Why are DeFi Protocols a Target for Hackers?

  • Beitrags-Autor:
  • Beitrags-Kategorie:Hacking

Decentralized finance applications, commonly known as DeFi protocols, have significantly increased in popularity in the crypto industry in recent years. They offer innovative financial services such as loans, interest generation, and trading of digital assets, all based on blockchain technology. These platforms aim to replace or at least make traditional financial intermediaries more efficient, providing users with more autonomy and access to financial services. The vision is to also provide immediate access to all financial services for people in developing and emerging countries. However, the rapid rise of DeFi has also attracted the attention of hackers, making this part of the market struggle with a high number of hacks and exploits.

The attractiveness of DeFi protocols to hackers can be attributed to several factors. Firstly, the enormous amounts of cryptocurrencies deposited in these protocols represent an attractive target. Secondly, many DeFi projects are relatively new and untested, making them vulnerable to security loopholes and exploits. Furthermore, the complexity and interoperability of DeFi protocols mean that a single security breach in one protocol can automatically endanger others that might otherwise be considered secure. These vulnerabilities in the security structure of DeFi protocols provide hackers with ample opportunity to find and exploit an attack surface. From programming errors to exploits in protocol logic - the range of potential attack points is diverse. In many cases, these attacks are highly complex and exploit subtle flaws in the design of the protocol.

The increasing number of hacks in the DeFi world underscores the urgent need to improve security practices and raise awareness of risks in this rapidly developing sector. Investors and users of DeFi protocols must be aware of the inherent risks and take appropriate precautions, while developers and operators of DeFi platforms must continually work to strengthen their security measures in order to gain and maintain the trust of users.

In the following, we would like to delve deeper into this topic to explain the causes to you and to provide prevention work.

Why are so many cryptocurrencies deposited in DeFi?

The reason for this can be explained by several key factors that reflect both the uniqueness of the DeFi platforms and the needs and desires of investors.

The most important reason is the fact that certain financial transactions require high liquidity. In professional exchanges, this function is taken over by market makers. However, in DeFi, there are no central middlemen, which is why liquidity must be provided by users. They lend their digital assets so that a market can come into being. The individual protocols work with these funds and, in return, offer decent returns. Through mechanisms like liquidity mining and yield farming, users can invest their cryptocurrencies in DeFi protocols to earn interest and rewards. These returns are often much higher than traditional savings or investment products, providing a strong incentive for investors to deposit their cryptocurrencies in DeFi systems.

Another factor is the increasing diversification and innovation within the DeFi sector. With a growing number of platforms and protocols offering various services such as loans, derivatives, insurance, and decentralized exchanges, users have a wide range of opportunities to effectively and profitably deploy their cryptocurrencies. This variety attracts a broad spectrum of investors, from risk-taking traders to those looking for safer investment forms. Furthermore, the innovation and rapid growth of the DeFi sector play a role. The constant development of new products and services, combined with the rapid adoption of new technologies, makes DeFi a dynamic and attractive sector for crypto investors. This promotes not only the deposit of existing cryptocurrencies but also attracts new investors and new forms of cryptocurrencies. Consider, for instance, the stablecoins that have formed their own market segment in recent years, becoming indispensable and even holding a dominant position.

Thus, it becomes apparent that DeFi cannot do without depositing fantastic sums in the protocols, thereby becoming an equally attractive target for criminals. The market capitalization of DeFi tokens is about 80 billion euros, and the TVL (Total Value Locked) of all protocols is around 53 billion euros (as of December 31, 2023).

Why is it seemingly easy for hackers to crack DeFi protocols?

The vulnerability of DeFi protocols to hacker attacks can be attributed to several key factors that together create an environment that is often tempting and accessible to cybercriminals. One of the main reasons is the technical complexity and novelty of the DeFi platforms themselves. DeFi projects are based on complex smart contracts that run on blockchain technology. These smart contracts are highly complex and can therefore contain unexpected security gaps, especially if they are newly developed or implemented under time pressure. Errors in the programming or design of the smart contracts can be exploited by hackers to withdraw funds or otherwise manipulate the protocols.

Moreover, the DeFi sector is in a constant state of innovation and rapid growth. This rapid development means that security reviews and tests are sometimes not conducted at the same pace as the development of the protocols themselves. This leads to security gaps that hackers can exploit before they are discovered and remedied. This circumstance is exacerbated by the fact that many DeFi projects are experimental and led by smaller teams or startups without the resources for comprehensive security checks. This lack of standardization and professional infrastructure makes new DeFi platforms an easier target for hackers.

Although the developer community tries to protect itself with audits and adhere to standards in software development, enough incidents in the past have proven that auditing the code is not a panacea. In fact, the results of these audits only represent a snapshot and their quality can vary. In some cases, it can even be assumed that developers are merely paying for a seal of quality, which does not provide any real insight into security gaps and deficiencies.

Another factor is the pseudo-anonymity and decentralization associated with blockchain and DeFi. While these properties offer many advantages, they also make it more difficult to track down and prosecute cybercriminals. Hackers can often operate without significant risk of being identified or caught, making DeFi platforms an attractive target. This is true at least at the time of the actual hack. Once they have made a million-dollar heist, they may not be caught immediately, but they have to move very carefully due to blockchain analysis.

What vulnerabilities do hackers exploit?

