FBI Says 'Complexity' Makes DeFi Vulnerable to Hacks

The FBI warned investors on Monday to approach decentralized finance with caution, citing the growing share of crypto hacks that target DeFi protocols.

Pointing to analysis from crypto forensics firm Chainalysis, the FBI said that 97% of crypto stolen in the first three months of 2022 came from DeFi platforms, up from 72% in 2021.

Open Source

The bureau said the vulnerabilities in DeFi platforms stem from the “complexity of cross-chain functionality” and the fact that projects are largely open source, meaning their code is publicly available.

Open-source code makes it possible for white hat hackers to sift through code and identify weaknesses on a project’s behalf, for which those hackers typically earn bounties. But it also means criminals can do the same and exploit DeFi software.

Lucrative Targets

Bridges that allow for the transfer of digital assets between otherwise incompatible blockchains have also proven to be particularly lucrative targets this year. As of Aug. 2, about $2B in crypto had been stolen from cross-chain bridges this year, accounting for 69% of total funds stolen, according to Chainalysis.

The FBI recommended investors steer clear of protocols that have not undergone audits and contact their local Internet Crime Complaint Center in the event they believe their funds have been stolen.