendous help in assessing the hackers discovery process. Once there is any chance of tracking down who wallets belong to, the stolen funds could potentially be returned.
Furthermore, DeFi companies keep hiring top talent for their security teams to withstand hacker attacks on a 24/7 basis. Every month there are new ways hackers get around the bult-in security of DeFi applications due to the novelty of the business itself. Getting to a better security level is only a matter of observing the latest attacks and analyzing how they could have been prevented.
For cases like the Beanstalk attack, it is believed that one of the preventive measures is the one-day delay in enacting even emergency governance proposals. The voting power adjustment mechanism has to be carefully revised by DeFi projects in order to prevent granting malicious actors the means to control the platform itself.
Unfortunately, all the hacks from the past few years undermined investors' confidence. However, the growing number of service providers with security tools give the industry hope. Defi projects now prioritize the security of their product over its efficiency and feature development. Knowing that they will stay long in the game due to enhanced security, transparency, and compliance with regulation keeps DeFi projects accountable and forward-thinking.