Essentially, two different attack surfaces can be identified that are used by criminals. While the methods in individual cases can certainly differ, the individual attacks by hackers can be limited to two levels.

Smart Contract Exploits

Smart contracts are the backbone of DeFi platforms, but they are not immune to security risks. Typical vulnerabilities in smart contracts include problems such as reentrancy attacks, in which an attacker repeatedly calls a function of the smart contract before the first call is completed, leading to undesirable effects. Other vulnerabilities include integer overflows, inadequate access controls, and faulty logic that can lead to unexpected behavior.

There are numerous case examples of smart contract exploits. The notorious DAO hack of 2016 is a classic example, in which a reentrancy attack was used to steal about 50 million US dollars in Ether. Other examples include the Parity Wallet Hack and the multiple attacks on the bZx DeFi platform, which also exploited structural weaknesses in the smart contracts of the platforms.

Attacks at the Protocol Level

At the protocol level, attacks are often more complex and involve more sophisticated strategies. A common example is flash loan attacks, in which attackers borrow large amounts of cryptocurrency for a very short period of time and use it to artificially manipulate prices on decentralized exchanges (DEX). By exploiting price differences, they can make considerable profits, often at the expense of other users of the protocol. A flash loan is a very complex process that incurs high fees for the transaction and also requires that the loan be repaid in the same move.

Price manipulation is another common method of attack, in which attackers exploit or manipulate the price feeds that DeFi protocols use to determine the value of collateral and assets. Through targeted trades, they can artificially raise or lower prices, leading to unfair trading conditions or even the collapse of protocols.

The analysis of these attack strategies at the network and protocol level shows how important it is to implement robust security mechanisms and emergency procedures in DeFi platforms. The complexity and innovative character of DeFi offer new opportunities, but they also bring new risks that can be exploited by hackers. This underscores the need for continuous monitoring, regular security audits, and the development of strategies for risk mitigation and response to security incidents.

How can investors protect themselves from DeFi hacks?

To protect yourself from DeFi hacks, it is crucial to take proactive measures and consciously focus on security. First, investors should thoroughly research and only invest in established, well-reviewed DeFi projects that are recognized as safe by the community and experts. It should be noted here that this assessment cannot guarantee results. Even protocols that can be considered safe and established always carry a residual risk. It is important to look out for projects whose smart contracts have been reviewed by independent and reputable security firms. The following 10 firms enjoy a good reputation:

  • Trail of Bits: Known for their expertise in security analysis, they offer comprehensive security audits for blockchain projects and smart contracts.
  • Consensys Diligence: Specializing in Ethereum-based projects, Consensys Diligence provides security audits and consulting for blockchain applications.
  • Certik: Offers security audits and blockchain protocol analyses focusing on identifying and eliminating vulnerabilities in smart contracts.
  • Quantstamp: Another leading firm that focuses on the security of smart contracts, offering tools for automated security verification.
  • OpenZeppelin: Known for their development of secure smart contract libraries, OpenZeppelin also offers security audits and consulting services.
  • ChainSecurity: Specializing in smart contract verification, ChainSecurity provides in-depth analysis and security reviews of DeFi protocols.
  • Hacken: Offers a wide range of cybersecurity services, including blockchain security audits and penetration testing.
  • PeckShield: Focused on the security of blockchain ecosystems, PeckShield provides services for detecting and preventing security risks. PeckShield's Twitter profile also serves as an early warning system for many investors.
  • Sigma Prime: Provides security audits and consulting with a focus on Ethereum and other blockchain platforms.
  • Least Authority: Specializing in privacy and security, they conduct security audits for a variety of blockchain-based projects.

In addition to evaluating providers, investors should always install the latest security updates and patches for their wallets, operating systems, and software to minimize vulnerabilities. Another essential precaution is the use of hardware wallets for storing larger amounts of cryptocurrencies, as these are physically isolated and less susceptible to remote attacks.

Furthermore, it is advisable to be informed about common phishing tactics and fraud strategies and to remain vigilant against suspicious links, emails, or messages. Using two-factor authentication (2FA) wherever possible additionally increases security. Investors should also delve a little into risk management by not placing all their assets in a single DeFi protocol but diversifying their portfolio to spread the risk.

Cryptocurrencies thrive in many ways on their communities. It's important to be part of the community of the protocols you use and to constantly stay informed about the latest developments and emerging security issues. Forums, social media, and the specialist press are useful resources to stay up to date. By combining day-to-day information, adherence to best practices, and active participation, investors can significantly reduce their vulnerability to DeFi-related hacks.

It should be noted again that reduction does not mean that the risks of hacking can be completely eliminated. In fact, this risk is always present, though not to the same extent with every protocol.

I've been hacked and need help, who can I turn to?

If you have fallen victim to a hacker attack, it is crucial to preserve all relevant data. Create backups of your digital wallets and note all essential details of the transactions. We are here to support you in this process. Accurate recording of your crypto transactions and gathering evidence are essential, both for tracking down the perpetrators via blockchain analysis and for asserting your rights. In collaboration with the lawyer Dr. Maisch, Crypto-Tracing focuses on securing evidence to help you recover your money. Dr. Maisch offers legal advice and can represent you in court in Germany if necessary. To tell us about your case, please use our contact form. We will get in touch with you as soon as possible and provide an initial assessment of how you can best proceed.