The FBI warned individuals to vet decentralized finance (DeFi) platforms carefully before investing in cryptocurrency. In an advisory released on Monday by the FBI’s Internet Crime Complaint Center (IC3), the federal agency highlighted how cybercriminals are making a killing on the DeFi platforms.
IC3 cited the latest reportOpens a new window from blockchain analysis company Chainalysis that puts the total value of cryptocurrency stolen in Q1 2022 at $1.3 billion. From January through July 2022 (H1 2022), hackers indirectly ripped off individuals $1.9 billion, 97% of which was through DeFi platforms.
During H1 2021, crypto heists amounted to $1.2 billion, thus signifying an increase of just under 60% YoY this year. A cause of concern indeed. Chainalysis believes there are no indications that the cybercriminal activity against cryptocurrency and DeFi platforms will slow down. The Nomad crypto bridge attack in H2 2022 (August) is a prime example. The incident allowed thousands of regular internet users to steal almost $190 million from the system.
Cryptocurrency Theft Data | Source: ChainalysisOpens a new window
One of the major culprits is security gaps in DeFi protocols which cybercriminals love to exploit. Surja Chatterjea, head of product and alliances at Skybox Security, told Spiceworks, “This is the latest urgent reminder that cybercriminals are increasingly targeting known vulnerabilities hiding in plain sight and turning them into backdoors to deploy complex attacks that are increasing at record rates.â€
DeFi protocols, including that of Nomad and others, offer features such as blockchain interoperability, i.e., the ability to transfer and trade cryptocurrency tokens between multiple blockchain networks like Ethereum, Solana, etc.
Users leverage programs called smart contracts that are used to store crypto assets, and that execute when predetermined conditions are met. Smart contracts are complex and exist across decentralized blockchain networks.
See More: Bad Code Update Lets Hackers Steal $190M From Cryptocurrency Bridge Nomad
However, these DeFi protocols are often vulnerable to bugs and fall prey to malicious actors on the prowl for a quick payoff. “If organizations are relying on conventional approaches to vulnerability management, they may only move to patch the highest severity vulnerabilities first based on the Common Vulnerability Scoring System (CVSS),†Chatterjea added.
“Cybercriminals know this is how many companies handle their cybersecurity, so they’ve learned to take advantage of vulnerabilities seen as less critical to carry out their attacks. Skybox Research Lab recently found that new cryptojacking programs were up 75% year-over-year.â€
As notedOpens a new window by the FBI, vulnerabilities were exploited to carry out a flash loan attack that caused losses of $35 million in one incident, and $3 million in another, going up as much as $320 million.
Vulnerabilities are also the reason behind the most prominent crypto incident, the $620 million heist from Axie Infinity’s Ronin Bridge, as well as others, including the $326 million Wormhole heist, the $100 million Harmony heist, the $80 million Fei Protocol heist, and the more recent $190 million Nomad heist, and others.
FBI advised individuals to conduct due diligence of the DeFi platform before investing, which includes considering whether the platform has been audited for its code, smart contracts, and the risk of crowdsourced vulnerability identification.Â
For companies operating in the DeFi space, Chatterjea advised a proactive approach to vulnerability management and quantifying the economic impact. “Proactive approaches to vulnerability management can significantly reduce time and resources spent by threat hunting teams in reactive enterprise-wide searches for indicators of compromise (IoCs) and indicators of attack (IoAs),†Chatterjea explained.
“A mature risk management program explicitly links vulnerabilities with their associated malware names and types (Cryptocurrency MinerOpens a new window , for example) to improve MTTD/MTTR and drive down breach risk across the enterprise. Organizations should ensure they have solutions in place capable of quantifying the business impact of cyber risks into economic impact,†she added.
“This will help them identify and prioritize the most critical threats based on the size of financial impact, among other risk analyses such as exposure-based risk scores. It’s essential for organizations to increase the maturity of their vulnerability management programs to ensure they can quickly discover if they are impacted by vulnerabilities and how urgent it is to remediate.â€
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!