The research firm CipherTrace assessed losses of DeFi protocols as a result of malicious actions in 2020. Almost $100 million was stolen from DeFi protocols, and the entire crypto industry lost $468 million due to attacks.
In the first half of 2020, DeFi protocols accounted for 45% of all thefts and hacks, or $51.5 million (40% of the value of thefts and hacks in the crypto industry). In the second half of 2020, DeFi protocols accounted for 50% of all thefts and hacks, or $47.7 million (14% of the value of all thefts and hacks in the crypto industry). This is stated in the new study by CipherTrace. Thus, since the beginning of 2020, as a result of thefts and hacks, DeFi protocols lost $99.2 million. That is 21% of the value of all thefts and hacks in the entire crypto industry.
In 2020, the damage from hacking attacks in the entire cryptocurrency industry amounted to $468 million. KuCoin case is called the largest hack of 2020, with $281 million stolen from the exchange. Attackers laundered these funds through DeFi protocols.
The USD value locked into DeFi grew exponentially in 2020, creating new potential money laundering risks as hacked DeFi protocols make up the majority of crypto theft in 2020, and decentralized exchanges became a way to launder assets stolen from KuCoin.
“DeFi protocols are permissionless by design, meaning they often lack any clear regulatory compliance and anyone in any country is able to access them with little to no KYC information collected. As a result, DeFi can easily become a haven for money launderers. <...> DEXs have no way of freezing funds like a centralized exchange; instead, this power lies with the individual DeFi projects themselves. However, if the proper steps aren’t taken to ensure the security of the smart contracts on which many DeFi projects rely, it is likely that DeFi will only continue to suffer from the consequences resulting from inadequate AML and security,” the report said.
According to CoinGecko, as of the end of October 2020, $14.2 billion was locked in DeFi protocols. This is eight times more than was blocked in decentralized finance protocols at the beginning of the year. This exponential boom also stimulated attention of cybercriminals and scammers to DeFi.
The study also quotes Olaf Carlson-Wee, founder and CEO of Polychain Capital:
“I do think it scares me a little bit how much capital is being dumped into contracts that are unaudited. I think that getting security audits is, overall, an important part of maturing any one of these systems.”
As DeFi continues to grow, it is likely that DeFi projects could fall under the purview of global regulators. The FATF already views decentralized exchanges as financial service operators, and FinCEN applies the same regulatory requirements to DEX as it does to bitcoin ATMs.